On Sat, Feb 21, 2009 at 10:39 AM, Fred Jones <[email protected]>wrote:
> I am trying to advise my Dad about using his laptop while traveling, but I > am still confused about using a wireless connection in situation where no > encryption is available. > Here is the scenario I am trying to understand: > Traveling and using a wireless connection in a hotel > Hotel does NOT provide WEP or WPA encryption > No VPN is being used > No protection at all so far. > My Dad's webmail account thru network solutions has an option to use SSL > for logging in to email. Whenever you use SSL/TLS: the traffic between your computer web browser and the web site you are talking to is encrypted. Mostly on the Internet, the server keys are used in each direction, because most Internet users don't have their own keys. > The tech told me that transmitting username and password is protected using > SSL while logging in, but all else would be in the clear. Your Dad needs to know what to look for. If the web site continues to start with "https://";, then the traffic is still being encrypted. Sometimes just the login page, sometimes all the email. It could change at any time. Also, your browser will usually have a lock icon on the bottom somewhere. > > Is the tech correct or will the username and password be able to be picked > up in the clear since no encryption or VPN is being used? HTTPS protocol uses SSL/TLS to encrypt what is going between your browser and the web site. > > How can transmitting anything over a non-encrypted connection without using > a VPN be protected even if using SSL to login to an account? > see above. -- John DeCarlo, My Views Are My Own http://www.facebook.com/group.php?gid=34091576500&ref=mf ************************************************************************* ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *************************************************************************
