Helping people with computers... one answer at a time.

The security issues in using a Kindle on an open Wi-Fi are the same as for using a computer. Follow some critical rules and you'll be safe.

I have a hard time imagining any privacy or security issues with a Kindle reader. Am I overlooking something? At home, I have a Kindle Touch and no wireless network. To download books, I access the only non-secured Wi-Fi network my Kindle lists, which is Linksys. Why is it Linksys that is listed?

In terms of security and privacy, what could go wrong? Do I need a secured access point? Why for an ereader? How about if I'm away from home in a Starbucks, say? Are there other things to consider in that environment? The previous questions are all related to the Kindle's basic download feature. I do not use Kindle as internet access, but if I did, would that change any of your previous answers? And if so, how and why? Do you have any other comments or security/privacy recommendations for Kindle readers?

In this excerpt from Answercast #44, I look at some confusion as to where wireless internet comes from and how to use it securely with a Kindle.

Security on Kindle

So let's start with the Wi-Fi aspect of this. The Kindle you're using, the Kindle Touch, is using Wi-Fi to connect to the internet to download your books.

  • You say you don't have wireless internet;

  • But you're seeing a wireless access point called "Linksys" in your Kindle.

What that means is – somebody who lives near you has a wireless access point that happens to be a Linksys manufactured access point that they have not secured. You are, in a sense, leeching the internet from somebody else's internet connection.

That's a bad idea. (There's no security issues with respect to your book downloads; I'm not worried about that at all. In fact, when it comes to book downloads, I think you're fine using Starbucks as your primary mechanism.)

  • I avoid using somebody else's internet simply because it's not the right thing to do.

And when I say somebody else's – I mean your neighbor. Even though they've got their access point misconfigured, their access point is not secure (and it should be). The fact that you can use it does not mean that you should. It's just a bad idea.

Use open Wi-Fi

What you should do (for now) are either of two things:

  • One, go to Starbucks more often and turn off that Wi-Fi at home.

Turn off the Wi-Fi in the Kindle device at home so as to avoid using your neighbor's internet. Go to Starbucks; do your downloads there.

There's not a single thing I would change about the Kindle's internet configuration if all you're doing is downloading books. Doing it at an open Wi-Fi access point is a fine thing.

Get your own wireless router

Now, the other thing that you should probably do is (I assume you have internet of some sort at home.) In a case like that, what you need to do is:

  • You need to go out and get yourself a wireless access point.

I've got a couple of articles on Ask Leo! about setting up a home network. In fact, I've just expanded "How do I set up my home network?" to include things like adding wireless access to a previously wired-only network.

So I'm going to point you at that article:

  • That's what you would do to get wireless internet for your home – that you can use guilt-free without having bothered your neighbor.

Kindle on the internet

Now, when it comes to using your Kindle for the internet:

  • For browsing (for example);

  • Or in the case of things like Kindle Fire;

  • Or even on tablet devices (that do a lot more than just browsing);

  • ...then things get a little bit more interesting.

Unless you understand the security ramifications for visiting a specific website – I wouldn't, for example, suddenly start doing your banking at Starbucks using your Kindle.

I wouldn't be too worried about reading your email as long as the website that you visited used https. (I think Hotmail and Gmail can be configured that way, so that you only connect to the website via https.)

When you do that, the conversation is encrypted for the entire path between your Kindle and the service provider. That's important because in an open hotspot like a Starbucks, anybody could be listening in to your data:

  • If it's not encrypted, they could be reading your email;

  • Or worse, reading your username and password as it goes by.

So always make sure you're using secure websites when you're using a browser-based access of anything that would potentially have sensitive information.

Obviously, if you're just browsing the web, if you're just reading news sites and so forth, it doesn't matter if somebody is snooping it or not. But when it comes down to personal information, I would be concerned.

Installing apps

Now, the other part of this (I'm not sure exactly which features your Kindle specifically has), but the Kindle Fire and other tablet devices allow you to install apps. Apps are at the mercy of whatever the app designer wrote for security.

As it turns out, I reverse engineered the Gmail app, the application that runs on an Android tablet that would allow you to get email from Gmail on the device. That happens to use a secure protocol. It actually uses https in the background. On my Fire, I fire up a browser and I use https for all of my connections to Google mail services and other Google services.

So, those are the things I would be concerned about:

  • If you should start browsing, make sure that things that are sensitive are being done over https connections (if you're out at a place like Starbucks.)

  • If you're at home – and you finally do have your own wireless access point; make sure to configure it with WPA or WPA-2 security.

What that does is that forces you to enter a password on the device in order to be able to connect to a wireless access point. That does two things:

  1. One, it encrypts all the data between your device and your wireless access point, even if what you're looking at isn't natively encrypted (in other words it's not https.)

  2. But it does something else, too. It prevents your neighbor from doing to you what you've been doing to him.

Your neighbor cannot then start using your internet, because your wireless access point happens to be in range, because you put a password on it.

  • Because you put a WPA or a WPA-2 password on it, he's unable to connect to your access point at all.

That's the way he should have his own wireless access point configured – and that's how you should have your wireless access point configured.

As long as it's configured that way, then I would have absolutely no problem doing whatever the device will allow you to do on your home wireless access point.

Article C5700 - August 15, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

2 Comments
Paul
August 17, 2012 9:14 AM

Do the same comments also apply to Barnes & Noble's NOOK 16g Tablet?

Mark J
August 17, 2012 9:55 AM

@Paul
This article would apply to all dedicated s-book readers as they all download books in a similar manner.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.