Introduction
When you need Internet access on the Bard campus, you can always connect through the Bard Unsecured Network, which does not require a password. In this age of reduced privacy and stories of hacking, is the unsecured network at Bard safe to use?
In the past, we have all heard horror stories of working on an unsecured, public network at a coffee shop. You could never know if some nefarious hacker was listening in and stealing your private data through this local network, especially usernames and passwords (aka, credentials). With that information, the nefarious hacker could capture your credentials from the local network and use them to make purchases. Oh, woe and grief! Do we look at our fellow coffee drinkers with suspicion? What are they doing at the corner table with their laptops?
Check Your Browser Address Bar
The bottom line is that you are safe as long as you access sites using HTTPS or secure sockets layer (SSL) protected resources. These days, browsers help you determine if your data packets are protected by SSL by displaying a locked icon in the URL address bar. The Chrome browser goes even further and displays a “not secure” message when you are not protected by SSL.
An Example
What does this mean? When you are on the web, you are sending digital data from your computer to a local server (such as the local server[s] at Bard) and then out to the internet, where tens of thousands of servers forward your requests to the server (such as an amazon.com server) that processes and returns a response to your request. In reality, your request is split into packets and each packet takes a different route through the internet until they are reassembled into the complete message at the requested server.
As an example, suppose you were writing a long letter to your friend in Seattle, but you can only write on small postcards that don’t fit all you want to say on one card. You could use a series of postcards for your long message, saying something like 1 of 10 postcards, 2 of 10 postcards, etc. You put a stamp on each postcard and drop them all into your trusty US Postal Service mailbox. The postcards all take a different route to Seattle, where your friend waits until she gets all 10 of them to read your entire message.
Also, suppose your long letter on the postcards contains some confidential information. You are worried someone might read your words as they travel through the various US post offices. In that case, you might want to encrypt a message so only your friend can read it. Children do this all the time with a simple scheme such as an “A” written on the card really means “K” in the letter. As long as you and your friend agree on your encryption scheme, your messages are secure. This is exactly what SSL does, but the encryption is much more sophisticated than this simple scheme. Both the sender and the recipient have to agree on the scheme, which in tech terms is the SSL certificate.
Stay Safe Out There
So now back to the Bard unsecured network issue. If you are using a secure protocol from your computer (based on the lock image or HTTPS address), your messages are encrypted when they leave your computer, travel through the Bard network, and go out to the internet. Happy, secure, packets!
If you are NOT using an HTTPS address on your computer, these packets are password protected on the Bard secured campus network but not protected as they travel over the Internet. The nefarious hackers outside the Bard campus are using sophisticated tools to find these unencrypted packets and steal your data. You could feel safe on the Bard Campus, but you are not safe from the far greater risks on the Internet.
Bottom line: send sensitive data only over HTTPS addresses, no matter where you are.
How do I get a G-Suite Account?
If you are an LLI member, you can get your own LLI account by emailing Al Gersbeck at [email protected] or email [email protected]. You will get an invitation from Google to set up your account with a link to click. When you click the link, you will need to change your password to something you remember, at least eight characters long. It’s that easy!
You must be logged in to post a comment.