Coffee Shop Hackers: How To Starbucks-Proof Your Laptop

Starbucks is offering free wi-fi in all of their locations starting today, so Lifehacker has some instructions that will help you keep your laptop safe while using public wi-fi. (Not just at Starbucks, obviously.)

Here’s why it’s important:

Just because most wireless routers have a firewall to protect you from the internet doesn’t mean you’re protected from others connected to the same network. Lots of wireless hotspots these days are completely unencrypted, usually so they’re easier to connect to (baristas don’t need to be giving out the internet password to everyone that walks in). However, this leaves you unprotected against malicious users in the same coffee shop, so there are a few settings you should always make sure to tweak when you’re connected to a public network.

Anyway while this may help protect your from hackers, we must admit that your laptop will never be totally Starbucks-proof until they invent coffee-repellent.

How to Stay Safe on Public Wi-Fi Networks [Lifehacker]


Edit Your Comment

  1. FatLynn says:

    Oh, I thought this was going to tell me how to avoid spilling coffee.

    • pecan 3.14159265 says:

      I did too, and I was disappointed to find this was not the case.

    • whogots is "not computer knowledgeable" says:

      Me too. Well, you can’t teach me how not to spill stuff, actually, so I thought it might have tips for choosing a protective keyboard membrane.

      I really did.

      • HogwartsProfessor says:

        I need one of those. I write at lunch and today I spilled salsa on my ‘puter. Luckily it was on the flat part next to the touch pad and not on anything that would have fried!

        I did drop a cracker crumb in the keyboard one day. It still hasn’t come out. Either it burned up, it’s still in there or the computer gnomes ate it.

  2. Gruppa says:

    This is good advice. Curious people like myself always fire up NMAP when connecting to an unsecured hotspot to see what else is there. And for FSM sake people, if you’re running home wireless at least turn on WEP. I was at the laundromat the other day and found someones unsecured wireless with ALL default settings. They hadn’t even changed the router admin name/password so I logged in, changed the SSID to “your dog shits in my yard”, logged off and went home.

    • grumpskeez says:

      That was you? I don’t even have a dog.

    • tbax929 says:

      That was a shitty thing to do…. pun intended

    • freelunch says:

      I hope you do not feel that your actions were appropriate…

    • Clyde Barrow says:

      Actually it will end up being a valuable learning lesson for that person. In the end, he’ll have to take time to call and have his router re-set and set it up appropriately. If you didn’t do anything malicously, this person will hopefully get a wake-up call to reality and not let that happen again.

      Love the SSID thing though. I laughed out loud here at work on that one but everyone in my office is gone.

      • Clyde Barrow says:

        I meant to type “maliciously”.

        • Gruppa says:

          No I didn’t do anything really malicious like secure the wifi with my own password, then change the admin password for the router or set it up to only accept my MAC. Or even better, attempt to upload notepad.exe as a new fimware file and possibly brick it.

          I don’t even know if they were using the wireless but I didn’t change any security settings, just the SSID. I’m tempted to go back and see if it’s still up.

    • Happy Tinfoil Cat says:

      I’m laughing so hard.

    • The Marionette says:

      Funny enough I told my friend about the same thing for his router, he changed nothing from the factory settings, no passwords, no encryption, nothing to protect him on his router nor on the pc itself and over the months I noticed it still wasn’t changed so I used my ipod to connect to his wifi, and repeatidly restarted the router, then i just changed passwords, had the net be blocked during late nights, etc until finally i convinced him it was a “hacker” getting into it so he put wep keys and all that jazz.

    • Rena says:

      Man, be courteous. You don’t know how many cheap/unemployed neighbours were depending on them not realizing/caring that their system was insecure.

    • Tongsy says:

      I set up an unsecured wireless access point in my apartment with the SSID set to “Please don’t use”

      Every web page redirects to an awful website unless the request originates from my MAC address.

  3. UltimateOutsider says:

    In b4 “Buy a Mac.”

    • ssnseawolf says:

      If you don’t use SSL, it doesn’t matter what kind of computer you’re using. Use Lynx on Unix, I don’t care; I can still sniff your traffic.

      • johnva says:

        There are more threats to security associated with public WiFi networks than just sniffing, though.

    • Hungry Dog says:

      Using a Mac doesn’t mean your safe. Safari is so full of exploits we use it to teach the noobs. There is also packet gathering programs that allow people to see whats on the network. Also Macs still have several zero day exploits that have yet to be patched. Security thru obscurity.

    • AnonymousCoward says:

      A mac isn’t more secure than Windows. In fact, in a lot of ways, Macs are easier to hack than Vista or Windows 7. It’s just that there are more people that run Windows, so Windows is a more popular target for malware writers.

  4. mac-phisto says:

    can we get a sister “best free VPNs to use” article?

    eh, i couldn’t wait. here’s a site that boasts “top 5 free vpn services”. maybe i’ll start there.

    • Tracer Bullet says:

      OpenVPN for number 1 on that list plz. Last I heard Cisco’s vpn connector doesn’t even work on 64 bit windows, though I imagine that has probably changed by now. Still… they were several years behind the curve about 6 months to a year ago.

  5. TheSkaAssassin - College Man says:

    In a few years, free internet will be a fleeting memory. Then baristas WILL be handing out passwords with every cup of shitty, overpriced coffee.

  6. ap0 says:

    Even if the WiFi network had encryption turned on, if it’s a shared key, then it might as well be unencrypted. VPN VPN VPN.

  7. PSUSkier says:

    Two words: gratuitous arp. I can tell every computer on the network to send their traffic to me and then relay it back to the router allowing me to see what you’re sending. To the user it is seamless. I’m curious if they’re defending against that. I have a sinking feeling the answer is no.

  8. yankinwaoz says:

    I’ve noticed lately at some airports someone will set up an AP named “Free WiFI” which turns out to be a P2P network. I suspect they are doing this to browse the machines of idiots who connect to them and leave their computer wide open.

    • cjnewbs says:

      You are partially correct, it is an Ad-Hoc Wi-Fi network, however it is created due to how Windows handles these types of W-Fi connections.

      If you create a network called “Free Public Wi-Fi”, and someone else connects to it, next time they switch on their computer it will set itself up as another Ad-Hoc network called “Free Public Wi-Fi”. This is why it is seen at so many airports, its almost like an un-intentional computer worm.

  9. dethl says:

    4. Consider Using a Virtual Private Network
    4. Consider Using a Virtual Private Network
    4. Consider Using a Virtual Private Network
    4. Consider Using a Virtual Private Network
    4. Consider Using a Virtual Private Network

    DO THIS. I cannot recommend this enough. If you’re on a public wi-fi and someone wants your data it will be as easy as using a properly configured Ettercap.

    Also, if your browser starts screaming about an invalid SSL cert while you’re on public wi-fi, listen to it.

  10. ekincam says:

    Check your ISP. My ISP provides free VPN back to their servers.