Everyone has heard that the free Wi-Fi at Starbucks is not secure and is a haven for hackers. Starbucks isn’t alone. Every unsecured Wi-Fi network poses risks, as do Wi-Fi networks with easy-to-hack passwords, perhaps
There are easy ways, however, to protect your devices from Starbucks-type hackers, as well as methods of determining how secure your network is. In this
Each program can help prevent attacks and protect the release of confidential information and other sensitive data.
Using Norton WiFi Privacy
I have used Norton WiFi Privacy on my smartphones and tablets for about one year—and wouldn’t leave home without it. After installing the app, you specify what region (country) you are in or you let the program determine your location. Then, whenever you connect to an unsecured network, it automatically connects to a VPN, at times in a different region, with the goal of ensuring you do not notice any loss of internet speed or connectivity and that your connection feels as if you were at home. You can also configure the program to notify you when you are connected to an unsecured hotspot and make the decision each time whether to connect to Norton’s VPN. I don’t recommend this latter setting because of how seamless the automatic connection is and because it’s easy to forget to connect.
When you are connected to the VPN, the app uses bank-grade encryption, making it extremely difficult for hackers to access your device. Because hackers look for easy targets, they will likely ignore your encrypted device and look for easier prey to steal from. The program also can block ad trackers that keep track of your internet activity.
If you discover that the program doesn’t always
Norton WiFi Privacy is sold on a monthly or annual basis, and you can purchase a subscription for one, five or 10 devices. A one-device subscription costs $4.99 per month, and a five-device subscription is $7.99 per month, but the annual subscription for either one or five devices is $39.99 annually. I have installed the app on every mobile device I own and love the peace of mind I experience when I periodically check the program and discover that while everyone else in the store may be on the exposed network, I’m securely connected to a VPN.
Understanding Elcomsoft Wireless Security Auditor
While Norton WiFi Privacy protects your devices, Elcomsoft Wireless Security Auditor (EWSA) protects your wireless network by analyzing it, searching for Wi-Fi traffic and running an attack on the network’s WPA/WPA2-PSK password. A WPA/WPA2-PSK password contains a combination of characters and is the type of wireless password found on most public networks.
Elcomsoft explains the full capabilities of EWSA, noting that you can “perform a full-performance attack on Wi-Fi passwords. Running on multiple computers, Elcomsoft Distributed Password Recovery can utilize all available resources (CPU and GPU units) when attempting to break your wireless password. If your password cannot be recovered after a reasonably long distributed attack, you may assume your network is sufficiently secure.”
This description is probably beyond most lawyers’ comprehension. But that doesn’t matter—we didn’t go to law school to be network hackers. Because lawyers have an obligation to take reasonable measures to ensure that their client’s data remains confidential, this program helps them meet their obligations by confirming whether their wireless networks are vulnerable.
I tried the Professional Edition version of the software on my home and office networks and even set up a guest network with a very weak password. Then I let it run. After trying various types of attacks, I was unable to crack into my home or office networks, all of which had what I had hoped were highly secure passwords.
On the other hand, the program discovered the weak password in about an hour in Dictionary Attack mode. Using its Word Attack mode, EWSA discovered the weak password in a few minutes. EWSA has four other modes designed to crack a network password: Mask Attack, Combination Attack, Hybrid Attack and Custom Attack.
EWSA does not come with any instructions, and those without a computer or network security background will find the built-in Help function to be less than helpful. As a result, when I began using the program, I could discover my wireless networks but had no idea how to add the network to the project window—that is, the window you use to set up and start your attacks.
For “real” help I turned to YouTube, where I discovered numerous videos that showed me how to use the program, including discovering networks, adding their identification information to the project window and running the various types of attacks. For a program that costs $299 for the Standard Edition and $599 for the Professional Edition, there should be more robust, user-friendly documentation.
The Standard Edition supports up to two central processing units and one graphics processing unit. The Professional Edition includes a built-in wireless sniffer (for AirPcap adapters and general Wi-Fi adapters), hardware acceleration on AMD and NVIDIA boards and supports up to 32 central processing units and eight graphics processing units. But, like the software itself, most lawyers will not understand these terms.
I recommend the Professional Edition because of its ability to locate adapters connected to your wireless network. Do you need to have that feature? No. But when it comes to network security, you’re always better off having the most versatile product, just in case. A $599 cost is far cheaper than the cost—and the potential publicity—that could accompany the news story that a hacker accessed your client data and posted it all over the internet.
Neither the ABA nor ABA entities endorse non-ABA products or services, and this review should not be so construed.