The West Palm Beach, Fla.-based company has just released the results of a test at the busy Chicago O'Hare airport. Authentium's engineers discovered that more than 90 percent of the wireless networks available within the passenger terminals were actually ad hoc computer-to-computer connections, and more than 80 percent of these devices were advertising "free" WiFi access. On the day of testing, only one in ten of the advertised "free" wireless access points connected with O'Hare's actual free wireless access hub. Many of the suspect devices registered as access points also displayed fake or misleading MAC addresses.
"We're not suggesting that 90 percent of the WiFi access point connections in O'Hare were malicious," says Corey O'Donnell, vice president of marketing at Authentium. "But one of them could have been, and there would be no way for you to know."
The firm says that the free'n'easy nature of most WiFi hookups at the airport makes potential "man in the middle" attacks and identity theft more of a possibility. (See A Security Blanket?) "The potential risks for all travelers is increasing," O'Donnell opines.
So what's a weary traveler to do? Authentium reiterates some commonsense WiFi advice and adds a few tweaks of its own:
- Shut off your WiFi connection if you don't need to be online at the airport. That way you can't connect to any old network.
- Look for the signs that give the name and WiFi tag (SSID) of the official WLAN service at the airport, and connect exclusively to that.
- Change your defaults. Don't just blindly connect with any default signal.
- Don't do sensitive stuff such as online banking over a WiFi connection at the airport.
- Use a VPN wherever posssible. Naturally, Authetium suggests that you use its product.
— Dan Jones, Site Editor, Unstrung