Can my Internet connection be “tapped” like a phone line?

In a word, yes…

By Deborah Halber

Robert T. Morris, associate professor of electrical engineering and computer science, proposes this scenario: You’re sitting in an MIT lecture hall, using MIT’s ubiquitous wireless network to Google something. “Other laptops in the room with wireless hardware will overhear your packets (byte-sized pieces of your message that help it get to its destination) and see what you are doing,” Morris says. This involves available software and the wireless hardware within your computer that “overhears” these transmissions, not superhuman hearing.

It would be harder for someone to eavesdrop if you are at home with your laptop connected to a DSL modem with no wireless, he says. An eavesdropper might have to sit outside your house (or at the phone company central office) directly tapping your phone/DSL line. If you use wireless at home, then all your neighbors can probably overhear your network traffic. “If you want your communication to be private, encrypt it,” adds senior research scientist David D. Clark.

If you’re talking to a web site that uses SSL (the URL looks like “ https://…”) then you are much better protected against eavesdropping. The “https” indicates that your browser and the server are encrypting data they exchange, so a casual eavesdropper will not be able to understand the content of the conversation. The eavesdropper will, however, be able to see which web server you’re connected to, says Morris, whose current research interests include modular software-based routers and analysis of the aggregation behavior of Internet traffic.

Posted: December 16, 2008