Why In-flight Wifi Isn't As Safe As You Think
Passenger's emails hacked by fellow traveller
while using exposed connection
Steven Petrow was using
Gogo wifi while flying with American Airlines
He said a passenger
seated behind him was able to read all of his emails
Users warned not to send
any sensitive information once they connect
By CHRIS KITCHING FOR MAILONLINE
www.dailymail.co.uk
PUBLISHED: 09:27 EST, 29 February 2016 | UPDATED: 10:44 EST, 1 March
2016A newspaper columnist and author has exposed serious flaws in aeroplane
wifi after a fellow passenger hacked into his laptop computer and read his
emails on a recent flight.
Steven Petrow said he
learned of the security breach from the hacker after he used Gogo wifi on an
American Airlines flight from Dallas to Raleigh, North Carolina in
mid-February.
Petrow, who writes for
USA Today and the Washington Post, was astonished that someone was able to
infiltrate his email account.
Newspaper columnist
Steven Petrow was stunned when a hacker told him he had accessed his emails
In a column for
USA Today, he wrote that the hacker, who was seated in the row behind him,
approached him after the plane had landed.
The man knew Petrow was
a reporter and later told him as they walked through the terminal that he knew
he was working on a story about the US government’s attempt to force Apple to
unlock an iPhone belonging to one of the San Bernardino shooters.
The man said he hacked
Petrow's email and read every message he sent and received, and he hacked most
devices that were connected to the flight's wifi. Some passengers may have
exposed their financial details or sensitive personal information.
RELATED ARTICLES
Petrow told MailOnline
Travel: ‘I was really shocked and couldn’t believe this could happen. I think
my face really fell to the floor in the terminal because very quickly he was
reiterating to me in great detail what I had written in my emails.’
In the days following
the incident Petrow has been asked several times why he didn't report it to the
airline or an authority. He said he landed at midnight and he didn't know if a
crime had occurred.
American Airlines’ wifi
service is offered by Gogo, the biggest on-board wifi provider in the US with
nearly a dozen international clients, including Air Canada, Japan Airlines,
United Airlines and Virgin Atlantic.
MailOnline has contacted
Gogo for comment.
In light of Petrow’s
experience, Andrew Ferguson, editor at London-based thinkbroadband.com, said
in-flight wifi is similar to a public hotspot and passengers should always
assume that someone will be able to see their data.
Tech experts said
passengers should use a virtual private network when they connect
Ferguson told MailOnline
Travel: ‘This problem is something not unique to just in-flight wifi, but to
any public wifi network that is not encrypted.
‘This also highlights
the fact business users should be much more pro-active in using encrypted email
options, which have been around for many years.’
Ferguson said public
wifi networks often operate with no security options so that users can see the
network and sign up easily, but the downside is their traffic is not protected
like it is at home.
He said: ‘This
ultimately means someone with a desire to do so has the potential to watch for
unencrypted traffic.
‘On a plane, this is
made even easier as there will be less interference from competing wifi
networks and the volume of traffic much lower, so spotting something juicy is
rather simple.’
Ferguson said passengers
should use a virtual private network (VPN) to encrypt their traffic.
Since the incident,
Petrow has started using a VPN for a small monthly fee and he is changing his
email service provider.
Gary Newe, technical
director at F5 Networks, echoed Ferguson’s advice, but said even with a VPN he
still wouldn’t connect to his bank or tax services.
He said: ‘Ultimately,
you just don’t know how safe a public wifi hotspot is.
‘Never connect to your
bank or other personal sites when using a wifi hotspot, unless you have a
secure VPN you can use.
‘This way anyone who is
able to eavesdrop on your connection won’t be able to see any of the details
such as credit card information or email correspondence.’
Bob Atkinson, travel
expert at TravelSupermarket, added: ‘You should never use unsecure wifi – in
other words, any network which doesn’t require a password login – for anything
personal such as email or for accessing bank accounts.
‘Without a secure log
in, like you should have on your home wifi, you are leaving yourself wide open,
especially when you are less guarded away on holiday.’
In its privacy policy,
Gogo said it does not provide an encrypted channel for its users once they
connect and it cannot ensure the security of any information they send.
It recommends that
passengers use a VPN for greater security and avoid accessing or sending
sensitive or private information over an unencrypted connection.
The privacy policy
warns: ‘You should be aware … that data packets from un-encrypted Wi-Fi
connections can be captured by technically advanced means when they are
transmitted between a user’s device and the Wi-Fi access point.
‘You should therefore
take precautions to lower your security risks.’
It suggests users turn
off file sharing and ensure that laptops have a personal firewall and other
protections against malware.
American Airlines
declined to comment.
========================== For a great satire on email, please see the following:
https://www.youtube.com/watch?v=HTgYHHKs0Zwscoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
===============================================
Good Netiquette And A Green Internet To All!
Special Bulletin - My just released book,
"You're Hired. Super Charge our Email Skills in 60 Minutes! (And Get That Job...)
is now on sales at Amazon.com
Great Reasons for Purchasing Netiquette IQ
·
Get more
email opens. Improve 100% or more.
·
Receive
more responses, interviews, appointments, prospects and sales.
·
Be better
understood.
·
Eliminate
indecision.
·
Avoid
being spammed 100% or more.
·
Have
recipient finish reading your email content.
·
Save time
by reducing questions.
·
Increase
your level of clarity.
·
Improve
you time management with your email.
·
Have
quick access to a wealth of relevant email information.
Enjoy
most of what you need for email in a single book.
=================================
**Important note** - contact our company for very powerful solutions for IPmanagement (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
==================================================
Another Special Announcement - Tune in to my radio interview, on Rider University's station, www.1077thebronc.com I discuss my recent book, above on "Your Career Is Calling", hosted by Wanda Ellett.
In addition to this blog, Netiquette IQ
has a website with great
assets which are being added to on a regular basis. I have authored the
premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to
Improve,
Enhance and Add Power to Your Email". My new book, “You’re Hired! Super
Charge
Your Email Skills in 60 Minutes. . . And Get That Job!” has just been
published and will be followed by a trilogy of books on Netiquette for
young people. You can view my
profile, reviews of the book and content excerpts at:www.amazon.com/author/paulbabicki
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
=============================================================
No comments:
Post a Comment