Vassar Technology Today | Protect your information over wireless networks

Matthew Leung Columnist

I sat at the Detroit International Airport for about five hours waiting for a connecting flight back to Poughkeepsie. I had missed several days of classes, so I thought I’d connect my airport’s laptop to the official wireless network of the airport and start my homework. I went to Vassar’s Blackboard site, and almost clicked the login button when I suddenly realized that there were about 10 other people sitting around me with laptops. Much like Vassar’s wireless network, the airport’s network was not encrypted. If I had clicked on the login button, I could have accidentally revealed my password to Blackboard, e-mail, Vspace and the control panel to one of the strangers sitting across from me.

I had no choice: I couldn’t use Blackboard. But most of Vassar’s networking technologies are the same as those in public places such as airports, so there’s no reason to think that Vassar’s network is any more (or less) secure. Unencrypted communication is fair game for anyone who makes the effort to intercept it. Wireless is especially easy to intercept because only an antenna, such as the one in your laptop, is required to pick up the communication.

Many programs available to the public offer simple programs for anyone with basic knowledge about wireless networking to see the activities of those around them. A general indicator of what can be seen and what can’t be seen is the letter “s.” In the address bar of a browser, “http” at the beginning of a Web address signifies unencrypted communication, while “https” signifies encrypted communication. Browsers usually verify encryption with the graphic of a lock at the bottom of the screen.

Powerful antennae, sold at electronics stores such as Radio Shack, can pick up wireless signals several miles away, allowing for a targeted attack or general scanning. Since most Web sites use the “http” protocol, an eavesdropper could scan any unencrypted wireless network and see Web sites’ individual users’ visits and the data they send out, including passwords.

Nowadays, most login screens (except for Blackboard) use the “https” protocol. However, most Web sites do not use encryption after the login screen. With Zimbra it’s a little bit tricky—it uses encryption after login only some of the time. When it’s not using encryption, I have to manually type in an “s” after “http” in the address bar and then hit “enter” to switch to the encryption mode. For those using e-mail clients such as Outlook and Eudora, Vassar offers only encryption for sending passwords, but not for sending messages.

I could have given up the wireless network at the airport and just found an ethernet port. But for my Blackboard dilemma, a wired network is also unencrypted and therefore equally unpromising. My personal data would have had to travel a long distance from Detroit to Poughkeepsie, and at any point along the way, my data would have been just as vulnerable as my wireless data at the airport. Even though data sent among wired computers at Vassar is not exposed to the outside world, anyone physically plugged into the wired network could easily eavesdrop.

One option for protection against eavesdropping is to route all of your communication to “https.” Services such as anonymizer (anonymizer.com) offers different levels of encryption with flexible pricing starting at $29.95 per year, but this Windows-centric service is Mac-compatible only in high-end products. JiWire (jiwire.com/hotspot-helper.htm) offers perhaps the cheapest option ($24.95 per year) but is another Windows-only application. The solution with equal protection for Windows and Mac is Witopia (witopia.net/personalmore.html), which costs $49.95 per year.

I did not have the guts to use Blackboard until I returned to campus. But even then I took a leap of faith and assumed that no one was scanning the wired or wireless network at Vassar. For Blackboard, the encryption programs mentioned above are of no help, because en route the communication eventually would have to leave the safety of “https” and travel on “http” to reach its destination. These third-party encryption programs only protect information you send out, not the agent that receives your information.

The only possible precaution is using different passwords for Blackboard, Webmail and Vspace. Unfortunately, CIS no longer offers this option, so changing your password is often the next best solution. As for e-mails, companies such as PGP (pgp.com) and Thawte (thawte.com) offer options for encrypting your e-mails from the time you send them to the time they are received.

While Vassar’s physical location might give us a comfortable sense of safety, its digital infrastructure, integrated with the outside world, is not much different from the ones at public places like airports and Starbucks. Just as people like to look over others’ shoulders to see their laptop screens, I imagine people like to do the same with others’ wireless signals.