Internet security in vacation rentals

[Alan]

Probably old hat to many of you but here is an article saying that internet security in vacation rental homes could be worse than in a coffee shop, because earlier visitors have physical access to the home's router.

https://www.theguardian.com/technology/2016/aug/05/airbnb-wifi-security-threat-risk-travel

I use Tunnel Bear all the time when traveling but hadn't quite appreciated the added security it provides.

Speaking at the BlackHat conference in Las Vegas, Galloway argued that the threat posed by short-term rentals has always been high, but only in the last year has the sector grown to the extent that it should be considered one of the most important risks faced by those travelling.

“The media gets this wrong all the time,” Galloway said. “The biggest threats you face aren’t from some elite foreign government with zero days, it’s from simple threats.” While security researchers like focusing on esoteric attacks, Galloway argued that an Airbnb rental is far more likely to offer a successful method to steal credentials, infect machines and spy on browsing than most critical vulnerabilities.

For guests, connecting through a VPN -like TunnelBear can protect against man-in-the-middle attacks, as can simply not using a home Wi-Fi. Ultimately, Galloway concluded: “Be skeptical, be aware. If you don’t trust the network, just don’t use it.”

 

[LastOfTheBoomers]

I carry a small travel router made by Asus and plug it in to the house router

That way all my devices are set with SSID and the wifi settings and the built in firewall is active on the router

Sometimes at hotels it works but you have to sign in every 24 hours - but it is getting harder to find an Ethernet jack


Sent from my iPhone using Early Retirement Forum

 

[folivier]

I also bring a small Netgear travel router. It connects either by wifi or ethernet cable.

 

[candrew]

You can always use a VPN

https://www.hidemyass.com/how-vpn-works

 

[Alan]

You can always use a VPN

https://www.hidemyass.com/how-vpn-works

This is what I do.

 

[Big_Hitter]

I'm about to check into one; what's the big deal? I've already had my ID stolen

 

[Alan]

I'm about to check into one; what's the big deal? I've already had my ID stolen

It's only a big deal for us nerdy types who like to think we know what we are doing.

 

[explanade]

One thing which some care about when selecting VPN providers is whether the service logs your activities.

I have a VPN server on my home router and I've connected to it from overseas but mainly to stream video which is only allowed for US addresses.

There are some people who think you should always use VPN, even at home. Some services give you a discount if you pay for a year.

 

[upset264]

So happens we're leaving for a vacation rental within the hour. Now you've given me something to worry about. My only concern is the security of my financial accounts and because of that I check them frequently. Some every day others at least once a week. So suppose some one gets the username and password to one of my brokerage accounts. Logging in from an unfamiliar computer he must answer a security question or provide an authentication number. Assume he successfully does that. He enters the information to link a new bank account. The account is not eligible for transfers out of my brokerage account for a week or ten days and I immediately get an email letting me know of the new account and I believe also a letter by snail mail. If my address is changed no checks will be sent to that address for ten days and I am notified my mail at both the new and old address. I don't want to ignore the risks I just wonder what they are. I believe the best defense is monitoring accounts closely. With the phones we have now and fingerprint log in that's so easy.

 

[explanade]

Usually the bank and brokerage web sites use SSL. So should their apps. which you may use on phones or iPads.

SSL isn't invulnerable to attacks and you're right that malware on mostly Windows computers can capture your keystrokes.

More and more, when I go on trips abroad, I find myself using mobile data rather than hotel wifi, not so much for security but hotel wifi tends to be really slow.

 

[Big_Hitter]

It's only a big deal for us nerdy types who like to think we know what we are doing.

no issues so far...

 

[Sunset]

So happens we're leaving for a vacation rental within the hour. Now you've given me something to worry about. My only concern is the security of my financial accounts and because of that I check them frequently. Some every day others at least once a week. So suppose some one gets the username and password to one of my brokerage accounts. Logging in from an unfamiliar computer he must answer a security question or provide an authentication number. Assume he successfully does that. He enters the information to link a new bank account. The account is not eligible for transfers out of my brokerage account for a week or ten days and I immediately get an email letting me know of the new account and I believe also a letter by snail mail. If my address is changed no checks will be sent to that address for ten days and I am notified my mail at both the new and old address. I don't want to ignore the risks I just wonder what they are. I believe the best defense is monitoring accounts closely. With the phones we have now and fingerprint log in that's so easy.

Right so he sells some OTC very illiquid stock at $800 per share over the normal price, and puts in your account an order to buy that stock at market price.
Your account then buys 100 shares of X and he gets your $80,000

Then he does the same with stock Y , Z , etc and repeats using different accounts to sell the stocks from.

 

[Sunset]

You can always use a VPN

https://www.hidemyass.com/how-vpn-works

So how do we know the vpn place is real since they could easily operate as man in the middle to rob you blind ?

How do I trust my fence ?