The University of Arizona

Resources

Laptop/Wireless Security

Lightweight portable computers and PDAs make mobile computing easier all the time, especially with the increased availability of Wireless Internet access. Security is not inherently strong with Wireless, but there are steps you can take to make your connections more secure.

Secure your traffic

(Note: browsers indicate encrypted (SSL) connections with a locked padlock in the lower right corner of the browser window. Unencrypted connections show an unlocked padlock or no padlock at all.)

Protect your computer and data

Public Hotspots

Public locations that provide wireless Internet access offer other security risks. In these areas, you should:

General Practices

For more information, google wireless security.

FAQ

Q. Is it safe to use pine?
A.Once you ssh to a CS machine, all traffic is encrypted so pine is completely safe.

Q. I'm confused about setting SSL on in my Thunderbird mail client.
A. UofA email should be set to use SSL/TLS for IMAP and SMTP. For other mail servers, try SSL. If that doesn't work, try TLS options.

Q. What about HotMail or Yahoo! Mail?
A. When signing-in to Hotmail, SSL is used automatically to encrypt your email address and password. When signing-in to Yahoo!, select Secure mode instead of Standard to use SSL.
However, be aware that reading and writing emails does not use SSL. Your password is protected, but the emails are downloaded and sent in the open.

Q. I don't use Windows. Should I worry about patches?
A.Yes. Windows vulnerabilities are widely publicized and exploited, but other operating systems (Mac, Linux) have their own security issues.

For Macs, read about security at http://www.info.apple.com/usen/security/index.html or http://www.securemac.com/.

See http://www.info.apple.com/ to download updates.

For Linux, see the website for your particular flavor, e.g., for RedHat: http://www.redhat.com/solutions/security/.

For general Linux security, see http://www.linuxsecurity.com/.

Q. What is spyware?
A.As defined on http://searchcio.com:

In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge. On the Internet, spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program.

There are several tools available to find and eliminate spyware, including Sophos and Spybot.

Other Spyware Removal Tools: http://www.spyware-removal-tools.com/

Q. Is the UITS VPN all I need?
A.The VPN encrypts all your traffic so it can't be sniffed by other wireless users. However, it's no panacea. It won't (by itself) protect your machine from viruses or other OS/protocol exploits.

Q. Do I have to worry about security in CS or just in other places (like public hotspots)?
A.Security is a concern everywhere. On CS department machines (labs/office desktop), we have facilities in place to limit exposure to security threats. Any other access is outside of our control. You may have no idea what protections are in place or what risks are present--so be conservative and follow the guidelines of this document.


Q. Overall, what should I do for better security?
A.

Q. Overall, what should I not do (or avoid) for better security?
A. A lot of what to avoid is common sense (e.g., leaving your laptop unattended). Follow the guidelines in this document. The biggest mistake you can make is to ignore security and hope that you won't be affected. You will--it's only a matter of time.


Last updated August 26, 2013
Send questions about this page to