Tuesday, March 1, 2016

Tabula Rosa Systems Blog Of 3/1/2016 - Why In-flight Wifi Isn't As Safe As You Think!



Why In-flight Wifi Isn't As Safe As You Think

 Passenger's emails hacked by fellow traveller while using exposed connection
Steven Petrow was using Gogo wifi while flying with American Airlines
He said a passenger seated behind him was able to read all of his emails
Users warned not to send any sensitive information once they connect
By CHRIS KITCHING FOR MAILONLINE www.dailymail.co.uk
PUBLISHED: 09:27 EST, 29 February 2016 | UPDATED: 10:44 EST, 1 March 2016A newspaper columnist and author has exposed serious flaws in aeroplane wifi after a fellow passenger hacked into his laptop computer and read his emails on a recent flight.
Steven Petrow said he learned of the security breach from the hacker after he used Gogo wifi on an American Airlines flight from Dallas to Raleigh, North Carolina in mid-February.
Petrow, who writes for USA Today and the Washington Post, was astonished that someone was able to infiltrate his email account.
Newspaper columnist Steven Petrow was stunned when a hacker told him he had accessed his emails
In a column for USA Today, he wrote that the hacker, who was seated in the row behind him, approached him after the plane had landed.
The man knew Petrow was a reporter and later told him as they walked through the terminal that he knew he was working on a story about the US government’s attempt to force Apple to unlock an iPhone belonging to one of the San Bernardino shooters.
The man said he hacked Petrow's email and read every message he sent and received, and he hacked most devices that were connected to the flight's wifi. Some passengers may have exposed their financial details or sensitive personal information.
RELATED ARTICLES
Petrow told MailOnline Travel: ‘I was really shocked and couldn’t believe this could happen. I think my face really fell to the floor in the terminal because very quickly he was reiterating to me in great detail what I had written in my emails.’
In the days following the incident Petrow has been asked several times why he didn't report it to the airline or an authority. He said he landed at midnight and he didn't know if a crime had occurred.
American Airlines’ wifi service is offered by Gogo, the biggest on-board wifi provider in the US with nearly a dozen international clients, including Air Canada, Japan Airlines, United Airlines and Virgin Atlantic.
MailOnline has contacted Gogo for comment.
In light of Petrow’s experience, Andrew Ferguson, editor at London-based thinkbroadband.com, said in-flight wifi is similar to a public hotspot and passengers should always assume that someone will be able to see their data.
Tech experts said passengers should use a virtual private network when they connect
Ferguson told MailOnline Travel: ‘This problem is something not unique to just in-flight wifi, but to any public wifi network that is not encrypted.
‘This also highlights the fact business users should be much more pro-active in using encrypted email options, which have been around for many years.’
Ferguson said public wifi networks often operate with no security options so that users can see the network and sign up easily, but the downside is their traffic is not protected like it is at home.
He said: ‘This ultimately means someone with a desire to do so has the potential to watch for unencrypted traffic.
‘On a plane, this is made even easier as there will be less interference from competing wifi networks and the volume of traffic much lower, so spotting something juicy is rather simple.’
Ferguson said passengers should use a virtual private network (VPN) to encrypt their traffic.
Since the incident, Petrow has started using a VPN for a small monthly fee and he is changing his email service provider.
Gary Newe, technical director at F5 Networks, echoed Ferguson’s advice, but said even with a VPN he still wouldn’t connect to his bank or tax services.
He said: ‘Ultimately, you just don’t know how safe a public wifi hotspot is.
‘Never connect to your bank or other personal sites when using a wifi hotspot, unless you have a secure VPN you can use.
‘This way anyone who is able to eavesdrop on your connection won’t be able to see any of the details such as credit card information or email correspondence.’
Bob Atkinson, travel expert at TravelSupermarket, added: ‘You should never use unsecure wifi – in other words, any network which doesn’t require a password login – for anything personal such as email or for accessing bank accounts.
‘Without a secure log in, like you should have on your home wifi, you are leaving yourself wide open, especially when you are less guarded away on holiday.’
In its privacy policy, Gogo said it does not provide an encrypted channel for its users once they connect and it cannot ensure the security of any information they send.
It recommends that passengers use a VPN for greater security and avoid accessing or sending sensitive or private information over an unencrypted connection.
The privacy policy warns: ‘You should be aware … that data packets from un-encrypted Wi-Fi connections can be captured by technically advanced means when they are transmitted between a user’s device and the Wi-Fi access point.
‘You should therefore take precautions to lower your security risks.’
It suggests users turn off file sharing and ensure that laptops have a personal firewall and other protections against malware.
American Airlines declined to comment.
  ==========================   For a great satire on email, please see the following:
https://www.youtube.com/watch?v=HTgYHHKs0Zwscoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
=============================================== 
Good Netiquette And A Green Internet To All! 

Special Bulletin - My just released book

"You're Hired. Super Charge our Email Skills in 60 Minutes! (And Get That Job...) 

is now on sales at Amazon.com 

Great Reasons for Purchasing Netiquette IQ
·         Get more email opens.  Improve 100% or more.
·         Receive more responses, interviews, appointments, prospects and sales.
·         Be better understood.
·         Eliminate indecision.
·         Avoid being spammed 100% or more.
·         Have recipient finish reading your email content. 
·         Save time by reducing questions.
·         Increase your level of clarity.
·         Improve you time management with your email.
·        Have quick access to a wealth of relevant email information.
Enjoy most of what you need for email in a single book.

 =================================

**Important note** - contact our company for very powerful solutions for IP
 management (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
==================================================

Another Special Announcement - Tune in to my radio interview,  on Rider University's station, www.1077thebronc.com I discuss my recent book, above on "Your Career Is Calling", hosted by Wanda Ellett.   

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

In addition to this blog, I maintain a radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and  PSG of Mercer County, NJ.


I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services.  Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.

Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
=============================================================

No comments:

Post a Comment