Wi-Fi Access Procedure

Archived from groups: alt.internet.wireless (More info?)

I see more and more Wi-Fi capabilities in places like Starbucks and
truck stops. How does one make use of these facilities? Do you just
sit down with your cup of coffee and connect to the network? Or do
you have to pay first for the usage, etc? How about security? Are
you exposing yourself to security problems from others connected to
the network?
18 answers Last reply
More about access procedure
  1. Archived from groups: alt.internet.wireless (More info?)

    In article <0iuh909bb041pj832j7pg7i4s0bt6dctj9@4ax.com>, Dick
    <LeadWinger> says...
    > I see more and more Wi-Fi capabilities in places like Starbucks and
    > truck stops. How does one make use of these facilities? Do you just
    > sit down with your cup of coffee and connect to the network? Or do
    > you have to pay first for the usage, etc? How about security? Are
    > you exposing yourself to security problems from others connected to
    > the network?
    >
    For places like Starbuck's you have to sign up with T-Mobile... it's
    about $20.00 a month.
    --

    Ben E. Brady
    http://www.clariondeveloper.com/wepgen
    FREE! Effectively manage your Wi-Fi network.
    Change your WEP keys often!

    http://www.clariondeveloper.com/webcloak
    FREE! Encrypt email addresses on your web site!
    Keep spam bots from sending you spam!

    http://www.firewallreporting.com
    Personal firewall log analysis tools for
    ZoneAlarm, BlackICE, WinRoute Pro and Windows XP
    Take stock of your firewall settings and take action against intruders.

    http://www.videoprofessorscam.com
    Don't get stung by this scam!
  2. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, Dick mused:
    |
    | I see more and more Wi-Fi capabilities in places like Starbucks and
    | truck stops. How does one make use of these facilities? Do you just
    | sit down with your cup of coffee and connect to the network? Or do
    | you have to pay first for the usage, etc?

    As an attendant at the facility in question.

    | How about security? Are
    | you exposing yourself to security problems from others connected to
    | the network?

    If you are not using encryption, or SSL connection over HTTP, then you
    are exposing yourself. So, watch what you do, and running a personal
    firewall on your laptop in such cases is probably not a bad idea as everyone
    else who is connected is on the same LAN as you ... and can see access your
    computer shares.
  3. Archived from groups: alt.internet.wireless (More info?)

    Their web sites quotes $29.99 as the monthly rate. You can also get a daily
    rate of $10, or an hourly rate of $6.00. You can usually sign up for the
    monthly, by-day, or by-hour options through the Starbuck's splash page.
    Corporate accounts are probably cheaper.

    IMHO, this is outrageously overpriced. I don't think they offer home ISP
    services, so if you go for the monthly rate, it's in addition to whatever
    you pay for your home connection. It would be less painful if you could also
    user T-Mobile at home, although then it would be a semi-monopolistic
    Microsoftish practice that would force home users to flock to T-Mobile
    because they are addicted to their Starbuck's hotspots.


    "Ben E. Brady" <y2kbrady-no-spam@yahoo.com> wrote in message
    news:MPG.1b02a17d67c7593f9896bd@news.comcast.giganews.com...
    > In article <0iuh909bb041pj832j7pg7i4s0bt6dctj9@4ax.com>, Dick
    > <LeadWinger> says...
    > > I see more and more Wi-Fi capabilities in places like Starbucks and
    > > truck stops. How does one make use of these facilities? Do you just
    > > sit down with your cup of coffee and connect to the network? Or do
    > > you have to pay first for the usage, etc? How about security? Are
    > > you exposing yourself to security problems from others connected to
    > > the network?
    > >
    > For places like Starbuck's you have to sign up with T-Mobile... it's
    > about $20.00 a month.
    > --
    >
    > Ben E. Brady
    > http://www.clariondeveloper.com/wepgen
    > FREE! Effectively manage your Wi-Fi network.
    > Change your WEP keys often!
    >
    > http://www.clariondeveloper.com/webcloak
    > FREE! Encrypt email addresses on your web site!
    > Keep spam bots from sending you spam!
    >
    > http://www.firewallreporting.com
    > Personal firewall log analysis tools for
    > ZoneAlarm, BlackICE, WinRoute Pro and Windows XP
    > Take stock of your firewall settings and take action against intruders.
    >
    > http://www.videoprofessorscam.com
    > Don't get stung by this scam!
    >
    >
    >
  4. Archived from groups: alt.internet.wireless (More info?)

    On Wed, 05 May 2004 16:27:29 GMT, "mhicaoidh"
    <®êmõvé_mhic_aoidh@hotÑîXmailŠPäM.com> wrote:

    >Taking a moment's reflection, Dick mused:
    >|
    >| I see more and more Wi-Fi capabilities in places like Starbucks and
    >| truck stops. How does one make use of these facilities? Do you just
    >| sit down with your cup of coffee and connect to the network? Or do
    >| you have to pay first for the usage, etc?
    >
    > As an attendant at the facility in question.
    >
    >| How about security? Are
    >| you exposing yourself to security problems from others connected to
    >| the network?
    >
    > If you are not using encryption, or SSL connection over HTTP, then you
    >are exposing yourself. So, watch what you do, and running a personal
    >firewall on your laptop in such cases is probably not a bad idea as everyone
    >else who is connected is on the same LAN as you ... and can see access your
    >computer shares.
    >

    I have enough trouble setting up WEP encryption in a home network.
    Having to set it up in every place I would visit (airports, coffee
    shops, etc.) seems like an insurmountable problem. I would always
    have ZoneAlarm Pro running.

    Dick
  5. Archived from groups: alt.internet.wireless (More info?)

    gary wrote:

    > Their web sites quotes $29.99 as the monthly rate. You can also get a
    > daily rate of $10, or an hourly rate of $6.00. You can usually sign up for
    > the monthly, by-day, or by-hour options through the Starbuck's splash
    > page. Corporate accounts are probably cheaper.
    >
    > IMHO, this is outrageously overpriced. I don't think they offer home ISP
    > services, so if you go for the monthly rate, it's in addition to whatever
    > you pay for your home connection. It would be less painful if you could
    > also user T-Mobile at home, although then it would be a semi-monopolistic
    > Microsoftish practice that would force home users to flock to T-Mobile
    > because they are addicted to their Starbuck's hotspots.

    FWIW, the wireless companies in Canada have agreed to allow roaming between
    them, so if you sign up with one, you can access via all.

    --

    Fundamentalism is fundamentally wrong.

    To reply to this message, replace everything to the left of "@" with
    james.knott.
  6. Archived from groups: alt.internet.wireless (More info?)

    mhicaoidh wrote:
    || Taking a moment's reflection, Dick mused:
    |||
    ||| I see more and more Wi-Fi capabilities in places like Starbucks and
    ||| truck stops. How does one make use of these facilities? Do you
    ||| just sit down with your cup of coffee and connect to the network?
    ||| Or do you have to pay first for the usage, etc?
    ||
    || As an attendant at the facility in question.
    ||
    ||| How about security? Are
    ||| you exposing yourself to security problems from others connected to
    ||| the network?
    ||
    || If you are not using encryption, or SSL connection over HTTP,
    || then you are exposing yourself. So, watch what you do, and running
    || a personal firewall on your laptop in such cases is probably not a
    || bad idea as everyone else who is connected is on the same LAN as you
    || ... and can see access your computer shares.

    Not necessarily true. Not all AP will allow traffic to flow amoungs clients
    connected to itself. But to run a firewall on the laptop is definatly a
    must.
  7. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, Dick mused:
    |
    | I have enough trouble setting up WEP encryption in a home network.
    | Having to set it up in every place I would visit (airports, coffee
    | shops, etc.) seems like an insurmountable problem. I would always
    | have ZoneAlarm Pro running.

    It should be as simple as having the right Passphrase and Bit rate.
    Each place you go, that you have legitimate access, should provide you that
    information. The problems I have had with getting encryption running have
    mainly been due to poor driver support. I am running the WPA Client instead
    of Linksys' utility for the WPC54G card because I cannot get a consistent
    association with Linksys' ... with WPA, it is "first time, every time."
  8. Archived from groups: alt.internet.wireless (More info?)

    I'm a bit confused about the talk of WEP in the context of free hotspots.
    AFAIK, the vast majority of public hotspots (commercial or free) do not
    offer WEP or WPA as an option. They operate completely open nets.

    Use of WEP or preshared-key WPA at a public hotspot would require
    distribution of a shared private key, which would remain private for about 5
    seconds, thus defeating the purpose. Also, any public hotspot operator who
    offers encryption acquires extra liability, whether they like it or not. If
    they offer encryption, they imply a level of security they cannot guarantee.
    If the encryption is cracked, and someone suffers damage as a result, the
    hotspot operator could be the target of a nasty lawsuit. Rather than pay
    damages and legal costs, most operator agree that making no security claims
    at all is safest.

    End-to-end encryption via VPN is always a possibility for users connecting
    to a VPN-served endpoint. Secure http is more than adequate for online
    banking and other transactions (although your laptop screen is visible to
    the guy at the next table). Pop server userid/passsword are a sore point,
    since some major ISPs do not appear to support secure authentication, so the
    userid and password are transmitted in the clear. Having your email account
    hijacked is not good - could be used for spam or malicious attacks via email
    attachments.

    As someone else pointed out, always run a wifi firewall, and disable your
    shared resources (files, printers, etc.). Except for the POP server issue, I
    never worry about running at a public hotspot.

    "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
    news:5ismc.31558$TD4.5058644@attbi_s01...
    > Taking a moment's reflection, Dick mused:
    > |
    > | I have enough trouble setting up WEP encryption in a home network.
    > | Having to set it up in every place I would visit (airports, coffee
    > | shops, etc.) seems like an insurmountable problem. I would always
    > | have ZoneAlarm Pro running.
    >
    > It should be as simple as having the right Passphrase and Bit rate.
    > Each place you go, that you have legitimate access, should provide you
    that
    > information. The problems I have had with getting encryption running have
    > mainly been due to poor driver support. I am running the WPA Client
    instead
    > of Linksys' utility for the WPC54G card because I cannot get a consistent
    > association with Linksys' ... with WPA, it is "first time, every time."
    >
    >
  9. Archived from groups: alt.internet.wireless (More info?)

    Good point. I hadn't thought about turning off shared resources.

    Dick

    On Thu, 06 May 2004 15:48:35 GMT, "gary" <pleasenospam@sbcglobal.net>
    wrote:


    >As someone else pointed out, always run a wifi firewall, and disable your
    >shared resources (files, printers, etc.). Except for the POP server issue, I
    >never worry about running at a public hotspot.
  10. Archived from groups: alt.internet.wireless (More info?)

    Gary is correct. Public hotspots cannot use WEP since all clients would
    have the keys. As I understand it, WPA could provide encryption for public
    hotspots (probably using a RADIUS server), but nobody is using it yet.

    Maxx said that not all APs allow traffic to flow among clients, but this is
    wrong. The AP can't control traffic between stations that are within range
    of each other.

    Using HTTPS web-pages is secure, so credit-card transactions are secure,
    while your email is not. Using a VPN to anywhere (home, office, etc.) will
    encrypt your traffic while it traverses the wireless link (and then some).

    Several of the posts talked about firewalls, seemingly in the context of
    privacy. Firewalls do nothing to enhance your privacy. Use VPNs for
    privacy. Firewalls protect your system from worms and services on your
    system that have open ports. The worst of these is file-sharing. You could
    depend on your firewall, but you should probably disable file-sharing on
    your wireless adapter.

    Ron Bandes, CCNP, CTT+, etc.

    "gary" <pleasenospam@sbcglobal.net> wrote in message
    news:n7tmc.6103$fx4.4207@newssvr24.news.prodigy.com...
    > I'm a bit confused about the talk of WEP in the context of free hotspots.
    > AFAIK, the vast majority of public hotspots (commercial or free) do not
    > offer WEP or WPA as an option. They operate completely open nets.
    ....
    > End-to-end encryption via VPN is always a possibility for users connecting
    > to a VPN-served endpoint. Secure http is more than adequate for online
    > banking and other transactions
    ....
    > As someone else pointed out, always run a wifi firewall, and disable your
    > shared resources (files, printers, etc.). Except for the POP server issue,
    I
    > never worry about running at a public hotspot.
    >
    > "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
    > news:5ismc.31558$TD4.5058644@attbi_s01...
    > > Taking a moment's reflection, Dick mused:
    > > |
    > > | I have enough trouble setting up WEP encryption in a home network.
    > > | Having to set it up in every place I would visit (airports, coffee
    > > | shops, etc.) seems like an insurmountable problem. I would always
    > > | have ZoneAlarm Pro running.
    > >
    > > It should be as simple as having the right Passphrase and Bit rate.
    > > Each place you go, that you have legitimate access, should provide you
    > that
    > > information. The problems I have had with getting encryption running
    have
    > > mainly been due to poor driver support. I am running the WPA Client
    > instead
    > > of Linksys' utility for the WPC54G card because I cannot get a
    consistent
    > > association with Linksys' ... with WPA, it is "first time, every time."
  11. Archived from groups: alt.internet.wireless (More info?)

    Ron Bandes wrote:

    > Gary is correct. Public hotspots cannot use WEP since all clients would
    > have the keys. As I understand it, WPA could provide encryption for public
    > hotspots (probably using a RADIUS server), but nobody is using it yet.
    >
    > Maxx said that not all APs allow traffic to flow among clients, but this is
    > wrong. The AP can't control traffic between stations that are within range
    > of each other.

    My AP has a check-mark to disable client-to-client communications.

    Of course I don't think that refers to people who set up in ad-hoc mode,
    just those communicating over the AP in infrastructure mode. It's
    basically a way to prevent people from setting up a LAN and sets the AP
    to only allow clients access to the internet.

    > Using HTTPS web-pages is secure, so credit-card transactions are secure,
    > while your email is not. Using a VPN to anywhere (home, office, etc.) will
    > encrypt your traffic while it traverses the wireless link (and then some).
    >
    > Several of the posts talked about firewalls, seemingly in the context of
    > privacy. Firewalls do nothing to enhance your privacy.

    You mean someone who is being port scanned on a non-firewalled computer
    has nothing to worry about in terms of privacy?

    > Use VPNs for
    > privacy. Firewalls protect your system from worms and services on your
    > system that have open ports. The worst of these is file-sharing. You could
    > depend on your firewall, but you should probably disable file-sharing on
    > your wireless adapter.
    >
    > Ron Bandes, CCNP, CTT+, etc.
  12. Archived from groups: alt.internet.wireless (More info?)

    Your AP feature to disable client-to-client communications prevents
    legitimate communications between clients. It does not prevent an
    eavesdropper from passively sniffing your traffic.

    Port-scanning is not a privacy issue. Privacy means keeping the content of
    your messages from being intelligible to eavesdroppers. Also, I didn't say
    that you have privacy without a firewall. I said that even with a firewall
    you don't have privacy (in the absence of other privacy features). A
    firewall doesn't encrypt your messages. A firewall (let's not start a
    religious war over the many definitions of a firewall) mainly keeps
    outsiders from establishing new TCP connections to your computer, while
    allowing your computer to establish new TCP connections to the outside. It
    also permits messages to travel in both directions over existing TCP
    connections.

    Ron Bandes, CCNP, CTT+

    "Rôgêr" <abuse@your.isp.com> wrote in message
    news:sNidncGff6owhAbdRVn-hw@pghconnect.com...
    > Ron Bandes wrote:
    >
    > > Gary is correct. Public hotspots cannot use WEP since all clients would
    > > have the keys. As I understand it, WPA could provide encryption for
    public
    > > hotspots (probably using a RADIUS server), but nobody is using it yet.
    > >
    > > Maxx said that not all APs allow traffic to flow among clients, but this
    is
    > > wrong. The AP can't control traffic between stations that are within
    range
    > > of each other.
    >
    > My AP has a check-mark to disable client-to-client communications.
    >
    > Of course I don't think that refers to people who set up in ad-hoc mode,
    > just those communicating over the AP in infrastructure mode. It's
    > basically a way to prevent people from setting up a LAN and sets the AP
    > to only allow clients access to the internet.
    >
    > > Using HTTPS web-pages is secure, so credit-card transactions are secure,
    > > while your email is not. Using a VPN to anywhere (home, office, etc.)
    will
    > > encrypt your traffic while it traverses the wireless link (and then
    some).
    > >
    > > Several of the posts talked about firewalls, seemingly in the context of
    > > privacy. Firewalls do nothing to enhance your privacy.
    >
    > You mean someone who is being port scanned on a non-firewalled computer
    > has nothing to worry about in terms of privacy?
    >
    > > Use VPNs for
    > > privacy. Firewalls protect your system from worms and services on your
    > > system that have open ports. The worst of these is file-sharing. You
    could
    > > depend on your firewall, but you should probably disable file-sharing on
    > > your wireless adapter.
    > >
    > > Ron Bandes, CCNP, CTT+, etc.
    >
  13. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, gary mused:
    |
    | I'm a bit confused about the talk of WEP in the context of free hotspots.
    | AFAIK, the vast majority of public hotspots (commercial or free) do not
    | offer WEP or WPA as an option. They operate completely open nets.

    I think that's because you are extrapolating a bit out of the context of
    the thread. The issue is if you want to run WiFi access without encryption,
    how do you tell people the WiFi access is still private. My contention is:
    you don't. Since everyone has at least the capability of WEP encryption, if
    your WLAN is intended to be private, you should have at least WEP enabled.
    I think it is reasonable to assume, if there is no encryption or other means
    to prevent connection and use, that the WiFi connection is open to the
    public. Though, obviously, this is not the case.
  14. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, Ron Bandes mused:
    |
    | Several of the posts talked about firewalls, seemingly in the context of
    | privacy.

    Sorry, no. I believe they were mentioned within the context of access
    to one's computer, not privacy.
  15. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, Rôgêr mused:
    |
    | My AP has a check-mark to disable client-to-client communications.

    Sweet! What AP do you have?
  16. Archived from groups: alt.internet.wireless (More info?)

    Actually, the original post asked about security of wifi at public-access
    hotspots like Starbucks:

    "I see more and more Wi-Fi capabilities in places like Starbucks and
    truck stops. How does one make use of these facilities? Do you just
    sit down with your cup of coffee and connect to the network? Or do
    you have to pay first for the usage, etc? How about security? Are
    you exposing yourself to security problems from others connected to
    the network?" -- Dick

    WEP and WPA are simply not options in these venues. Other people in this
    thread weighed in with suggestions like always run a wifi firewall. We've
    also covered disabling resource sharing, using VPN to protect end-to-end,
    and relative saftety of https connections. Aside from these things, public
    wifi is wide open.

    "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
    news:a5Omc.37764$IG1.2096998@attbi_s04...
    > Taking a moment's reflection, gary mused:
    > |
    > | I'm a bit confused about the talk of WEP in the context of free
    hotspots.
    > | AFAIK, the vast majority of public hotspots (commercial or free) do not
    > | offer WEP or WPA as an option. They operate completely open nets.
    >
    > I think that's because you are extrapolating a bit out of the context
    of
    > the thread. The issue is if you want to run WiFi access without
    encryption,
    > how do you tell people the WiFi access is still private. My contention
    is:
    > you don't. Since everyone has at least the capability of WEP encryption,
    if
    > your WLAN is intended to be private, you should have at least WEP enabled.
    > I think it is reasonable to assume, if there is no encryption or other
    means
    > to prevent connection and use, that the WiFi connection is open to the
    > public. Though, obviously, this is not the case.
    >
    >
  17. Archived from groups: alt.internet.wireless (More info?)

    Taking a moment's reflection, gary mused:
    |
    | Actually, the original post asked about security of wifi at public-access
    | hotspots like Starbucks:

    Okay. Since you replied to my post, I assumed you were discussing what
    I had written, not the OP's original comment. However, my reply was based
    on the OP bringing up the issue WEP encryption.

    The confusion was further compounded by my having mistook this thread
    for another thread where we were discussing "The issue is if you want to run
    WiFi access without encryption, how do you tell people the WiFi access is
    still private."

    Too many threads, too little brain cells. ;-)
  18. Archived from groups: alt.internet.wireless (More info?)

    "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
    news:OeTmc.48112$Ik.3423632@attbi_s53...
    > Taking a moment's reflection, gary mused:
    > |
    > | Actually, the original post asked about security of wifi at
    public-access
    > | hotspots like Starbucks:
    >
    > Okay. Since you replied to my post, I assumed you were discussing
    what
    > I had written, not the OP's original comment. However, my reply was based
    > on the OP bringing up the issue WEP encryption.
    >
    > The confusion was further compounded by my having mistook this thread
    > for another thread where we were discussing "The issue is if you want to
    run
    > WiFi access without encryption, how do you tell people the WiFi access is
    > still private."

    Kinda figured that might be it.

    >
    > Too many threads, too little brain cells. ;-)
    >
    >
Ask a new question

Read More

Wireless WiFi and Home Networking Security Internet Wireless Networking