Travel in any airport in the United States and you will note the incredible number of people using laptop computers in lounges, waiting areas, restaurants, etc. Sometimes they are working on a document or spreadsheet, but often they are checking their e-mail or surfing the Web. When they’re online, they are typically connecting via the airport’s wireless network.

There is a trend toward the use of "air cards" which provide data connectivity through mobile telephone networks - 3G networks - but wireless hotspots are still the most common method of connection for traveling users.

Some airports offer free service, others host pay networks from T-Mobile, AT&T, Boingo, etc. Similarly, many hotels offer either free or charge wireless connectivity. Many businesses these days reimburse fees for wireless connectivity.

People are quite familiar with firing up their laptop operating system’s wireless detection utilities and choosing the strongest node to connect. But using unsecured wireless networks can be dangerous.

It is trivially easy for an attacker to establish a wireless device - laptop or router - as a node with the same name as legitimate nodes in the area. When a user attaches to the attacker’s node, the user gets connectivity to the Internet, probably never knowing otherwise. But all the Internet traffic first passes through the attacker’s system where it can be recorded for later mining of interesting data.

Is that necessarily a big loss? Not if you enable a company virtual private network (VPN) first. These create an encrypted tunnel to your company’s network.

Also, most websites have enabled secure sockets layer (SSL) or transport layer security (TLS) for their login/password pages. Indicated by the HTTPS before a website’s address, this is an encrypted connection for Web traffic.

Having no encryption may not be an issue depending on the data you are sending or receiving and where along the line it is being protected by some sort of encryption mechanism.

For example, you may know that both Yahoo and Google encrypt their login-password pages but neither encrypts any subsequent communications so any e-mail you read from these services will be visible to a wireless man-in-the-middle attacker, including attachments.

Again, maybe there’s nothing of any value in your typical communications and if that’s the case, then you have nothing to worry about.

On the other hand, if you tend toward the paranoid like I do, then consider the alternatives for obtaining some privacy.

If it’s corporate business you’re up to and your company has a VPN, then that is the safest way to go.

If it’s personal business you’d prefer your employer remain unaware of (or if your employer has content filters and/or personal-use clauses), some other options include an anonymizer service, or set up a personal VPN to a personal location such as your home, use remote desktop display, or get fancy with a Web proxy and an encrypted tunnel.

I use a Linux server with a protected proxy that I tunnel my Web traffic to via a secure shell (SSH) network protocol. I use this rather than a simpler OpenVPN setup for an odd set of reasons related to the nature of my work.

The point is there are a variety of ways to keep your data confidential and you should explore some alternatives to ensure you always have a way to keep yourself safe.

In general, I prefer wired network communications for reliability and performance but it’s a wireless world out there so it pays to work with it safely.

For travel, I recommend using disk for file encryption on your laptop or, better yet, an external 2.5" USB hard drive (check out Truecrypt on Google), having access to an encrypted communications channel (VPN, TLS, SSH, etc.), and carefully keeping your laptop with you at all times during travel. It astounds me every time I read about some company losing tons of sensitive data through a lost laptop.

Stay safe out there.

Contact Lee LeClair, a founder and chief technology officer of Ephibian, through the company’s website www.ephibian.com or (520) 917-4747. Ephibian, headquartered at 3180 N. Swan Road, provides software development, data integration and Web design services. LeClair’s Tech Talk column appears the third week of each month in Inside Tucson Business.