i use public WiFi networks pretty often - travelling, on campus, at work

i've never really set anything up for secure e-mail access or browsing.

how paranoid should i be?
they can't get anything submitted over secure or encrypted http so i don't have to worry about financial info, or even some webmail like gmail.

what could they possibly get if i just browse openly?

how many of you have something like this set up?

3/22/2006 4:08:30 AM

I set up a ssh tunnel from my work pc to my home pc to use my home pc as a proxy.

3/22/2006 4:26:01 AM

is that for safety or just because certain sites are blocked at work?

3/22/2006 10:23:59 AM

Quote :

"what could they possibly get if i just browse openly? "

your TWW posts!

3/22/2006 10:29:27 AM

ohnoes!

3/22/2006 10:30:04 AM

they can't see content but they can see URL locations

3/22/2006 10:40:23 AM

you dont want people to see what you are c0nnecting to ok

3/22/2006 10:41:43 AM

if you use outlook or any other imap email program - then you are transmitting your password in plaintext unless you told it to use SSL - you can sit in the library for 10min. and get a few unity passwords this way

you don't have to use ssh tunnels for everything - but some sort of security is a good idea

3/22/2006 11:34:45 AM

^ what he said.

3/22/2006 12:19:33 PM

lol check out what my host said:

Quote :

"Yes, we can enable secure email access over POP for your mailserver. But please note that in order for it to be done, you need to purchase a dedicated SSL certificate for your domain in our server. A dedicated SSL also needs a dedicated IP address to be installed over. If you need both of them, please get back to us, and we shall have our administrative department purchase and install the same for you. After the dedicated SSL certificate has been installed, you shall be able to configure your email client, say outlook express, to use it for secure email. But, as a footnote, let me assure you that our mailservers are as secure as can be, with the latest intrusion detection softwares installed in them. We perform routine checks in our servers to ensure that every possible loophole or vulnerability is addressed on time. You do not need to opt for secure email, unless a lot of sensitive information is transmitted through your mailservers regularly ( for e.g : credit card information ) Please let us know if you DO need to purchase a dedicated IP address, and an SSL certificate to be installed for your domain. We shall do the required."

3/29/2006 7:42:35 PM

Heh, good marketing tactics ... sell the client a product that has absolutely nothing to do with their original needs/question. Brilliant.

3/29/2006 8:54:20 PM

Quote :

"A dedicated SSL also needs a dedicated IP address to be installed over"

b-b-b-b-b-bullshit!

3/29/2006 8:57:19 PM

Quote :

"But, as a footnote, let me assure you that our mailservers are as secure as can be, with the latest intrusion detection softwares installed in them. We perform routine checks in our servers to ensure that every possible loophole or vulnerability is addressed on time. You do not need to opt for secure email, unless a lot of sensitive information is transmitted through your mailservers regularly ( for e.g : credit card information )"

wow.

3/29/2006 10:03:43 PM