Pending city approval, free WiFi is expected to hit the streets of Boston this summer, turning about 16 existing pay phones into
wireless hacking hotspots. Last summer, a similar pilot program launched in New York City, turning about 10 public payphones into wireless hotspots.
The hotspots will offer ongoing Internet access for an unlimited amount of time at no cost to users or taxpayers — but does the city know what it’s potentially doing to its throngs of residents, students, and tourists?
While this program seems really cool in theory, it’s potentially risking people’s online security and identity in a big way. Not to be dramatic, but this is exactly the sort of widespread program that hackers and online crooks love — they will be delighted to know that the service could expand to as many as 100 existing payphones throughout Boston this summer and as many as 400 payphones by the following summer.
Risks Involved With ‘FreeBostonWiFi’
Although the city says this program is being carried out on a trial basis, the security risks are very real and very long-lasting. After all, victims of identity theft and fraud require countless hours to restore their good credit and good names.
Remember — it’s not the crime you can see — for example, graffiti — but the crime you can’t see. Take identity theft, credit fraud, or any other type of cyber crime — all of those terrible things happen without seeing the actual dirty fingerprints of the criminal at work.
Here are five reasons why carelessly expanding WiFi hotspots isn’t necessarily the best idea:
- Not everyone is using a virtual private network (VPN). Without using a VPN on a laptop, smartphone, or tablet, a person is essentially broadcasting every last detail of their online lives. Facebook or Twitter passwords, online bill payments, chats, IMs, and even work-related files — all of that is easily “seen” and “heard” when on public WiFi. That’s because wireless signals are merely radio waves — and like any radio waves, all you need is a receiver, tuned to the right frequency, to listen into all the Internet communications at a WiFi hotspot. By using a VPN, all of your communication is encrypted (think: scrambled!) between your laptop and the VPN’s remote server.
- A payphone on the street is not as secure as your home-sweet-home. Connecting to any network that offers free Internet access — whether on the streets of Boston, in a Starbucks, or in a hotel lobby — makes people incredibly vulnerable to hacking attacks. Many people assume that public wireless is safe, but that couldn’t be further from the truth. Public wireless is not the same as logging into our home or office networks. Again, that’s where using a VPN is so incredibly effective in safeguarding online privacy.
- Even the FTC knows better. In a new video from the FTC, entitled Using Public Wi-Fi Networks, it explains what we’ve been saying for years: public hotspots don’t encrypt information you send through the network! As the FTC now advises, “If you log in to an unsecured website — say a social networking site — or enter personal information in a web form, you may be sharing that information with others on the network. Hackers could use the information to hijack your accounts, or to impersonate you.”
- Being a victim is expensive! In 2011, the FBI reported that 300,000 identity theft victims lost a combined $1.1 billion to Internet criminals. That’s an average of about $3,666 per victim. The typical Internet criminal commits literally thousands of these crimes and almost never gets caught. According to the FBI, nearly 304,000 Internet crime complaints in 2010 resulted in 1,420 cases and only six convictions. So for every 50,000 victims, one cybercriminal was convicted.
- And last, but certainly not least, who is profiting? How are the payphones’ wireless providers and/or the city of Boston making money? Will the payphones be using display or targeted advertising? (Things that make you go “hmmm” indeed.) When you visit a website, the site collects your IP address, web browser, operating system, browser security, whether or not you have a firewall, browser plug-ins, the country you are located in, pages visited, referring page, and the visit time. A cookie is used to keep track of you as you visit various site pages. As most websites are supported by advertising, the advertisers also place a cookie on your computer that allows them to track your behavior across all the sites they advertise on. Advertisers also use “web bugs” to create a behavioral profile (think: Amazon). However, many websites also sell personal data they collect about you to third parties, which means that your behavior is known not only by the sites you visit, but other entities with which these sites share their information.
Boston says this new program is free — but nothing in life ever is — so protect your privacy and security and think twice before a cyber-thief finds you first.