Thailand Internet Questions

[wannascuba]

I have a 2 questions regarding internet in Thailand.

1. When trying to go to Yahoo's homepage on the WiFi at my hotel in Bangkok, it will not load completely (times out). But if I Google Yahoo Finance or yahoo email and click on those links, it will upload the pages and I can use them. Just curious why?

2. Is it safe to use internet banking using a Hotel's WiFi connection?

Thanks,

WS

[Supernova]

2. Is it safe to use internet banking using a Hotel's WiFi connection?

Absolutely not.

I wouldn't use a public (wired) connection, let alone wireless to conduct any financial activity.

[wannascuba]

2. Is it safe to use internet banking using a Hotel's WiFi connection?

Absolutely not.

I wouldn't use a public (wired) connection, let alone wireless to conduct any financial activity.

Thanks Super Nova,

So is there any way for me to do this securely (IE additional software, etc, or?) or is it out of the question?

Also, this being the case, I can assume even logging into my email via hotel WiFi that this is a risk, at least for my email password.

Sorry for all the questions, but I am still learning about the security risks regarding the internet and don't want to be hacked or worse yet have my bank account wiped out, not that it adds up to much, but I worked hard to save what have. Many Thanks,

All ideas welcome...

WS

WS

[Mrjlh]

There's always a "risk" no matter were you are, but if are using a strong firewall, antivirus, extra password protection you should be fine. Don't use that free stuff because its just not reliable. Been doing it here for 5 years and never had problem. Even at the hotels. My Firewall reports attacks and so far never had any to worry about. Had more attacks in the states than here.

[Darrel]

I wouldn't use a public (wired) connection, let alone wireless to conduct any financial activity.

Financial online activity usually means SSL (https, padlock in the browser status bar, special icon near the address bar). This is secure and should not be a problem over public wifi. I use it often.

Emails and regular non-SSL websites will not be secure (unless your email is set up for SSL, like mine).

Another option is to use a VPN which will protect all data transfer between your PC and the VPN proxy.

I would be much more worried about someone looking over my shoulder, picking my pocket or stealing my laptop than someone cracking SSL over a Thai guest house wifi link. I would also be more worried about keyloggers, rootkits etc. installed by Thai computer stores or dropped via browsers from dodgy websites.

[keeniau96]

Roboform is a good way to go for insecure locations i.e almost anywhere, including your house if you have not applied proper security. Check out Roboform.com, they have free version as well as a USB stick version. The site explains all.

[wannascuba]

Thanks All for the reply's,

Will look into Roboform and give it a try.

WS

[Darrel]

Roboform is a good way to go for insecure locations .....

What makes you think that Roboform offers any sort of extra security when used over an insecure network? It's just a password manager.

SSL is the only easily usable system that offers any real security for your web-surfing or emailing. Without it your data (logins, passwords) will always be transmitted in a way that anyone on the same network could potentially view quite easily, if they wanted to.

This is why bank and shopping websites use SSL.

[jybkk]

Roboform is a good way to go for insecure locations .....

What makes you think that Roboform offers any sort of extra security when used over an insecure network? It's just a password manager.

SSL is the only easily usable system that offers any real security for your web-surfing or emailing. Without it your data (logins, passwords) will always be transmitted in a way that anyone on the same network could potentially view quite easily, if they wanted to.

This is why bank and shopping websites use SSL.

Absolutely.

The main risk here is not OP's computer protection but the wireless network itself.

In simplified, when you're connected to such an unprotected network, someone in the area could easily setup another wireless network that would look identical to the one of the hotel and, because it would be stronger or closer from you, trick your computer in going through it to connect to the internet. It could then follow everything you're doing on the net, including intercepting non-encrypted passwords or sending you to a fake bank page where you will enter yourself the password, thinking it is the real bank's website.

Of course, there are not so many hackers roaming around and looking for potential preys, but there are now tools that make it pretty easy to set this up, and a lot of kids are having "fun" with this kind of things.

[MaxLee]

BTW, did anybody in BKK experience any Internet problems last weekend? Was it just me, or did the internet really suck? Bad connections on and off...

[wannascuba]

Absolutely.

The main risk here is not OP's computer protection but the wireless network itself.

In simplified, when you're connected to such an unprotected network, someone in the area could easily setup another wireless network that would look identical to the one of the hotel and, because it would be stronger or closer from you, trick your computer in going through it to connect to the internet. It could then follow everything you're doing on the net, including intercepting non-encrypted passwords or sending you to a fake bank page where you will enter yourself the password, thinking it is the real bank's website.

Of course, there are not so many hackers roaming around and looking for potential preys, but there are now tools that make it pretty easy to set this up, and a lot of kids are having "fun" with this kind of things.

This was the type of thing I was worried about, so would using a VPN help protect me against this, and which VPN would you recommend?

Thanks,

WS

[Darrel]

This was the type of thing I was worried about, so would using a VPN help protect me against this, and which VPN would you recommend?

A VPN would help because it establishes a secure link between your PC and some distant VPN proxy, probably in another country. As such it means that anyone spying on your local network will only see a mass of encrypted data which would be difficult (though not impossible) to crack.

That said, SSL (as used by all banks etc.) establishes a secure link directly between your browser and the bank server, which would also be extremely difficult to crack.

Which VPN is best? Depends on your circumstances, how much (little) you want to pay, what you want to use it for and which countries you want the proxy (end point) to be in.

[wannascuba]

OK, I am learning a lot from all replies, I apologize for my lack of computer literacy, but am still learning. For what it is worth, I never use internet cafes, have strong passwords, use different passwords for each account, and change them NLT every 6 months

So from what I have gathered so far, as long as my banking and stock account websites are SSL (which I just checked and all are SSL), then I should be fairly secure using my hotels WiFi (as long as it is not a fake WiFi network setup by a hacker) and a VPN would not really be necessary, except for a second layer of protection? Is this correct?

[nikster]

Roboform is a good way to go for insecure locations .....

What makes you think that Roboform offers any sort of extra security when used over an insecure network? It's just a password manager.

SSL is the only easily usable system that offers any real security for your web-surfing or emailing. Without it your data (logins, passwords) will always be transmitted in a way that anyone on the same network could potentially view quite easily, if they wanted to.

This is why bank and shopping websites use SSL.

Absolutely.

The main risk here is not OP's computer protection but the wireless network itself.

In simplified, when you're connected to such an unprotected network, someone in the area could easily setup another wireless network that would look identical to the one of the hotel and, because it would be stronger or closer from you, trick your computer in going through it to connect to the internet. It could then follow everything you're doing on the net, including intercepting non-encrypted passwords or sending you to a fake bank page where you will enter yourself the password, thinking it is the real bank's website.

Of course, there are not so many hackers roaming around and looking for potential preys, but there are now tools that make it pretty easy to set this up, and a lot of kids are having "fun" with this kind of things.

^^^ Nope, that's absolutely wrong.

SSL is safe, and it's made for just such a scenario - the problem is, nobody understands it.

If you want to make a safe connection, it doesn't matter where you are, or whether you are on a wireless or wired connection. There are only two things that matter:

1 - The connection is HTTPS. Look for the "lock" symbol in your browser (and for God's sake don't use IE, please, use Firefox or Chrome); look at the URL - does it say "HTTPS" or "HTTP"? the "S" stands for secure. You need that. All bank websites offer only that anyway so for banking, it's a given that it's HTTPS.

2 - The certificate is valid. This is the thing that people don't understand, so pay attention: If you get an alert saying "The certificate is expired" or "can't be verified" or anything like that - basically any dialog at all that prompts you whether you want to connect despite the fact that it's unsafe to do so - SAY NO. Cancel. Back out. Don't do it. Something, somewhere is wrong, and you cannot do your banking transaction over that connection right now. Maybe the connection is compromised, maybe your machine is compromised - who knows. But people will steal your stuff if you proceed.

That's all you have to do. Many people will simply click "OK" on anything, and that's where the problem arises. Windows has trained us that alarms are stupid and annoying - and in 99% of cases they are. But the SSL certificate dialog is an exception - you need to pay attention to that.

The idea behind SSL is that it protects you against the worst of all attacks - a man in the middle attack where a malicious entity sits in-between you and your bank, and hands messages back and forth. SSL certificates are verified against a 3rd party website that has nothing to do with the involved websites, and the verification cannot be simulated due to cryptographic measures to prevent such a thing.

[justsumhelp]

On the right track. But here are some more tips, make sure when looking at the address in your web browser it read https: the little lock icon can be easily spoofed. Also it would be best to use a vpn because some websites that use ssl only use it on the login page, which means that all of your traffic after you login could be emulated (see firesheep) and most instant messaging is easily sniffed, msn im looking at you. For a vpn try something like Hotspot shield or some from this list http://www.zeropaid.com/news/94826/top-5-free-vpn-services/

OK, I am learning a lot from all replies, I apologize for my lack of computer literacy, but am still learning. For what it is worth, I never use internet cafes, have strong passwords, use different passwords for each account, and change them NLT every 6 months

So from what I have gathered so far, as long as my banking and stock account websites are SSL (which I just checked and all are SSL), then I should be fairly secure using my hotels WiFi (as long as it is not a fake WiFi network setup by a hacker) and a VPN would not really be necessary, except for a second layer of protection? Is this correct?

[Darrel]

So from what I have gathered so far, as long as my banking and stock account websites are SSL (which I just checked and all are SSL), then I should be fairly secure using my hotels WiFi (as long as it is not a fake WiFi network setup by a hacker) and a VPN would not really be necessary, except for a second layer of protection? Is this correct?

Yes. SSL (which implies https and the padlock icon as I mentioned in an earlier post) is sufficient protection, though of course nothing is perfect. If the banks didnt think it was good enough they probably wouldnt let you use it.

You are much more likely to have something stolen from your room than to have data intercepted over an https SSL link. In fact you are probably more likely to be shot dead at breakfast than to have encrypted data intercepted.