Helping people with computers... one answer at a time.

Using your cell phone as a mobile hotspot is convenient and powerful - and easy to be unsecured. I'll look at what it means to set that up securely.

Say I use my cellphone as a hotspot for my PC and access my email or bank account. Can the sniffers/hackers get direct access to the page that I'm viewing or my account? Or is it like they're just watching me navigate?

This turns out to be a fairly common concern and one which people need to be more aware.

When you're using your cell phone to create a wireless hotspot, you're actually having the phone act as a kind of "translator" between the cellular network and your WiFi-enabled computer.

Each side of that connection has risks, but the risks are dramatically different.

Celluar Phone used as WiFi Hotspot

Sniffing the Cellular/Mobile Connection

It turns out that it is actually possible to sniff the cellular data communications. Even though it's encrypted, the encryption technology is so old as to be considered exceptionally weak and easy to crack.

"Put a WPA or WPA2 key/password on that WiFi connection and you're safe."

The good news here is that it takes special equipment to "listen in" to cellular communications. For example, most cellular connections "frequency hop" - meaning that the actual transmission and reception frequencies can change at random times. It's all transparent to you as you make your call or send and receive data.

Someone attempting to listen in to your cellular conversation not only needs equipment that can listen to the correct frequencies, but can also track them as they hop and, of course, decrypt the encryption.

I say that's good news for a couple of reasons.

Not many people bother to invest in this equipment. It's somewhat expensive, and probably illegal. Naturally, government agencies probably do have this technology, so if you're the paranoid type or feel like you have a reason to be tracked by the government, then this probably matters to you.

The other reason why I'm not terribly concerned about this is that hackers are MUCH more likely to go for easier targets.

And the WiFi part of this equation is a much, much easier target.

Sniffing the WiFi Connection

When you use your cellular phone or similar device as a WiFi hotspot, you're actually turning your phone into a mini router; internet comes in one side (the cellular network), and WiFi connections are available on the other.

The key here is to simply make sure that it's not an open WiFi connection.

Put a WPA or WPA2 key/password on that WiFi connection and you're safe.

Leave it un-passworded or open, and you've set yourself up as a free, open hotspot. Not only could anyone else connect to it and use up your bandwidth, but your own connection would be at risk of all the dangers present in using an open WiFi connection.

Sniffing your open wireless connection is easy - anyone with a laptop and some free, open-source packet-sniffing software can do it.

So, don't make it an open connection.

When you set up the WiFi hotspot capabilities in your phone, make sure to put a password on the connection and all will be encrypted.

That's exactly what I do.

Article C4806 - April 29, 2011 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

3 Comments
Dan
May 1, 2011 9:18 AM

Have you seen the rates that cell phone companies charge for tethering? OUCH! Damn right you better secure that connection!

Reid
May 3, 2011 8:57 AM

I second Dan's comment. Unless you pay for an unlimited data plan *and* equivalent tethering feature, you can easily and quickly run up significant charges.

PH
May 4, 2011 11:11 AM

Might be worth mentioning that routers should be set up as "Hidden" (ie not broadcasting it's name), so you'd need to know the name of the hotspot (as well as the password) before you can connect. It's effectively invisible so anyone (without special knowledge/tools) won't even see the hotspot and be tempted to try to get in.
Also, restrict which devices can gain access to the router to prevent ilicit access by passing devices. May not be, (probably isn't) foolproof, but will go a long way to protect it from all but the most determined (and suitably equipped) interlopers.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.