Don't Fall For The 'Free Wi-Fi' Scam

As I sit here preparing for another business trip, this time to ISSCC which begins tomorrow, I just remembered a tip I'd been meaning to pass along for a while. Some of you may have encountered, when scanning for open access points, APs broadcasting a 'Free Wi-Fi' SSID or something similarly named. As this Slashdot post points out, don't take the bait; if you're not up-to-date on your O/S patches, or if you've enabled file sharing without password-protecting your HDD, you'll be in danger of having your computer pwned.

This Lockergnome post on the subject contains another good suggestion; unless you explicitly need your computer to be able to communicate with other wireless gear over a 'peer-to-peer' or 'ad-hoc' connection (such as a Nintendo DS or Sony PSP), it's a good idea to configure it to only recognize 'access points or infrastructure networks'. Note, however, that this isn't a foolproof salvation from scams like the one described above; all a cracker needs to do is tether his or her computer to a compact travel router in order for 'Free Wi-Fi' to broadcast from an infrastructure device.

At the end of the day, that well-known saying remains relevant: "If it sounds too good to be true….it probably is." Consider yourself duly warned.

Followup: Perhaps the situation isn't quite as dire as I'd originally feared; an interesting viral case study. Still, I stand by my earlier recommendation to disable peer-to-peer connections unless you really need 'em.