Jump to content

How secure is the internet on board?


DorothyB
 Share

Recommended Posts

We do all kinds of "banking" stuff while onboard. Wifi is way safer than at the local coffee shop. People onboard have actually spent time and money to be there vs somebody looking to steal data down the street.

 

Can it happen? Yep. Chances of it happening? Personally, I think it is very low.

Link to comment
Share on other sites

We do all kinds of "banking" stuff while onboard. Wifi is way safer than at the local coffee shop. People onboard have actually spent time and money to be there vs somebody looking to steal data down the street.

 

Can it happen? Yep. Chances of it happening? Personally, I think it is very low.

 

Actually, most if not all banking is already encrypted. As long as you don't see anything strange from what you see at home then it is secure. Is it still possible to do an attack...yes, however, your browser will flag that there is an issue with the certificate and you would see a screen warning you of this. In that case, do not follow and assume someone is attempting to read that information. As long as your device is up to date with security patches, I would not worry

Link to comment
Share on other sites

It's not about "doing banking". Sometimes you just need to check your account. For example last time I was on the breakaway my bank flagged my account for possible fraudulent activity and required me to login to verify charges.

 

 

Sent from my iPhone using Tapatalk

 

If truly talking about your Bank, don't use debit cards, and don't get cash at ATM's. The bank will not know you are away from home. Use credit cards. You can call them ahead of time and let them know where you are and it mostly avoids the fraudulent charges problem. When we travel husband and I each take 2 different credit cards. On the slim chance one gets blocked, we have 3 more to use without needing to call anyone.

Link to comment
Share on other sites

..When we travel husband and I each take 2 different credit cards. On the slim chance one gets blocked, we have 3 more to use without needing to call anyone.

 

We do that as well. 4 different accounts, plus two atm cards. We are covered. Cheapest damn insurance there is.

Link to comment
Share on other sites

Six month old thread, folks...

 

So, it is not like a lot of the old ones. The information is still relevant and pertinent. If you don't like the fact that it is six months old, don't read it.

Link to comment
Share on other sites

  • 2 years later...

A "Cyber Security Expert" believing that using a ship's WiFi is no more risky than using your personal one at home is pretty good evidence that the cyber threat isn't as serious as the media wants us to believe. If it was, he and all of his clients/employer would've been robbed blind by now. (But with this being a 2 year old thread, maybe they were.)

Link to comment
Share on other sites

Not a bad idea for this topic to get a fresh set of eyes.  Some valid things in the prior posts, but I also am a Cyber Security expert and here's what you should know (my opinion, yes.)

 

- Using your browser and SSL connection to the bank or other accounts is similar in risk to working at home. The SSL tunnel does protect your information and password, assuming you don't have one the things below happen.

 

Like any public Wi-FI, there are two very real risks:

- There is a higher chance of attackers existing on the same network which is scanning for vulnerabilities to try and get into your machine. You must be up to date with Windows Updates and application patches.  The attacker may not know they are attacking because their machine is infected and they don't know it is searching for others to attack.  You should be running a good antivirus security program, at least that which comes with Windows or a free one, and be sure it is running correctly and up to date.

 

- There is a chance of an attacker putting up a fake Wireless service, which has the same name or a name very close to the ship WiFi, tricking you into connecting.  This is harder when you know there is a ship login portal, since they would also have to imitate that portal. But first timers and forgetful people might connect, get a real looking Google search page, and attempt to connect to their bank.  Whoops, you just gave them your username and password.  (They may even have an Internet connection so you can keep going and they can try to skim more information from you.)  Know what the portal looks like, and follow the directions they give for connecting.

 

Now, your bank probably has device fingerprinting and/or two-factor login, or was that optional and you didn't take it?  Always use these things to protect your banks, Apple ID, Google Account, Facebook account, etc.  Set a family member up as an alternate confirmation in case you lose your phone.  However, if they send an SMS message to allow you to log in, guess what?  It won't reach you on the ship unless you have chosen to use expensive cellular service, or an alternate method, like apple push notifications or an email message to choose.  If you use an authenticator app then there will be a code you can display and enter as an alternate method.

 

Is this scary?  A bit.  In a company of 5000 people, with half being laptop users who go to other WiFi places including home and public, I see these things happen to a few people every year.

 

 

 

 

Link to comment
Share on other sites

On 12/2/2016 at 10:11 PM, triptolemus said:

One of the reasons public wi-fi spots are dangerous is that attackers set up "rouge" hot spots which are named such that people believe they are the legitimate network, e.g.; "MIA-FreeWifi" or "Starbucks-Wifi"ypted, secure connection.

 

 

Yes, but that is only one of the reasons Wifi is risky.  And I think another very important reason is completely being overlooked by this entire conversation, and in fact by almost the entire Social Media community in virtually every country.

You can't even trust the company behind a legitimate Wifi Hotspot to take great care with your data.  It just depends on what data you're concerned about.

A Starbucks or a Norwegian Cruise Lines is probably not going to exploit your banking info, unless there happened to be some unscrupulous employee that day who decided to hack in to your communication.

But there is no law barring them from mining all sorts of other data and selling it to third party interests without your knowledge. 

Your name, your address, your phone number, your email addresses, who you are communicating with, purchases you make and what stores you frequent are all for the taking every time you give someone "permission" by accepting the terms of their agreement.

Link to comment
Share on other sites

7 hours ago, MotownVoice said:

Your name, your address, your phone number, your email addresses, who you are communicating with, purchases you make and what stores you frequent are all for the taking every time you give someone "permission" by accepting the terms of their agreement.

 

The SSL connection has the browser encrypt the data as it is sending, so the wifi router doesn't really see unencrypted data. The websites you visit, yeah, but nothing you type into a secure site can be read by the service.

 

 

Link to comment
Share on other sites

5 hours ago, fshagan said:

 

The SSL connection has the browser encrypt the data as it is sending, so the wifi router doesn't really see unencrypted data. The websites you visit, yeah, but nothing you type into a secure site can be read by the service.

 

 

 

Everything that an app, a website or a wifi hot spot asks you for, and that you supply when you create a new profile becomes their property to use in whatever commerce they see fit, unless an opt out or permission revoke feature is available and utilized.

 

name

address

social media associations

phone number(s)

frequently, the IP address of the device you are on

email address(es)

 

The rule:  if you’re not paying for it, you’re not the customer.  You’re the product.

 

Edited by MotownVoice
Link to comment
Share on other sites

On 9/17/2019 at 2:04 AM, MotownVoice said:

 

Everything that an app, a website or a wifi hot spot asks you for, and that you supply when you create a new profile becomes their property to use in whatever commerce they see fit, unless an opt out or permission revoke feature is available and utilized.

 

 

Oh, of course. I misunderstood. I thought  you were saying the ship's wifi was different somehow, and more dangerous than your home ISP, Starbucks wifi or the Internet at work. It's the same, so no special warnings are needed.

 

 

Link to comment
Share on other sites

If you do fancy network stuff that needs to link to your data sources in your home network you would need some sort of secure tunnel direct from your laptop.  As Moby0125 said, any risk on board ship is virtually identical to any access using your laptop anywhere else inside or outside your home network.  Assuming we are talking off-site web broswing such as personal banking, the risk transfers to how dangerous is it to you if you don't get the information.  As again, the good example given by Moby0125 about not tracking your your bank account, shows that you are more in danger by not getting the information than the infintessimal chance of someone hacking your htpps connection.  You are also more vulnerable using the ship computers because of the volume of cookies and other tracking stuff you leave behind in almost every connection.

The real problem is that computer links are almost the only way to do mobile business these days.  Arranging meetings for private tours and airport taxis, for example, while on board often involves virtual money, so it is probably worthwhile having a "Third-Party" payment account like PayPal where your credit card numbers are not given to the traders.

Protecting your data from the dangers needs a balanced set of measures and always involves looking to reduce exposure where it is most vulnerable.  For example, having a very safe secure tunnel to anyone is no good if the loss of data happens when the link hits the remote network and the data is extracted by hostiles from there.  A basic example is from a friend of my dad who had expensive racing pigeons kept in a shed put three massive locks on the door. He came to the shed one day and the door was open and all his birds had gone - The two leather hinges had been cut off!

Edited by old nutter
spelling
Link to comment
Share on other sites

On 12/2/2016 at 4:17 PM, DorothyB said:

I've always been leery of logging into any of my financial websites (bank, etc) while on board.

 

Am I paranoid? or am I correct in being concerned about the security of internet access?

 

Thanks!

 

 

If you have to ask this question then the answer is not secure enough to perform the task at hand.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

  • Forum Jump
    • Categories
      • Welcome to Cruise Critic
      • New Cruisers
      • Cruise Lines “A – O”
      • Cruise Lines “P – Z”
      • River Cruising
      • ROLL CALLS
      • Digital Photography & Cruise Technology
      • Special Interest Cruising
      • Cruise Discussion Topics
      • UK Cruising
      • Australia & New Zealand Cruisers
      • Canadian Cruisers
      • North American Homeports
      • Ports of Call
      • Cruise Conversations
×
×
  • Create New...