Go to Homepage
The only difference between first class travellers and first class idiots is the price they pay.
Vijay Verghese, Editor, Smart Travel Asia

Ain't no way to hide your prying eyes

How your Wi-Fi surfing could be hijacked and what you can do about cell phone snooping, overly cosy teddy bears, and dead Nigerian dictators.

Vijay Verghese/ Editor

Change font size Smaller font Larger font

Print This ArticleE-mail This Page
Visit our Facebook page
Mobile phone snoops are everywhere
Everyone wants your phone /photo-illustration: Vijay Verghese

I WAS HAVING DINNER with a friend recently when a distinguished looking gentleman glided past, a glamorous siren draped over one arm, both besieged by fussing waiters. When the eddies of rustling menus and obsequious whispers had subsided, my friend turned to me, face flushed. "I would never marry a good looking guy," she huffed. "Pray why not?" "You can never trust a good looking man." We pondered this for a moment, she over a Veuve Clicquot, and I over a cup of hot green tea. The idea that an exquisite woman could marry some ugly porker and sip Fat bastard Shiraz for the rest of her life, took a while to percolate. "You'd marry an ugly guy?" "Yes". I wished I hadn't shaved or worn a tie. I also wished I had had the foresight to smack my face with a hot frying pan.

This sort of thinking is not uncommon and upends any thesis of Darwinian evolution into a world peopled by Amazons and gods all secure in their perfect profiles. I've waited nigh on 56 years to see, and perhaps enjoy, this miracle, but now we are careening headlong towards the Planet of the Apes. Marrying ugly – and then having your countenance challenged offspring pairing even farther down the looks gene pool – would result in, well... you get the drift. Pulchritude could soon be a crime. Whatever happened to looking for a "good" person? Or finding your inner child? Or self confidence?

Send us your Feedback / Letter to the Editor

There is a serious trust deficit when it comes to modern relationships. This has spawned bizarre solutions like FlexiSPY that enables eavesdropping on your near and dear. "You have the right to know if your partner is sleeping with someone else," the company advertises. I guess it's time to toss out my teddy bear. The programme is easily installed on any cell phone and enables the wiretapper to listen in to calls, read SMS messages and e-mail, track GPS location, send an alert if the SIM card is changed, and even turn the target's phone into a live microphone to pick up ambient sound.

Your best friend, that humble mobile phone or Wi-Fi enabled device, is under threat from phishers, scammers, and now, jealous partners willing to shell out US$349 a year for the devious, if chatty, comfort of FlexiSpy. Travel has never been so precarious.

The wireless world comes with the certain knowledge that someone may be able to snoop on you and compromise your conversations – and bank accounts. Most travellers never consider it might affect them. Yet it does. In a number of ways. The problem arises with "unsecured" connections between your mobile device and the network you are currently plugged into. Unsecured, or unencrypted, exchanges are a constant source of vulnerability. This applies equally to your wireless router at home or at the office that may be open to easy hijack.

The network you have accessed could be a scam. Your private data is now moving first to the rogue interceptor device, perhaps at the next table, before continuing to a legitimate network

The simplest scenario is where you flip open your laptop or cell phone and attempt to pick up a Wi-Fi signal, say at the local Starbucks. Your device identifies a network and logs on. This might be a network identified simply as "Free Public Wi-Fi". The potential problem here is the network you have accessed could be a scam with the result your data is now moving first to the rogue interceptor device – perhaps a laptop at the next table – before continuing to any legitimate network. If your data is unencrypted it is open to viewing by any third party. This sort of attack or information heist is effected through clever use of a "bridge" between you and the real network.

Someone with the right equipment could also set up a fake GSM signal to con your phone into thinking it was talking to a legitimate cell tower, thereby intercepting your calls to listen in or redirect as desired. Of course 3G is more secure but GSM is in wide use and also offered as a backup if the 3G signal has been jammed.

A scammer might log on to your unsecured home or company Wi-Fi transmitter, and begin operating on the internet under your "shield". Whatever this person does will appear to be activity originating from your PC or mobile device. He might ogle at penguins or pandas, or get up to more pernicious activity, like voting for Rick Perry as the GOP choice. He can burn up your bandwidth allowance with child pornography downloads leaving you to pick up the bill and the consequences. And once his laptop has remembered your location, he will have little trouble logging on subsequently.

"Packet sniffing" is another egregious practice, easily accomplished with a Firefox plug-in like Firesheep that literally sniffs for cookies in the vicinity from social network sites and Web mail. Once you've hijacked someone's live session you can then log on as that person to cause endless embarrassment on Facebook or any mail account. Firesheep opens a sidebar on your browser with a "start capturing" button which, once activated, collects all available sessions in the vicinity. You double click any one and log on as that person. This is almost as scary as the aforementioned Mr Perry saying he has five things he would do if elected – and not just three. Mozilla, the open-source sponsor of the Firefox browser, maintains the plug-in is indeed, as its architect avers, a device to unmask loopholes rather than exploit them. And Android phone users can exploit open Wi-Fi security lapses with Faceniff.

Fortunately, the growing use of HTTPS (secure hyper-text transfer protocol) on Web servers is denting some of Firesheep wannabes' woolly enthusiasm, though the proliferation of UIOW (utter idiots on the Web) evens the balance somewhat. There are encryption solutions like OC Shield too that scramble Wi-Fi data. But then the best scams are the simplest ones. Like ringtone downloads. This is the easiest way to import a Trojan virus into your phone turning it into a potential zombie awaiting its master's call for the next DoS (denial of service) attack. You may have received SMS messages purportedly from your bank announcing your account was to be suspended unless you paid some fee or sorted out some irregularity by calling a toll-free number – where your PIN and account details will be requested. Don't respond to gobbledegook alerts. Your bank has several secure ways to reach you should it transpire a Nigerian dictator has perished leaving his entire fortune to you.

At airports, turn off your Bluetooth device or disable the "discoverable" mode. This prevents prying eyes. And beware of pretty women. Especially if they ask you to marry them. It's NOT a compliment. Safe travels.

Send us your Feedback / Letter to the Editor

Previous Columns
Pilot project for beginners Green flights of fancy? The art of arriving late When life drives you potty Airports, awards, and alarm A fright for sore eyes Dry skin wet eyes Back to the Tunnel of Love Why fearless flyers won't flee fees More wind in the hair Travel tremors after Japan The case of the intact bags End of the OTA-man empire? A picture says a thousand words Only Engrish spoken here Voices in the sky A tale of three airports What's in a brand A big bite of a bad Apple Now haste to the hustings Just 400 homicides and all's well No sex please, we're British Some minor details aloft Highway to the heavens You look radiant darling Good info a needle in a haystack Please watch that safety drill A classic cycle folderol Utterly eggcentric behaviour The price is right Flashing in public is a crime [Offset] my kingdom for a horse Your cash or I'll sneeze The greening of the world Do broccoli need passports? Could I see your profile? Great Scott! Empty seats Travel in an age of terror There is no free lunch Another Night in Bangkok Beatings on the beach Travelling with Teenage Kids Whither Wi-Fi at 30,000ft? Are you locked in the toilet? Charge of the Flight Brigade Across the Universe Baby it's cold outside Why I'm dying to travel A key question Gorillas in the mist Confounding customs When blackmail works By taxi through Asia A really cheap date Make a meal of it Tales of two teeth Putting curbs on carbs Dial R for rip-off The New Math aloft Why boutique is best Are you terminally mad? Heavy question, ladies The secret of good sleep Just bring Pluto back A fluid situation aloft Why Friday's the best Nothing but the truth Gone in 60 seconds Just use your imagination Free flights for all Is your travel in vein? Pet peeves and solutions Viral travellers welcome Yes it's safe to step out A passage to India It is a "brand" new Asia The show must go on Criminally good holidays The accidental tourist It's a free ride Sleep tips for the road I'll follow the sun A good pillow fight A bridge too far? World's safest spots The need for speed Small is beautiful, sometimes Bumming around Asia Samsonite and Delilah Just one good book Space, the final frontier Extreme Travel for Real Men Just grin and bare it Unfazed by phrase Honey, I Shrunk My Brain Miss World to the Rescue When things go bump To catch a croc, in Hongkong A thrilla in Manila The Steamy truth about Spas Are Travel Agents Dinosaurs? The Hub of the Matter Win a second wife - free! Forget inflight TV, try DVT Adventures of the Green Man Hongkong's Masked Ball Travels in War and Peace Advice on travel advisories Pound of flesh
Note: Telephone and fax numbers, e-mails, website addresses, rates and other details may change or get dated. Please check with your dealer/agent/service-provider or directly with the parties concerned. SmartTravel Asia accepts no responsibility for any inadvertent inaccuracies in this article. Links to websites are provided for the viewer's convenience. SmartTravel Asia accepts no responsibility for content on linked websites or any viruses or malicious programs that may reside therein. Linked website content is neither vetted nor endorsed by SmartTravelAsia. Please read our Terms & Conditions.