Not really a fun water cooler topic, but something I feel is important to us small biz folk.

DO NOT do any banking, email, or even log into a site over wifi. But after looking into my own wifi security I have found that it is very easy to break a wifi password, and even easier to fake a wifi network name and put a computer between you and the internet (man in the middle attack) so that all our info goes through the attacker's computer while accessing the internet. I plan on making some videos soon to explain how it works and show you what you can do to protect yourself, but for now... just don't do it! Plug in that Ethernet cable!

True you have to be careful with wifi, but it's not always practical to plugin an ethernet cable. Kind of defeats the point of wifi in the first place. How do you feel about WPA encryption. I think it can be broken, though my understanding is the protection isn't bad.

I think it's also important to realize that while wifi passwords can be broken the overwhelming majority of people would have no idea how. Granted security by obscurity is not the way to go, but there are still many things more likely than your home office wifi getting hacked.

But you do raise a good point that wifi isn't the most secure thing in the world.

People that want to get in will find a way.

Even if your computer never accessed the internet, it'd still be possible to load a virus on it if you really put your mind to it. You'd have to do it in a non-conventional way, but it is possible.

Perhaps the better solution is to make sure you change passwords frequently and to use things that are difficult to guess.

Of course, you could try the old trick of getting into your car and driving to the bank to conduct business. No joke - that's what I have been doing for the past year.

I don't worry about stuff like this. I'm as secure as I can reasonably be (my network is private, my router is WPA keyed, and every computer has a logon password). If someone is talented enough to get by that... well, why on earth would they bother with me, then?

I'm with Dan on this. Setup the WPA-2 encription, passwork protect the computer and don't worry about it. Can these be broken - yes. So why is this not a worry:

I think I would notice someone in my driveway using a computer
If they are close enough to get my WIFI, there are a lot easier methods to get my banking and credit card info


I would be more worried if I live in an apartment were a dozen other apartment could get my signal in privite, but not much.

Of course, you could try the old trick of getting into your car and driving to the bank to conduct business. No joke - that's what I have been doing for the past year.

*cringes* People still go into the bank?

Well I know I still go to the bank. Just for business deposits though.

I think there will always be risks to doing things online, you just have to do what you can to make them acceptable risks. Personally, the convenience of being able to do things easily from my home makes it worth it to me. I take all the precautions I can, and that makes the slight risk that something might happen an acceptable one.

It's not the potential theft of money that bothers me. It's the threat of having to spend so much time sorting out the mess afterwards.

My wife recently had her purse snatched. Because it was so immediate, we could get onto the credit card companies, telephone company (cellphone) and DOT (driver's license) right away, yet even in that half hour, the thieves had used one credit card. Then there is the time to get the house rekeyed, get the car rekeyed (her keys were in the purse), arranging and waiting for replacement credit cards, getting a new cellphone, obtaining a new drivers license, arranging a new account a the bank (her checkbook was in her purse), visiting all the people whom she had paid by check which had not yet cleared.....

One purse snatching - about 15 seconds - wasting hours upon hours of time packed full with negative energy. (Some of those hours were no doubt spent buying a new purse! Even the fun of that would have been diminished by the necessity of it.)

Just think how much more complicated an on-line personality theft would be when you don't know about it until days, perhaps weeks, after the theft, when all sorts of crap hits the fan! When your credit files at Experian et al are screwed up, and when a car dealer is chasing you for payment on that new Mercedes you didn't buy! When the bad credit reports are resulting in current debt, that is yours, now being charged at default interest rates of 28%, 45% or higher!

Get out of that in a hurry, if you can. I'll take a nice pleasant drive, in my nice, comfortable Buick on a calm afternoon, to the friendly little bank with the pretty teller I can chat with for a few unhurried minutes.

Frederick the problem with identity theft is even if you do no banking online someone could still steal your identity by hacking the bank or any other place where you've given a social security number or other identifying info.

Years ago I was hesitant to give credit card info to a website and then I started thinking back on my retail days working behind a cash register. Let's just say it's very easy to remember your credit card info during a transaction. At times you're handing your card over to someone who's not all that happy at work and I've worked with people who clearly didn't have a high moral code. It's easy to think this only happens online, but it can just as easily happen offline.

Frederick the problem with identity theft is even if you do no banking online someone could still steal your identity by hacking the bank or any other place where you've given a social security number or other identifying info.

Ever write a check out to somebody? You're giving them your bank account #. Anyone with $20.00 could buy some blank check paper, and a software program to print checks to your account. All you need for the signature line is "Authorized by your depositor" or something similar. The bank won't question it!

I'd be much more happy having my credit card number stolen then checking account. There is a lot more protection for unauthorized credit card charges than you are offered with unauthorized checks (or debit card transactions).

And I'd also rather lose my credit cards than cash. Good luck recouping that, even if you did somehow record the serial numbers of your money. The only people that do that are those interested in that "Where's George?" site, or the police in drug stings.

So your safest option is still credit :)

When you think about it, it's amazing all the information we give out that we probably wish we could keep secret.

Yep. Even on this forum. It's possible to obtain your IP, find out your ISP, and locate where you are posting this message. Maybe not the easiest task, but not impossible.

Plus if you ever deleted a file off your hard drive and thought it was permanently deleted, it probably wasn't. Amazing the stuff forensic scientists can find :)

The reality is that there is very little that's really private nowdays. It's amazing how much I've found out about people just by doing a Google search. Unless you make a concerted effort to stay completely out of every database everywhere, you can be found. That's just the way it is.

Yep, put something online anywhere, even for just a moment, and you can expect it to be around forever. You can remain private if you really want, but it's a lot of effort and you have to keep at it all the time.


Plus if you ever deleted a file off your hard drive and thought it was permanently deleted, it probably wasn't. Amazing the stuff forensic scientists can find

Yep again. I don't think people realize that deleting a file just means you remove the pointer to it and reassign that storage space to allow it to be overwritten. That doesn't mean it ever will get overwritten though. If you really want to delete something you need to take a few more steps, usually involving additional software. And to completely delete something usually means trashing your hard drive.