Saturday, May 4, 2013

Airport Web Browser Security

Contrary to the popular perception, the world is not round - it is a giant polygon and my work has taken me to many a strange corner.

Travelling with a laptop computer is a risky business.  They are easily stolen and the financial cost pales into insignificance compared to the inconvenience of having to set up a new one again after having lost all your contacts and other keyboard kreature komforts.

On a Linux system, you absolutely must use 'full disk encryption'.  This is so easy to set up, that there is no excuse not to.  It only protects your data when at rest - when the machine is turned off, but your ordinary perp will try to log in, won't get past your 16 character password, then reboot and promptly get stuck at your 20 character encryption password (OK not everyone is as paranoid as me, but you should use at least 12 characters for a password).  After a few days, the machine will be re-installed with Windows XP and sold on Ebay, while your personal and financial data will be safely in data heaven.

While travelling to a distant corner of the globe, you will necessarily spend lots of time in Airports, using captive portals and coffee shop WiFi network connections.  These things are almost certainly bugged by at least three different organizations in the interest of national curiosity, but what bothers me more are my fellow bored geeks snooping my data over WiFi using things like Kismet or Firesheep (

One simple way to befuddle the snoops, or wiggle through a restrictive local firewall, is The Onion Router.  TOR provides multiple layers of SSL between you and a seemingly randomly chosen end point.  That still leaves you somewhat at the mercy of the end point operator (who can see your traffic but probably doesn't know who you are), but I suspect that a goodly number of the TOR endpoints are run by friendly police forces the world over, so you are probably quite safe:

The browser bundle is a super easy way to get going with TOR.  On a reasonably modern laptop machine it is quite fast enough.  Give it a go. 

No comments:

Post a Comment

On topic comments are welcome. Junk will be deleted.