Protecting Yourself Against Packet Sniffers

So how do we protect ourselves against packet sniffing? The answer is not to simply use password protected wireless networks. Someone who is intent on stealing your data will likely break the password. Once they are in the network, they can then run the packet sniffer and your information will be lost. So what do we do? The answer is to use encryption whenever possible!

Encryption algorithms are based on really hard computer science problems that will take an incredibly long time to brute force. Consequently, this is considered the only truly “safe” way to transmit packets. Banks, online stores, and other entities that deal with financial transactions on a regular basis encrypt the packets being sent to them. That is why you always connect to an https address with them.

There have been several high profile cases involving packet sniffing that has occurred in decade. You can read more about them at the end of this tutorial. However, one of the positive outcomes of these highly public cases is that a lot of websites are using encryption by default.

An easy way to check if your connection is encrypted is to look at the URL. If it starts with "https://" that means it is encrypted. In browsers such as Chrome, look for the little green lock and the words "secure". That lets us know that encryption is on.

Remember that if someone really wants to steal your information, they will try hard. There are a lot of malicious actors who are actively looking for vulnerabilities in TLS (the security layer that defines https).

Keep in mind that connecting to a site using encryption only protects your data as it is in transit to that site. If a site is hacked, or if the owner of the website decides to share your information with third parties, your personal information can still be compromised.

Protecting Your Data

The most reliable way to ensure that your data never gets stolen on the internet is to not use the internet. But, of course, this is not a reasonable or feasible course of action! To maximize the security of your personal data, follow these essential tips.

1. Never share anything online that you don't want everyone knowing. Be careful about what information you share on social media. This is not limited to text! Since perfect copies can be made of all digital content, be cautious about what photos and videos you upload or share as well.

2. Regularly Check your Social Media Security Settings. Lock down your social media accounts so that only real friends (aka, people you know in real life) can access them. Some websites reset your security settings on updates, so it is a good idea to periodically check and ensure that they are where you want them to be. Be sure to read the Terms of Service (TOS) of whatever social media site you use. Nothing online is truly free -- understand who owns and how they may use your data!

3. Reduce your social media footprint. Be careful about which "friend" requests you accept, and who is following you on twitter. Turn off GPS location posting on social media. If people know that you are in Hawaii, they know you aren't home! Remember, once it is online your information is there forever! It is extremely hard to remove content from the internet once it is there.

4. Use encryption whenever possible. Use https as much as possible when you search the web. Consider turning on encryption on your phone, laptop, or other devices you may own.

Click here to go back to the chapter.