Wireless networks are easily hacked, and public networks are the least secure. I won’t take any chances; I’ll always encrypt my wireless connection.
Set up WPA encryption
Assuming that you own the wireless base station you’re using, configure it to use WPA or WPA2 encryption (see
Protect Your Mac
). You’ll have to choose a password and enter that password on each computer that connects to the network; be sure to follow my advice on passwords when you do so (see
I Will Use Good Passwords
). Remember that you can use the keychain on each computer to remember those passwords so that you have to enter them only once.
All recent Macs and AirPort base stations support WPA, which is reasonably secure. The first-generation AirPort base stations, however, support only the older WEP standard, which is easy to break. Some third-party wireless access points also lack WPA support. If your base station doesn’t support WPA (or WPA2), consider upgrading to one that does. If that’s not feasible, consider using a VPN.
You could skip this step if you live far from any potential eavesdroppers. But even then, it doesn’t hurt to set up WPA encryption—it’s a one-time change that could keep you safer later on.
4. Makes you practically invulnerable.
3. Good, strong protection—but a really determined intruder can overcome it.
2. Helps deter casual meddlers, but someone who wants to get in will.
1. Makes you feel better, but won’t really keep out intruders.
4. Let’s be honest: it’s a pain in the neck.
3. Takes consistent, considerable effort.
2. Takes a little effort, but it’s not a big problem.
1. Set it and forget it.
Use a VPN in public places
If you’re not connecting to your
base station—but instead are using a public access point, whether paid or free—your wireless security is at risk. Public hotspots rarely use WPA encryption, and even the few that do aren’t necessarily secure. That’s because WPA protects the data only between your computer and the base station; you have no way of knowing what’s happening between the wireless base station and the Internet. So the safest tactic is to use a VPN, or virtual private network, which encrypts all the data sent between your computer and the Internet. It’s the most reliable way to keep anyone from watching your data when you’re connecting wirelessly on the road.
Numerous vendors offer Mac-compatible VPN services, such as
($60); at least one—AnchorFree’s
—is free. After downloading and installing the software, you simply choose Connect from the Hotspot Shield menu and wait a few seconds for a connection message to appear in Safari. Thereafter, all your wireless traffic will be encrypted.
Don’t get us wrong: when we say that safe computing is a matter of changing some of your personal computing habits, we’re not saying you should ignore other security precautions; we’re just saying those precautions may not be enough on their own. Here, just to remind you, are the five things all Mac users should be doing to keep their systems safe (see
more security steps
you can take):
Use antivirus software.
Install Apple’s security updates.
Turn on the Mac OS X firewall.
Turn on encryption in iChat.
Back up your files.
Joe Kissell is the senior editor of
and the author of
Take Control of Passwords in Mac OS X
(Take Control Books, 2006).
Wireless Protection: Using Apple’s AirPort Utility (shown here) or AirPort Admin Utility, choose one of the WPA or WPA2 options in the Wireless Security section, rather than the older and much less secure WEP.Protection via VPN: With AnchorFree’s Hotspot Shield software installed, you can connect to a free VPN anywhere through this systemwide menu; a Control Panel (shown here in Safari) indicates your VPN connection status and current (private) IP address.