Sign me up for the ELM Bulletin (click here)
 

Return to the ELM Bulletin Index

 

See what our client's say about us
 

Email this website to someone you know
 
Site Map
 
 
Locations of visitors to this page

 

Date: April 30, 2007

Subject: Evil Twin Hotspots

 

Notebook computers are the fastest growing segment of the computer industry. Later this year notebook sales are expected to surpass desktop computer sales. The primary draw of a notebook computer is the ability to have useful computer power and connectivity with you wherever you want to work. With that convenience, however, is an emerging threat to wireless users: Evil Twin Hotspots.

 

What Is An Evil Twin? - In the Star Trek episode "Mirror, Mirror" Captain Kirk and his crew encounter "evil" twins of themselves. At one point in the show Captain Kirk's Evil Twin is able to assume Kirk's place on the Enterprise, due to his being the "real" Captain Kirk's identical twin. Since everyone "knew" that he was the "real" Captain Kirk he was able to gain complete control of a valuable asset which he could then use for his own purposes.

 

The concept of Evil Twin exists for wireless hotspots as well. In this case, however, the Evil Twin is a wireless access point set up near a well established public hotspot (such as at a coffee shop, public library or university), mimicking its identity and appearance so that users of the legitimate network will unknowingly use the Evil Twin to access the Internet and thereby allowing the Evil Twin to have full access to the user's computer.

 

What Does An Evil Twin Do? - At its simplest an Evil Twin is designed to capture personal information from computers connected to the Internet through it. All Internet traffic traveling from the computer through the Evil Twin will be scanned for credit card numbers, user information and other data. This information is then used by the owners of the Evil Twin for their own schemes; possibly for sale to a third party or to use your money for their purposes. By pretending to be the legitimate access point of the hot spot the Evil Twin capitalizes on the user's trust to trick them into giving up information that they would otherwise have kept private.

 

What Can I Do To Protect Myself? - Although nothing is absolutely foolproof here are some steps that you can take to ensure your security when at a public wireless hot spot:

1 - Don't Connect - We tell our children not to talk to strangers and we would do well to follow the same advice. The simplest and best way to protect yourself in a public wireless hot spot is not to connect to the wireless network at all. This does eliminate the risk of connecting to an Evil Twin but also eliminates the pleasure of using the Internet while away from the office and so is only a valid option when you do not need to access the Internet in these areas.

 

2 - Don't Give Away The Farm - If you must use the Internet at a public wireless hot spot restrict your activities to those that do not involve giving out your personal information (credit card, bank account login ID & etc.). This is the data that Evil Twin owners are after, frustrate their plans by using such information only on a trusted network such as at your office or home.

 

3 - Be Careful - If you must make credit card purchases over a public wireless hot spot be sure to use one card for all such transactions and be aware of any non-standard items on the statements for this card. In the event that this credit card number is stolen it will be a simple matter to cancel the card without seriously affecting your convenience.

 

4 - Lock It Up - The wireless hardware on your computer can be configured to automatically connect to any available wireless access point. This is the default in Windows and it means that your computer will automatically connect to the strongest wireless signal that it detects. We very strongly recommend that you configure your computer's wireless hardware to connect only to trusted access points. This will give you direct control over the networks that your computer is joining and will allow you to decide whether or not to join a questionable network. We would love to be able to give you step-by-step instructions on how to do this but there are too many wireless hardware configurations make that practical in the ELM Bulletin. Please call us if this is a concern and we will be able to help you.

 

5 - Be Aware - Internet Explorer, and many other browsers, are equipped with a variety of security features designed to protect you. For example, Internet Explorer 7, even on Windows XP, has a very effective anti-phishing filter that can warn you of suspicious behaviour of the websites you are visiting. Please take note of the following features that are almost universally applied within the popular browsers:

- Do not conduct private business unless the address for the website begins with "HTTPS" which indicates that the site uses secure HTTP. This can be faked but is a good guideline in general, especially if you enter the URL manually rather than following a link from an email.

 

- Look for the lock, either by the address bar or in one of the lower corners of your browser. Like the "HTTPS" prefix the lock indicates a secure site. Again, this can be faked but is in general a good indicator of a website's security.

 

- Take note of any unusually behaviour on the part of the websites you visit. If your banking site suddenly looks just a little bit off don't do any banking on it until you can confirm whether or not you are at your bank's actual website or an imposter's website.

6 - Use The Tools Available - In addition to Internet Explorer's anti-phishing filter many third party tools are available that increase your security while on the web. One very highly rated product (although we have just begun evaluating it ourselves) is Air Defense Personal which monitors wireless network activity and notifies the user when a potential risk is discovered.

Working wirelessly from a public hot spot, especially once Summer arrives, can be a very cost effective and enjoyable way to work. When you are traveling it is frequently the only way to stay in touch with those back home or at the office. We hope that this ELM Bulletin will not take the joy out of working out of the office but enable you to be better able to evaluate the potential risks involved.

 

Stay tuned for next month's ELM Bulletin when, after several weeks of use, we will give our assessment of Windows Vista and help you decide if you should upgrade and if so, when.

 

As always, please contact me if you have any questions about this or any other computer issue.

 

Previous issues of the ELM Bulletin are available from our website.

 

Please feel free to forward these bulletins to anyone you wish. If you no longer wish to receive these bulletins, or if you received this bulletin by mistake please send me an email with "Please remove me" in the subject line and I will take your name off of the bulletin mailing list.

 

Peter Rhebergen

Technical Specialist, Systems and Software

Email: peter@elmcomputers.com

 

ELM Computer Systems Inc.

502 Gordon Baker Road

Toronto, Ontario, M2H 3B4

 

Telephone

Local: 416 495 1624 (112)

Toll free: 800 268 3211

Fax: 416 495 0044

 

 

 

 

 

Website & Publications

ELM Computer Systems Inc

ELM Bulletin (complementary)

 

Product Websites

T4 TimeSaver (Tax Slip Preparation)

AvanTax (Automobile Taxable Benefits)

T4 OnLine (Online T4/T4A/T5 Preparation)
Copyright© 2008 ELM Computer Systems Inc., All rights reserved. Materials on the ELM website including text, graphics,
and HTML code may not be copied, reprinted, published, translated, hosted, or otherwise distributed by any means without written permission.
Website and logo design by SOHO Creative