There was no wireless when I arrived here many years ago  and just a few hotspots (wireless locations) until maybe 2-3 years ago. Since then, wireless has “gone viral” and has become available in numerous locations, especially in the central valley around San Jose. Nearly every hotel offers wireless and/or direct connects in the rooms. Internet cafes offer wireless as do bagel shops and pizza parlors.  More and more people are getting familiar with wireless both for home and for “on-the-road” use and they ARE using it.  A lot!

Sadly, the vast majority of the people I deal with think wireless is is a reliable, convenient, safe and secure form of communications. Reliable and convenient? Maybe. Safe and secure? Absolutely 100% NOT.

This is one of the topics I cover in my REAL Costa Rica Tour, and it is so very important, I have decided to add it here. Also, I cannot cover it sufficiently during a tour, so this will be a reference for my tour clients.

If this topic is of interest to you, (and it should be!), read on.

Let’s start with a quick video from The Discovery Channel!  Just click this link to open in a new window!

Scary huh? Well read on for some ideas on how to protect your (virtual) life!

It is a bit technical, but I will try to explain it in layman’s terms so far as possible. If you intend to use a wireless connection, whether in your home, an Internet cafe, a hotel, or anywhere in any country, (not just Costa Rica), then I would urge you again to read this post. I will tell you why it is not safe and secure and then I will teach you how to make it secure… or as secure as today’s technology can make it.

Let me start by repeating that using wireless, while wonderfully convenient, is just plain incredibly dangerous. In essence, what you are doing is sending information from your computer (email, files, photos, passwords, etc) through the air as a radio signal. As with any radio signal, all one needs to listen to what you are sending is a “radio”. The radio a bad person uses costs nothing.  They are free for the downloading on the Internet, and they are called “sniffers‘ or more formally, packet analyzers, network analyzers, or protocol analyzers.

With a sniffer and some other tools, also free, a semi-knowledegeable person can see pretty much everything you are doing. Some people think that protected network will save them. While there are password protection schemes that are more difficult to crack, I can assue you that most can be opened by a pro within minutes, and it is the pro who will be after data that can compromise your identity, your finances and your privacy. With a sniffer, they can see almost everything you are sending and receiving.

People think that their firewall will save them… or their anti-virus. This is not a virus we are discussing. this is invasion of your privacy. Firewall?  No help.  The bad guy is reading your data from the air.  As a side issue, most firewalls protect from attacks from the outside which is not the case here, right?  Windows XP firewall would be an example. What about data being sent FROM your PC?  It is incredibly easy for someone to put a small program on your computer, without your knowledge, that captures every keystroke you type (even if to a “secure” connection like a bank). This is then sent to the bad guy!  This little program is called a keylogger and can be downloaded for free from the Internet. It may surprise you that some companies place these on the computers of their employees to monitor their activity.  Doubtfully legal… but true. OK back on topic!

Once your data is compromised, for instance someone gets your email password, they can read all your incoming AND your saved email. Saved email (never a good idea), may contain logins and passwords to other services you use.  It may also contain stuff you prefer not be public.  Now, you have real issues.

How easy is it to know if a free hotspot is legitimate?  It is not.  Here is cool but easy trick!  A semi-knowledegable person can sit outside a hotspot (a location that offers a wireless connection) and from the comfort of his car, in some cases parked blocks away, logs in to any free service. He then creates his OWN open wireless network.  It is quite easy. You then go to the coffee shop, restaurant, etc, and you see an open network, let’s call it “Beetles Bagels Free Access”, and you login thinking it is service offered by that bagel shop.

You just logged into that person’s PC and everything you send and receive is piped right through his computer… and you never knew it.

OK…. you think you are safe because you check into an hotel and connect directly to the Internet (no wireless). As soon as you login, your data can be captured by another person on another room using the same network. Seldom do hotels or other hotspots have the hightened security required to protect guests from such intrusions.  In fact, it is likley your home connection is more secure.

Last, any time you connect to the Internet, you are connecting through the Internet Service Provider (ISP) that is used by that location to provide Internet service, and they too can see everything you send or receive. This, in reality, is pretty unlikely, but certainly is possible.

You use Voice Over IP (VOIP) to make calls, send info etc thinking they are private calls.  Think again.  These too can be easily “sniffed” and decoded.

Have I got your attention? Scary huh?

So is there any way to protect yourself…. especially when using wireless? The answer is yes, and it is really very, very effective. It does cost a bit of money, often about the same or a little more  than a good anti-virus program.  It is called a Virtual Private Network or VPN.

VPN’s

Many companies use VPN’s to protect their employee’s data when accessing the Internet from outside the office. It is common practice, but few people think of setting up such high security for themselves.  If your company has a VPN, that is fine, though many companies prohibit personal use of the Internet through the company connection (VPN).

So what does a VPN actually do? In as simple words as possible, a private network (a VPN) is created within the main network that you are using (hotel, hotspot, Internet Cafe where you connect directly not using their PC’s etc.).

The geek word for this is an “encrypted tunnel”. You have probably used a VPN and never knew it as such.  When you shop or bank online, you may be using an HTTPS:// connection to protect your data. With your own VPN, you open a secure “encrypted tunnel” from your computer the instant you login.  Therefore, it is not tied to any particular web site that you go to. Your security and privacy is always ON regardless whether  you see that  https:// or not.

Further, a VPN protects every piece of data you send and receive including VOIP, email, instant messaging, and of course browsing. All data is encrypted instantly, send to the VPN where it is decoded and sent on. Any data sent to you is likewise encrypted before coming back to you! You computer decodes it and you then see it as “normal”. Does this slow things down? Nope.  I use a VPN on my laptop and have found no significant loss of speed. As all data is decrypted in a secure data center, it is virtually impossible for your information to be intercepted.

So now you have true Internet security, whether from a hotel room or at a wireless hotspot!  Remember the guy who created his own “fake” network outside the bagel place?  No worries. He cannot even access the tunnel and even if he could, he sees nothing but highly encrypted data.  He gets nothing!

Other Benefits

I’ll mention here a few more items of interest.  A good VPN also provides you with a new IP address.  Your IP address identifies you, where you are located, your country, town, etc. Is this a problem?  It can be.  If you are in Costa Rica, you may have issues shopping online as when you order, your location is provided by your IP and often companies will not accept a credit card issued in one country if you are using it from another country. My VPN gives me a US IP address, so I now have no issues!  Any one checking see me as being in Dallas.  Further, companies like Netflix.com and others will not permit viewing of their material if you are outside the USA.  With your new US IP address, you will have no problems.  These companies “see” you as being in the USA.  Some VPN services will offer you an IP in Europe or even in Hong Kong (though I suspect you would notice a service degradation if using a VPN in Hong Kong from Costa Rica.

For you privacy/conspiracy nuts (and I know who you are!) Google, Yahoo and in fact all search engines track and record all your searches and tie them to your IP address.  So…. If they don’t have your real IP… heh, heh!

Finally, there are still countries that limit access, censor, monitor content, block VOIP services (SKYPE, etc), or restrict Internet access. A good VPN handles those issues completely. Now you can travel to Cuba!

Expensive??

You decide.  Mine costs $60.00 per year.

$5.00 per month to protect my identity and the security of my data, my email, my passwords, etc., is, quite frankly, not even worth my consideration.

Hard to set up?

I use a MacBook Pro, and setup time was 9 minutes (including the time to download the software). It was a 100% no brainer. I have not tried it on a Windows machine, but I expect it is equally as easy. I am a bit of a geek, but really, this was NOT hard.

Where do I get one?

Use a search engine.  Google, Yahoo, Bing, etc.  this:  ”personal vpn service” (quotes not needed).

You will see several companies offering VPN’s.  Check them ALL out and compare their service offerings.

Summary

I truly hope I have gotten your attention… especially but NOT limited to you wireless users. You really are at risk.

This is really important stuff, and I would urge you to consider protecting yourself. If you don’t feel comfortable doing this yourself, find a pro to help you with the install, but please, do not do nothing.

I personally bank at three Costa Rica banks: BAC San Jose,  Scotia Bank and Banco Nacional.  All were subject to various schemes that could easily cause serious security problems, especially if the customer did not use adequate security protection in their computers or worse, used Internet cafes or a wireless connection while banking online.

Now along comes Banco Nacional with a high tech but easy-to-use gadget that all but guarantees your security even if banking from an Internet cafe or using a wireless connection. I got one about three weeks ago and have since been trying to figure out how someone could get into my account. My conclusion?  They cannot or if they can, they are a whole lot smarter than I am.

If this topic interests you, read on!

So how does it work?

Well first let’s look at security at most Costa Rica banks.  Almost all use a password that must be longer than x but shorter than y numerals or numbers.  Because of their antiquated operating systems,  symbols cannot be used i.e. ^%)@ etc. Most require that you change your password regularly. but people being people, folks often choose passwords that can be “guessed”.

All have a login name as well, of course.  Logins are often easy to find, however, as they often are your cedula numbers, email address, account name… whatever.  So, if the password gets compromised (stolen),  entry to your account is not hard and you have issues. All of these things are made far worse if you are using wireless or are on a computer where a keylogger has been installed without your knowledge.

So what has Banco Nacional (BN) done that is so great? Well they still require a login and it is usually your cedula # (dumb),  passport number (dumber) or other and is thus NOT very secure.

After you enter that, you are then taken to a pop-up window that is just silly! (yeah, I know, the good part is coming!). In this window you type 4 characters and use your mouse to click 4 numerals.  Why is it silly? Because it is fully visible to anyone standing or seated anywhere near you while you are typing this stuff…  Then they have (well they had) all they needed to get into your account.

But…. here is the cool part:

If you look at the picture above left at the beginning of this post, you will see what looks like a key fob with a little window.  You get this from BN for 3,000 colones (but see below).

With this gadget BN adds a final login step which makes everything incredibly secure!  After you log in doing the same old useless stuff… you are asked for a code number.  You now press a button on the key fob (llevero in español) and enter that generated number.  Also available is a card type device (see right) for generating the code. You now have access to your account.

Why is this cool and more important, safe?  Because each number generated is “one-use”.  Even if someone sees you entering it or actually sees the number, it can never be used ever again.  This number is mathematically tied to your account, and no other llavero (or card) will work in your account.

This thing is called a token. You can either go to your local BN office and get one for 3,000 colones or, if you have them, you can use your entertainment points that you get for paying bills online.

With this new security option, I would say this places Banco Nacional miles ahead of their competition in terms of keeping your account safe. As I know many of you here must use Internet cafes, shared computers or wireless, this new gadget can now make all the difference in keeping your money safe.  In fact, until the other banks “catch up”, I would suggest using BN as your primary bank using other only for spreading the wealth.

A lot of people think that now there will be wholesale changes now that ICE will face competition.  I am not so sure… at least in the short term.  Let’s examine what has been happening. If this topic interests you, read on!

First,  ICE states that it will close or at least restructure Radiográfica Costarricense  (RACSA), its 245 employees, and move all those  Internet customers from Racsa, its wholly owned subsidiary, to its own network, affecting maybe  80.000 users.  RACSA customers would therefore be serviced by ICE and the rates would be unified.  Sound easy?  Nothing is so easy in Costa Rica.  Two issues here… and this gets a little screwy, so take notes!  Remember that RACSA, while owned by ICE, runs its own show.  RACSA customer service and in fact their overall service has been improving over the past several years  to the point where I now tell people they are quite good! RACSA also sells only Internet services (high speed and modem) but not communications.

ICE, however, is renowned for just terrible customer service and doing everything even remotely possible to inconvenience the customer base.  This is something that should not surprise anyone as most monopolies never have to compete and therefore do not have to deal with the concept of making the customer happy.   Further, the technicians at RACSA are clearly more knowledgeable, or perhaps they are more accessible.  Hard to tell… but either way, they solve issues whereas ICE techs often blame the problem on you or deny there is a problem.

OK… so with the existing structure, RACSA can re-sell Internet  service (i.e. wholesale it) and they do.  Two of their customers are Cabletica and Amnet both distributors of cable TV services. Both of those companies sell cable TV with optional Internet (cable modem Internet).  You can buy cable TV with no Internet connectivity, but you can not buy Internet service from them without buying the cable TV service as well.

Now when ICE restructures RACSA, Amnet and CableTica customers will be moved to ICE.  ICE though, does not sell cable services so far as I know… so that means if I am getting this correctly,  AMNET and CableTica customers will have to all have new DSL installs, new equipment, etc.  UGH! This will effectively put Amnet and CableTica out of the Internet business.  Why do we (or at least I) care?  Because CableTica has  hands down the best customer services of all the companies in my opinion. Those businesses using cable modem service from either company may therefore have some serious issues ahead of them. But…. now we have this:

THIS week,  Amnet has announced they will cut the umbilical with RACSA and sell Internet services directly.  How?  They must, of course, buy services and connectivity directly from ICE and must also arrange to connect to the two underwater international cables in Parrita and Limon that connect to the Internet backbone.

Sounds simple… huh? Oh, did I forget to mention that Amnet also announced that they will compete with ICE for the cell phone business in Costa Rica?  Amnet was purchased last year by cellular service provider Millicom International Cellular, S.A. .  Gee!  I wonder if ICE is happy about that! I betcha not!

Nothing so far from CableTica.

So why am I writing all this? Well for those of you old enough to remember, once upon a time in the giant country to the North, there was a pretty GOOD communications monopoly called American Telephone and Telegraph (AT&T). Their service was just about as good as you an get anywhere.

Well one day, the mean old US government said, “NO MORE MONOPOLIES”  and broke apart AT&T.  The problem was that AT&T owned all the land, all the infrastructure, all the wiring, all the central offices… well you get the point. Startup company MCI just did not open the doors.  AT&T made life VERY difficult with major issues as regarded setting wholesale rates to providing access to all the above infrastructure. On the surface, they seemed cheerful enough about having the competition… but that was on the surface.  It took years and a zillion law suits and more zillions or dollars before MCI truly entered the US communications market.

ICE has kind made it clear they have no plans to go peacefully into the night…. so I asked myself, “I wonder who in Costa Rica  owns all the land, all the infrastructure, all the wiring, all the central offices, routers, contracts with backbone providers….”.  Things that make you go… hmmmm.

I have no idea how communiations and Internet services in Costa Rica will be affected.  Maybe everyone will just get along and overall, services and customer support will reign supreme with many happy and properous companies each providing these better services at lower prices.  Or not….?  Comment welcome~!

Final approval must come from the Comptroller (Costa Rica’s equivalent to the General Accounting Office) before the deal is finalized.  Huawei won in a bidding war against Sweden’s Ericcson and China rival ZTE Corporation

The 3G move will give mobile users access to high-end data applications on their phones, including high-speed interactive gaming and Internet access, prepaid video- localization, video, multimedia messaging, voice and data roaming, video conferencing, video streaming and other multimedia features. Apple’s popular iPhone uses the 3G technology. ICE has stated that the new lines and service will be available by the end of 2009, though I am skeptical of that. ICE ha a poor track record for meeting deadlines.

As everyone knows, the current GSM system is just horrible with crummy coverage and cut-off services everywhere. It also supports voice mail only in Spanish which annoys a lot of foreigners.

I am still unclear exactly what ICE bought for $235 million. Obviously the system itself, but I am also presuming praying that they are finally going to put up a ton of new towers as the coverage area for GSM is just horrendous!  ICE promises better coverage but….  Quien sabe?

I am also hoping that unlike the Alcatel deal (the company that installed the faulty GSM system while making a LOT of polititions and executives quite rich) this will be a clean deal… no payoffs.

The little i have heard of Huawei has all been good and they certainly have the experince and expertise to get it done.  Now… if ICE can just let them do it….

Some background for readers. There are two cellular systems here, TDMA being the oldest and the only one the works pretty much all of the time, and the GSM system, that should work better, but does not. In fact, it works poorly at best. Callers often get the “Try again later” message and even when there is cell service, connections are not always stable. In general, TDMA is the way to go though there are a few locations (Dominical, Nosara and Samara come to mind) where the only system that works well is a GSM phone. So you want a TDMA phone? Interestingly, there are no more new TDMA phones available in Costa Rica. Any you buy are reconditioned. Besides… there are no phones lines available anyway. Sheesh!

The plan to discontinue the TDMA system was based on ICE planned upgrading of the current GSM system to the Third Generation GSM known as 3G, a vastly superior communications system (and part of Apple’s new iPhone configuration). It is faster and offers a ton of options including Internet. Of course future success would also be based on having the towers available, etc… but that is a different story.

In any case, ICE’s plans were basically correct and once installed and the tower location issues fixed, it should have allowed for the discontinuation of TDMA and offered users a fine, though more costly, solution. Of course THAT was before ICE sent out the bids to install the new 3G system.

The bids went out and only one company bid the project, Huawei Technologies. Well that would be fine as Huawei is most certainly a capable business partner, but ICE planned a budget of $224 million and Huawei submitted a bid of $580 million. Oops! Did someone make a really big error in calculation? As ICE has a history of poor planning, this would not be a really big surprise. In fact, it appears that (though I cannot confirm this), ICE changed the bid specs in June, 2008 adding 500 terminals to the specs but expecting no increase in cost. Huh? I admit to not knowing what is a terminal… but adding 500 of anything would seem to me to be an additional expense that needed to be considered.

Of the six bidders, FIVE (like the Ericsson de Costa Rica (current provider of one of the country’s two GSM networks), Continuex S.A. (distributor of Samsung in Costa Rica, ZTE Corp. and Nokia Siemens Network) decided not to bid citing fears of not being able to deliver to ICE’s specs.

So now what? Who knows?? The $356 million difference is huge and ICE clearly will have to go back to the planning stage. It seems unlikely they will or even can accept Huawei’s bid. They do not have the funding… or maybe they do!

Just this week, ICE announced that they wish to expand services to other Central American countries. Of course those of you who are skeptics might suggest that ICE put its own house in order before planning such an expansion…. the more pragmatic might just suggest ICE forego expansion and use THAT money to get a good funcional and working GSM system.

As always… more shall be revealed!

Here is her email, and if the topic interests you (and you can deal with my rant)… read on!

My family plans to relocate to Costa Rica, and I would like to know what your thoughts are regarding the recent activity by the Costa Rican Congress ending it’s 84 year old insurance, and telecom monopoly (CAFTA). How do you think this is going to effect the citizens of Costa Rica that have enjoyed a universal health care system, and what do you think the implications are for Americans residig in Costa Rica, that have been able to partake in this system?.

From the tone of your comment, and I get a LOT of these emails/comments, you are one of those believing anything having to do with CAFTA and the big bad horrible USA must be bad for everyone else. If I am wrong, I apologize in advance.

But you got some words right.. just not the facts which are more obscure… so let me explain.

1. The telecom monopoly, like the vast majority of monopolies is a huge, cost wasting enterprise, employing tens of thousands of workers, and is roughly 7 years behind the rest of the world in providing the things over which they have responsibility (technology).

In addition, as with most monopolies it gives awful customer service at ridiculous prices (for Internet and power, not for cell service). The “high speed Internet”, when it DOES work, is painfully slow, and the vast majority of Costa Ricans have access only to dial-up modem service in their homes. It has held the country back economically. strategically, and educationally.

The cell rates ARE well priced, but of the two systems here, the only one that works at ALL is the old TDMA system popular in the USA back in the 1990s. It works great!!

The “new” GSM system is absolutely horrible, works at best only 90% of the time and does not work at all in many locations… yet the monopoly is telling many, many thousands of Ticos to turn in their old working cell phones and buy the new GSM phones. For many Tico families, this is a MAJOR expense. Gotta LOVE those monopolies! In 2009, they will discontinue the only system that works.

This telecom also controls the electric power. Last year we went days and weeks suffering brownouts and blackouts. This was the result of an astonishing lack of simple population planning, and numerous families and businesses suffered greatly. The president had to spend a TON of money buying emergency equipment just to keep the lights lit.

In the history of the world, there have been good monopolies I am sure, but the vast majority provided lousy customer service, a crummy product, at unfair prices… This is why monopolies were outlawed in the USA about 50 years ago.

This model fits here… because there is no competition, they do as they please while giving the customers the one finger salute.

Insurance

You wrote …”the recent activity by the Costa Rican Congress ending it’s 84 year old insurance… monopoly” and “How do you think this is going to effect the citizens of Costa Rica that have enjoyed a universal health care system”

You have things pretty mixed up. First, the congress had absolutely nothing to do with any of this.

The Central America Free Trade Agreement (CAFTA) was voted through by referendum…and was voted on by all Costa Ricans. The PEOPLE passed this treaty… not the congress. Hmmm. I wonder if the overwhelmingly super service provide by their telcom monopoly had anything to do with that vote!

After CAFTA passed, the congress had to alter existing laws to bring them into concordance with the terms of CAFTA that the PEOPLE OF COSTA RICA approved.

This is something that sorta grinds me in emails I receive… the perceived arrogance of those who think THEY know more than the Costa Rican people. I am not saying the writer said or implied this, but others have many times. The Costa Rican people are bright, intelligent, well educated people and right or wrong, they made their will known. Time will tell if it was a good decision, but I can assure you that never in my life have I EVER seen a more informed public on a topic up for referendum. Costa Rica could give civics lessons to any country in the world after the manner in which they handled the TLC (CAFTA).

So now there will be other insurance companies offering policies with wider coverages with larger groups and therefore possibly lower rates. There are dozens of huge international insurers who can now legally sell their products to those of us who live in Costa Rica. Now, perhaps a 50 year old women driver will not have to pay $1,400 per year for car insurance the same as her 19 year old son.

Oh… that’s right! There IS no compulsory insurance so only a very few people ever buy insurance because it can represent more than 10% of their annual income! Enjoy your next trip here! Drive defensively!

Your email implies that the “Universal Health Care” is going away. It is not. THE CCSS (CAJA) is alive and well. Good thing as my wife works for a CCSS hospital!

Oh… and to be clear… “Universal Health Care” is just socialized medicine… and just as in Sweden, Canada, England and other places, the system does not work for anyone except the very poor and seldom works well for them. Lines are huge. Several hours is common at my wife’s hospital. Generic medicine are prescribed to save money, but sadly they are purchased from a variety of countries and there is no quality control and therefore many medicines just do not work. I can vouch personally that that is true.

Waits for a doctors visit can take months and often DO. Waits for major surgery or even some minor surgeries can take years. The poor suffer with this crap as they have to… same as they will soon in the USA. Everyone else buys private insurance so they can see the doctor of their choice at the hospital of their choice a the time of their choice. For those of you who are “Universal Health Care” fans… I wish you well. It looks great on paper, but I have yet to see it work well. I can assure any middle class Gringo tht moves here that you will eventually get CAJA and buy private insurance in case you get sick.

So what do I think the implications are for Americans residing in Costa Rica, that have been able to partake in this system?. Not much… Nothing has changed, just more offerings and some of those are years away. If they use CAJA now, they will continue to use CAJA. If they buy private insurance now, they will soon have other options and perhaps better prices. If they are tired of paying car insurance as though they were an 18 year old male overdosed on testosterone… they will likely be happy with premiums that reflect their age, driving history and experience! Someone may come in and actually offer true hi speed Internet for less than $80 per month WITH reliable service and connections that actually do not die every day at 3 PM. Note I am referring here to TRUE high speed as you would find in most developed countries.

Costa Ricans will benefit I think by better services lower prices (or more for the money they do pay).

Even now, with the arrival of those big awful businesses from the bad ole USA, (like Walmart), customer service policies are changing country wide! Why imagine a Tico who can actually exchange a brand new and very costly TV (but one that was totally DOA right out of the box), instead of having to wait 3-4 months while it gets returned to the factory in Korea for repair!

Can you imagine?

And again… if I misread your email, I apologize… but that’s the problem with email… no visual or aural clues to clarify.  Also, enough others have written about how they hate the USA, big business, Bush, Obama, and God that I am just getting fed up with it.  As a famous bird once sang… Get Over It.

The Internet, I believe will – and is – changing the world. Living in a developing country and creating a viable income could really only be possible with the Internet. Democracy will grow much faster than mold through the Internet. Voices will connect, and no one can fight the power of souls connecting.

But the sketchy characters will continue to try. Instead of fiberglass lines, we’ve got cable and phone company monopolies. Thus back to our problem in Costa Rica. There’s too many people and not enough lanes of traffic. Sound familiar? The Internet takes planning and thought. It’s sketchy characters that benefit from a quick, short term buck that leave us all clicking that mouse with no results.

I’ve learned it can be a very good thing to be without Internet – our new life addiction. Many of us run to it like we used to dash to the answering machine the moment we walked in the door. Yet listening to a few messages wasn’t quite as time consuming as hours and hours and hours of Internet surfing.

Paradise has it’s bumps; bruises and blemishes. And when I get frustrated and want to scream at the computer, I grab a shot of morning sunshine or watch the stellar moon and listen to the palm trees rustle in the wind and connect on another level.

As some of you know, several of my companies here in Costa Rica are “high tech” related, especially the web hosting business where we host thousands of customers world wide. Server and computer security are paramount issues as you might guess.

So when I got a phone call yesterday asking me my thoughts about this rash of Internet bank fraud and seeking advice, I decided rather than answer her question immediately, I would BLOG about it and maybe pass on some ideas for my readers. While this relates to the banking thing, it is really germane to ANY Internet transaction that uses passwords, bank information, credit cards or ANY confidential data.

This will not be a “techy” post. I’ll try to keep it very basic so non-techies can understand what they can do (MUST do) to avoid Internet fraud.

I am sorry, but this will be a long post, but I cannot recommend strongly enough that your read this.

If this topic interests you, read on!

First, let me begin with this. Internet banking or for that matter any Internet commerce IS inherently safe if you take responsibility for protecting your computer, protecting confidential information, and learning about Internet safety.

The problem, of course, is that many people either do not know how to do this, think it is too technical, or frankly, cannot be bothered to learn (until they lose some large green, then amazingly, they have all sorts of time!).

Connection to the Internet – Computing Environment

Of course the first thing to discuss is your connection to the Internet. Basically, there are three ways you can connect and variations of those that we won’t get into here.

• Connect via modem
• Connect by cable modem, DSL or another “always on” connection, meaning you do not have to LOGIN each time you use the Internet
• Connect via a wireless connection, meaning you have no wires hanging off your computer when actually on line. You are sending and receiving radio signals from your PC to a box often called a wireless router, most capable of handling a number of wireless computers at the same time.
• Connect via and Internet cafe or other public locations that offer use of a PC to go online.

RULE ONE: YOU SHOULD NEVER FOR ANY REASON CONNECT TO YOUR ONLINE BANK ACCOUNT (OR ANY OTHER WEB SITE THAT INVOLVES YOUR FINANCES OR CREDIT CARD INFORMATION) FROM ANY INTERNET CAFE OR PUBLIC LOCATION USING COMPUTERS OFFERED BY THE CAFE OR PUBLIC LOCATION.

RULE TWO: YOU SHOULD NEVER FOR ANY REASON CONNECT TO YOUR ONLINE BANK ACCOUNT (OR ANY OTHER WEB SITE THAT INVOLVES YOUR FINANCES OR CREDIT CARD INFORMATION) FROM ANY INTERNET CAFE OR PUBLIC LOCATION USING COMPUTERS OFFERED BY THE CAFE OR PUBLIC LOCATION.

RULE THREE: YOU SHOULD NEVER FOR ANY REASON CONNECT TO YOUR ONLINE BANK ACCOUNT (OR ANY OTHER WEB SITE THAT INVOLVES YOUR FINANCES OR CREDIT CARD INFORMATION) FROM ANY INTERNET CAFE OR PUBLIC LOCATION USING YOUR OWN LAPTOP OR OTHER COMPUTER UNLESS YOU HAVE INSTALLED THE NECESSARY SOFTWARE TO PROTECT YOUR COMPUTING ENVIRONMENT.

RULE FOUR: YOU SHOULD NEVER USE A PUBLIC WIRELESS CONNECTION AT ALL.

It is important that you understand that regardless of how you connect, the instant you connect to the the Internet, your computer is vulnerable. Note the word instant. Therefore, you must have your computer protected before you ever connect to the Internet.

If you do not, you are exposed to potentially serious issues.

Your computing environment

What do I mean by “protection”? There are two critical items.

Anti Virus

First, you absolutely MUST have a good anti-virus program on your PC. By good, I mean a program that updates itself with new virus, worm, and Trojan horse information every time you log on the the Internet. Many of the best known names say they do. They do not. Most only update what they consider to be critical. The rest are updated once per week. This is nonsense! As it is estimated that between 20-40 new virus’ are released DAILY, updating once per week is just nonsense!

There are two excellent programs available, both from Europe and can easily be configured to update the virus info as often as hourly. On all our business PC’s, we have it set to every three hours.

Kaspersky and F Secure are the names of the software that we use, and you can find links to their web sites at the bottom of this post. Just scroll on down!

**Quick note to modem users! Modems users often login and immediately start reading emails or surfing. This is a mistake. Even if you are using high quality anti-virus programs like the ones I mentioned above, it takes time to download the newest virus information. Depending on when you were last online and your connection speed, from a minute or so to maybe ten minutes! Login by modem… then WAIT until your protection has caught up with you.

Firewall

The second thing that is needed, whether you have an “always on” connection (cable, DSL, etc.) or use a modem, is a BI-DIRECTIONAL firewall.

A firewall is a program that keeps the bad guys from getting in to your PC over your connection to the Internet. Many users of Windows PC’s use the firewall that is included free in the XP or Vista Operating systems. This is not enough!

Why?

Nowadays, the use of keyloggers is everywhere and especially at public locations and Internet cafes. A keylogger is a tiny program that can be installed on your PC without your knowledge. It is ridiculously easy to do this! It can be sent in an email, downloaded from a web site you visit, hidden in a Microsoft Word document… and in many other ways!

Then, every time you touch your keyboard, this tiny program records every key stroke you make! That information is then sent over the Internet to the bad guys!

They key phrase here is: “…sent over the Internet to the bad guys!”

This means that the keylogger program must have outward bound access to the Internet in order to send the information. THAT is why you need a firewall that not only controls (blocks) what wants to come IN to your PC, but also can block what wants to get OUT of your PC without your knowledge or permission. Most firewalls (Windows XP for example) do not do this. There may be other firewalls that do so. I use a product by Checkpoint; again, there are links at the bottom of this post so you can get more information.

Wireless (inalámbrico)

Wireless is just that. Your computer transmits and receives just like a little radio station. That means anyone near you can easily intercept those radio signals and can see them on their computer. The software to do this is free on the Internet. While it is a bit more complex than a keylogger, it does not take a computer scientist to do this.

EMAIL

So you may say, “All I do is check my email!” and surf the net”.

OK… so now, the bad guys can have access to your email! THAT means they can now ask for a lost password in your name, then get or change the password and erase all trace they were there!

OK, now some users use a webmail connection!  This is very common.  Or, they use Tahoo, etc.  THEN they leave the old messages stored on their account.  NOW, when someone gets access to their email, they can read old emails… and there they can find a treasure trove of things including passwords or lost password email, etc.

RULE FIVE:  NEVER LEAVE EMAIL ON A SERVER (your email account online).  USE A GOOD EMAIL PROGRAM AND DOWNLOAD THE EMAIL TO YOUR COMPUTER AND STORE IT THERE.  Just think of what someone can find reading the past years of your emails.

Also, a really knowledgeable hacker person can get into your PC via a wireless connection! There, they can read, copy files and do other bad things. Every time I go to Bagelmans or Dennys or some hotel lobby, I see people logged on wireless thinking all is well. One day I saw a guy sitting in his car just outside one of these locations obviously using his laptop.

Was he just using the wireless for free? Probably. Right?

While there are ways to 100% protect a PC in a wireless environment, they are simply too complex for this post.

In any case… can you see the problem here? It is amazingly easy to get someone’s confidential information via the Internet.

Couple this with people who still open email that is clearly SPAM (and make no mistake, people open millions every day!) or from unknown persons, and you can see why the burden has to fall on you to protect your computing environment. Now ad a little surfing and this problem begins to take shape.

Want more? Add kids and teens! They surf everywhere and a favorite trick of hackers is to place malware (bad programs) on sites kids will be attracted to as they KNOW the kids are using mom and dad’s PC!

Passwords

Many think that using a good password and changing it regularly is enough . It is not. However, it is important to know what is a good password. For all my business access, I use complex passwords i.e. “wV1E4GJY18Ct5″. Nasty, but required in my work. Sometimes we throw in random punctuation marks as well.

However these kinds of passwords are not practical nor necessary for an average user who needs to remember the password (as everyone knows it should never be written down, RIGHT?).

So here is a little password trick.

Look around you. Find two items totally at random. From where I am writing, I can see a gourd and a table. Now, think of a number between 19-99. OK so now take that number and place it between the two words thus: gourd79table.

Now randomly capitalize 2-4 letters thus: gouRD79tAble.

You now have a pretty nasty password nearly impossible to guess and even a random password generator will never find it. Whether you use this technique or another, NEVER EVER use birthdays, names, places, ANY ID numbers of any kind for passwords. You would be flabbergasted at how much of everyones private life is already on the Internet.

Those “security test questions”

How many times have you seen a password test question something like, “What was your mother’s maiden name?” used as the test question? How dumb! Your mother’s maiden name (also probably known as your grandfather’s last name) can likely be found on hundreds of genealogy web sites or other public databases! Piece of cake for any good hacker. That is why I use the first name of the second barber who ever cut my hair as my correct answer to what was my mother’s maiden name. Let them try to find THAT out!

Summation

You must have your PC protected. I can promise you that Internet Cafes do NOT have this protection. While protecting one PC is not expensive, protecting 20-30 computers is not cheap. Also, they just do not care of course as it is not their responsibility.

• Download, install and learn to use good anti-virus and firewall software and keep them current
• Use proper passwords like those above and change them frequently
• Make sure that any time you are entering private information over the Internet that the web site is using a security certificate. You can tell this by 1. Checking for a little “lock” icon at the bottom of the web page in the browsers border. To see what I am referring to, go here.Now down at the bottom of your browser, you can see the little lock! That indicates a secure web site.Another way is to make sure the URL (web address) begins with https:// and NOT just http:// without the “s”. The “s” indicates that a security certificate is present to encrypt what you type (but remember, NOT over wireless!!)
• Avoid using wireless… period!
• Avoid using any public PC anywhere.
• If you chose to ignore this, never ever use a public PC if you will be entering even ONE piece of confidential information.
• Never open unsolicited email. Sometimes just opening an email can do damage!
• Surfing can be OK if and only if you have ALL the proper protective software installed and current on your PC.

Protection must be on your PC and for that reason, if you MUST use an Internet cafe, install these protections on your PC first and connect your PC (laptop more likely) directly (via cable) to the Internet cafe’s connection. Just about all locations offer this provision as do most hotels nowadays.

Here are links to the companies mentioned above:

Many locations are important population centers like parts of Curridabat, Tibás, Heredia and Cartago. S anto Domingo de Heredia had just FIVE connections remaining.

Outside the Central Valley, there are the same issues in Ciudad Quesada (San Carlos), Liberia, Nicoya, Santa Cruz and Jacó. In several areas, NO connections remain, and people are now faced with a waiting list similar to the ever-popular bi-annual cell phone fiasco. ICE in Tibás states there are no services because the central station is saturated and because there are modems no available. HUH? There simply are no more connections in those central offices AND even if there were, there are no routers!

So now ICE has to go to the Contraloría (the bean counters for the Republic) and ask for money to expand the system that should have been expanded 4-5 years ago but was not because they did not ask for the money nor make a case for expanding these services that are strategically critical to Costa Rica and its development.

Seems like every day or so, we have ICE telling us “NO TLC” (free trade agreement) and ICE employees marching in parades to demonstrate that “Costa Rica don’t need no Stinking TLC”. The parade was probably lead by the guy who heads strategic planning.

So tell me if I am wrong here. If YOU were a monopoly charged with providing electricty and communications services to this country, and you did not want foreign competition to come in and clean your clock, would it not make sense to provide the best available services to those voters who will soon decide the fate of the TLC?

But no… I guess not!

Instead we have graft, lousy or non-existent cell phone service and no cell phone lines, rolling electrical blackouts affecting the entire country, and (now) no capacity to expand those Internet service that affect world wide communications and the growth and development of this nation!

I have stayed out of this TLC thing as 1. I do not fully understand all of its implications for Costa Rica and 2. I frankly think ALL foreigners, legal or not, are guests and truly have no right to stick their noses in these issues unless they are actually citizens and must (by law).

That said, I sure am wondering when the Costa Rican people will tire of taking it in the shorts from ICE, CAJA and the rest of the monopolies that exist here.

However, if you live in any of the many hundreds of other cities outside the central valley or the tourist spots, your only option is a telephone modem, or perhaps a (quite poorly working) connection using a GSM cell phone. Either way, you are getting not only a very slow connection speed but often unreliable service as well.

Over the past few years, there have been companies promoting satellite Internet service in Costa Rica. On the surface, this seems like a great idea for those needing a decent connection speed but who prefer to live outside the main population areas.

As I have written in The REAL Costa Rica, these installation are totally illegal in Costa Rica.

If this topic is of interest to you, read on…

These satellite setups must not only receive Internet signals (download) the must also transmit information back to the satellite (upload) to work properly. That is where lies the problem.

Costa Rica is a sovereign nation, and as with every country I know of, you must be licensed to send out radio signals. In Costa Rica, the only companies who can legally do this are ICE and RACSA. ICE does not offer any service though RACSA does offer a truly horrible satellite setup that receives by dish, but actually transmits (uploads) by TELEPHONE connection.

Any other satellite setup that sends a signal (transmits) is illegal.

So how do these companies get away with this? Probably the same reason you can run a red light here. Little or no enforcement. So if you decide to spend the thousands of dollars to buy one of these systems, you should be aware that, although you may not get caught, you are absolutely breaking the law.

So do they work?

The answer is not clear. I have met only 3-4 people who paid the big bucks, and I have not met one yet who was even remotely happy. One of these is a real estate agency (and a client of mine) with offices around Dominical. After more than a year of trying to get the system working, they wrote it off. Really had no other option.

The others were just people who moved here and needed a high speed connection. All expressed unhappiness with their purchase. Now I am sure the must be somebody here who does not feel ripped off, so if you are a happy customer, by all means add your comment at the bottom.

Here though is a letter I received yesterday from a gentleman who is not at all happy, and I publish it here because he expresses almost verbatim what others have told me.

Many who live in areas without land based phones or accessibility to Internet connections other than cyber cafes might consider contacting one of the Internet satellite installers advertised in the English speaking papers.

If you do, it is a case of buyer beware. There seems to be a major problem with unethical and fraudulent schemes directed towards foreign and English speaking people. Because it is a small country that has limited means of combating these schemes the perpetrators feel they can operate with impunity.

I contacted one of these companies that the ad and website indicated was a local company operating in Costa Rica. I called the local number and was referred to a number in the US. I was sent a contract which I signed and my credit card was charged $2599 for the equipment and $500 for the installation and $99 a month for the service.

The first indication something was wrong was when the modem I contracted for was switched to an older model. The installation was to include grounding but I was told I would have to contract that out.

The service lasted 31 days when the modem stopped working. I contacted technical support and after several days were told I would have to buy a new modem for $1900 and an undisclosed amount for a service call. This would mean it would cost me $5600 for a total of 31 days service. The cost of the outmoded modem was 4 or 5`time’s industry standards so it became clear I had been had.

Through investigation I learned the modem manufacturer warranted the modem. The so-called local company was one of 4 or 5 companies that is interconnected and was a front for one of these companies. There is misrepresentation in all their websites. The pattern of withholding service and demanding additional money is well documented as March 3, 2006 they notified around 3000 of their subscribers that unless they came up with additional money their service would be cut off in 5 days.

In checking with the National Register it was determined none of these companies are licensed to do business in Costa Rica. Also contacted was Miguel Montero of Racsa, the agency that controls all satellite internet installations, not only are they not licensed but such installations are illegal.

It is a sad state of affairs when these companies are allowed to operate. t was one of the reasons we came to Costa Rica. To avoid the pattern of getting money anyway you can. Bill Strong.

A couple of comments. There are NOT 3,000 installations in Costa Rica. I doubt there are more than 50. The writer is speaking of all customers of this company world wide.

I also have not verified the “interconnecting companies” thing.

However, it is clear that if you do decide to break the law and use one of these systems, this is a clear case of “do your due diligence” also known as caveat emptor.

As mentioned above, I encourage anyone who has and is happily using a satellite system to comment below. I promise not to report you to the satellite police!