Data/Cyber/Cloud Security, Privacy, Website Security, Data Encryption, Malware/Viruses, Open Source Intelligence, Cyber Defence, Data Breaches, Travel Reviews & Photos
I travel a lot, not that I publish this fact greatly online. This year I have been to nine countries, eight within the European Union and one within Europe. At the moment I am writing this article on a coach journey from one capital to another capital covering 310 kilometres. Excellent I/we can simply turn up at any European Union country by plane, boat or by land and flash (sometimes not) our passport and gain entry.

Back to the topic of commercial data collection. Within the United Kingdom and the Republic of Ireland though to a slightly less extent, when we use free Wi-Fi, it may be free but we are giving “them” something. Our browsing history, search terms, SSL/TLS connection* and probably more. Free yes, but we go from the customer to the supplier and of course they use or sell what they collect.

*One or two free Wi-Fi providers used in chains seem to MITM (man in the middle) SSL/TLS connections used on email clients. Instead of the genuine certificate of the email provider whoever that is being presented, it is replaced by the Wi-Fi hotspot provider thus annoying to put it mildly the smartphone, tablet or laptop. Last year a client (ex as I have moved away) complained to his IT support provider a few times about certificate errors. Out of ten plus client’s no one else complained and I ran tests to prove nothing was wrong. It turned out his phone was automatically connecting to a free Wi-Fi hotspot of the coffee shop downstairs and causing a problem.

Google Email which I do not use offers you tens of gigabytes of storage which costs them money to run in electricity, staff, data centre, hard drive and replication costs. Take a paid email service like hosted Exchange or Kerio which costs you a few pounds a month and there are no ads, data capture and antivirus/antispam is better. Why do they charge? Because they don’t pinch your contents or match ads to the contents of the email, we hope!

Whenever you use a large scale Wi-Fi hotspot at a chain pub, restaurant or coffee shop it does not simply open. You connect and then a registration form comes up: name, email address, phone number, date of birth please. Do they really need a mobile number or date of birth? No. The email address and mobile number can be used to flog you stuff. The date of birth to map browsing patterns to demographics.

Back to the topic of travel. Outside of the United Kingdom and the Republic of Ireland things seem different and easier. Just connect to the Wi-Fi hotspot on your device and voila it works. Maybe they have not clocked on to the idea of exploiting us or maybe they are more respectful. Only time will tell……

This article barely even touches on government monitoring schemes, mainly because they are not visible like commercial ones though I suspect outside of the United Kingdom and other Western European states they are less intense. Physical security outside of the United Kingdom does feel a lot less and maybe that is because outside of the United Kingdom, France and Germany physical threats are a lot less. It is not just the private sector which profit from big data, Companies House of England & Wales seems to make money also.

Maybe with government cuts, departments are finding new ways to make cash. Register a new company and within a few days, you get “welcome” letters from companies offering you services. The letters are trying to flog you: domain names, domain based email addresses, hosting, virtual offices and accounting services.

Apart from privacy remember free Wi-Fi hotspots are pretty much all open with no encryption thus someone could view or tamper with connections in public.