Question
I use my cellphone as a hotspot for my PC and access my email or bank account. Can the sniffers/hackers get direct access to the page that I'm viewing or my account? Or is it like they're just watching me navigate?
Answer
This turns out to be a fairly common concern and one which people need to be more aware.
When you're using your cell phone to create a wireless hotspot, you're actually having the phone act as a kind of "translator" between the cellular network and your WiFi-enabled computer.
Each side of that connection has risks, but the risks are dramatically different.
Sniffing the Cellular/Mobile Connection
It turns out that it is actually possible to sniff the cellular data communications. Even though it's encrypted, the encryption technology is so old as to be considered exceptionally weak and easy to crack.
"Put a WPA or WPA2 key/password on that WiFi connection and you're safe."
The good news here is that it takes special equipment to "listen in" to cellular communications. For example, most cellular connections "frequency hop" - meaning that the actually transmission and reception frequencies can change at random times. It's all transparent to you as you make your call or send and receive data.
Someone attempting to listen in to your cellular conversation not only needs equipment that can listen to the correct frequencies, but can also track them as they hop and, of course, decrypt the encryption.
I say that's good news for a couple of reasons.
Not many people bother to invest in this equipment. It's somewhat expensive, and probably illegal. Naturally, government agencies probably do have this technology, so if you're the paranoid type or feel like you have a reason to be tracked by the government, then this probably matters to you.
The other reason why I'm not terribly concerned about this is that hackers are MUCH more likely to go for easier targets.
And the WiFi part of this equation is a much, much easier target.
Sniffing the WiFi Connection
When you use your cellular phone or similar device as a WiFi hotspot, you're actually turning your phone into a mini router; internet comes in one side (the cellular network), and WiFi connections are available on the other.
The key here is to simply make sure that it's not an open WiFi connection.
Put a WPA or WPA2 key/password on that WiFi connection and you're safe.
Leave it un-passworded or open, and you've set yourself up as a free, open hotspot. Not only could anyone else connect to it and use up your bandwidth, but your own connection would be at risk of all the dangers present in using an open WiFi connection.
Sniffing your open wireless connection is easy - anyone with a laptop and some free, open-source packet-sniffing software can do it.
So, don't make it an open connection.
When you set up the WiFi hotspot capabilities in your phone, make sure to put a password on the connection and all will be encrypted. That's exactly what I do.
