On my way home from recent pre-deployment training I had the good fortune to travel from Columbia, SC through Charlotte, NC.
The Charlotte/Douglas Interntional Airport (CLT) is the nicest airport I’ve been in. It’s logically arranged so once you’re through security you can wander to any terminal without having to be re-screened. There are plenty of great shops and restaurants. The people there are friendly and helpful. The USO is beautiful, with plenty of comfortable seating - rows of recliners in front of a high-def TV, computers, video games, a children’s area, and plenty of free food and drink (though I always make a donation when I leave). If you have to get stuck somewhere for over 5 hours because of a broken plane (like I did), Charlotte is the place to be.
Both Columbia and Charlotte airports get a thumbs-up for offering free wireless Internet. No $9.95/day fees – just connect and surf. The connection speed at both is very good, too.
You have to take care when connecting to public wireless networks – there may be evil afoot! Take a look at this screenshot I took while sitting at a US Airways gate in Columbia. It shows the wireless networks in my area.
Don't talk to strangers!
The first network listed, the one I connected to, is the real Columbia airport network. The icon next to it shows that it’s a wireless access point.
The third network, “US Airways Free WiFi”, is named to entice people to connect to it but the icon shows it’s an “ad-hoc” network. In other words, someone sitting within a few hundred feet of me configured their laptop to appear as a gateway to the Internet. I’m no security expert but even I knew that seems suspicious.
Had I connected to the third network I’m sure I would have been able to surf the web, check my e-mail, take care of online banking…all the normal things you do on the Internet. Any non-encrytped data I sent (that is, when not on a secure web page) would be visible to the guy who set up that network.
This is known as a “man in the middle” attack – a 3rd party inserts himself between you and the other party (in this case, the web sites you visit) giving him access to all the communication without your knowledge.
Most people know not to connect to ad-hoc networks, but apparently some don’t since this sort of hack is still taking place.
This article goes into greater detail on this scam. And if you think you’re safe connecting only to access points, think again. You can read here how to set your computer up to appear as an access point and set up pages to phish passwords (with screenshots!) or install software to gain complete access to a victim’s computer.
Too bad I’ve got a conscience…and a security clearance…it sounds like fun.