It was a chilly Sunday morning when U.S. Senator Charles “Chuck” Schumer rolled in to Birch Coffee, a popular Manhattan café that boasts free wireless Internet for its customers.
With an entourage that included several Congressional staffers and a small group of journalists, the Senior Senator from New York arrived with a mission: to showcase the dangers of using free wireless and how cybercriminals use it to steal financial details and commit online identity theft. The group quickly got everyone’s attention after one staffer downloaded Firesheep and quickly hacked into another staffer’s Twitter account while using Birch Coffee’s open wifi network.
Naturally, the news quickly went viral (Bob Dole once joked that the most dangerous place to be “is between Charles Schumer and a television camera,” because the New York native is known for calling attention to important issues to prove his point.)
The event even prompted Fast Company to suggest that “cafes may be unintentionally hosting a new bastion of Internet lawlessness.”
So we decided to track down the Senator and hear more about his efforts in Congress to enact better security measures for Americans still largely unaware of privacy risks while using free wifi in airports, hospitals, hotel rooms, cafes, and elsewhere.
Part One: Why He’s So Passionate About Wifi Privacy
ER: Let’s start with what everyone wants to know. Why are you so passionate about wifi privacy? Were you or someone in your family personally affected by online identity theft or some other type of online invasion of privacy?
Senator Schumer: You know, one of the things I do every year is go to every county in New York, and the reason I do that is because I think it’s the best way to stay in touch with what people actually think.
So, a few times when I was out in the state people brought this issue up to me and said I should take a look at it. And in terms of the big picture of Internet security, I think we’re entering into this new and different place where virtually anything can be done online and so it’s incumbent upon policymakers to make sure that the Internet is place where commerce thrives and people can have their basic privacy respected.
ER: But no one thinks they will be a victim of identity theft or a data breach. The really sad thing is that most people won’t notice for months, if not years, that their accounts have been compromised or their identities stolen. How prevalent is online crime in wireless hotspots, specifically cafes and airports?
Senator Schumer: There are really two parts to this.
First, it’s incredibly easy to have your identity stolen using wifi. When we first went public with our push for HTTPS, a staff member of mine was in Birch Cafe, and he showed members of the press how easy it was to hack into someone’s account. Obviously a lot of people were stunned — so that’s one.
Second is that not many people know about it. Since we’ve done this I’ve had people come up to me from across the state and say, “Wow, I never knew that it was so easy to have your identity stolen — thanks for speaking up.”
So those are two big pieces of the problem.
ER: That’s good to hear people are starting to become more aware thanks to your efforts! It seems like so many people install pricey security systems in their homes and cars, yet they are still naïve when it comes to the risk of “being naked” in hotspots. The odds are clearly favoring the cybercriminal, right?
Senator Schumer: Well, I think it comes down to people not knowing the risks. What I suspect most people know is that if you put your credit card information in somewhere online you shouldn’t hit the “back tab,” and that you shouldn’t respond to odd emails that ask for private information.
But beyond that, I don’t think a lot of people are aware of how easy it is to have your identity stolen when you’re out somewhere using a wifi connection. So hopefully if people keep speaking out publicly that will raise awareness.
Editor’s note: Check out Part 2 and learn why Senator Schumer thinks companies that use the less-secure HTTP protocol are “putting out a welcome mat for would-be hackers.”