Let's say that you're an MS Windows laptop user with a wireless card. You'd like to use a public hotspot to access your usual email-web-news etc.
What security precautions should you take? Here's a start which all revolve around plain text credentials. - Don't use Telnet, use SSH - Don't use FTP, use SFTP - Don't put your credit card details on a non-SSL web page. But then you wouldn't anyway, right? - Use POP3-SSL or IMAP-SSL, and SMTP-SSL. Except that very few ISPs support these. So what to do? - Don't access any web pages that use Basic Auth with no SSL. - Don't use your corporate intranet without a VPN, but then you can't anyway, right? The big problem I can see, for most people in this situation, is going to be email. They're very likely to be using unencrypted POP3 and open SMTP that at best is doing POP3 before SMTP. So a) they've just lost their POP3 password. and b) the SMTP server is an open relay from that location for a period of time which might be 24 hours. So what to do? -- Julian Bond Email&MSM: [EMAIL PROTECTED] Webmaster: http://www.ecademy.com/ Personal WebLog: http://www.voidstar.com/ CV/Resume: http://www.voidstar.com/cv/ M: +44 (0)77 5907 2173 T: +44 (0)192 0412 433 -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
