I’ll start out by saying I love Panera Bread for a couple of reason with one of them actually being the food. The other however is Panera Bread like some other places in the Triad has elected to offer FREE Wifi to it’s customers. That means while you having that muffin you can hop in the Internet with your notebook and check the latest news, buy that lamp on eBay or check your email. Why more places have not opted for doing this is beyond me as it’s clearly a draw for Panera as you can go into any of their shops and see a good half dozen folks eating, drinking and computering 😉
Anyway one thing people should be more aware of is most Internet traffic is easily captured, watched, and tracked and when you do it in a public place that goes doubly so. In the case of a Panera Bread wifi setup I have noticed a large number of users just tooling around on the Internet typing in passwords here, logging into services there all oblivious to how easy it is for a “hacker” to see. I will write another post about exactly how this happens in the future but for now what I want to focus on is if it’s bad enough a hacker might be watching but did you know Panera Bread was?
While in a Panera Bread today I need to test an email server to make sure it was up and running. To do this I just need to open a direct connection to that server and see if it answers. Without getting into the Geek part of this I’ll leave it at that and proceed with what I saw when I tried to connect to say BITSofWS.com’s email server:
220 relay.wanderingwifi.com ESMTP (5e620e3a0f5115e2950db8d4c0cab4f1)
hmmm, that’s not BITSofWS.com.
Now from a business owner and tech point of view it’s clear to me any HotSpot should be doing some monitoring and filtering otherwise some Spammer would just sit in the parking lot spamming away however there are ways to stop Spamming without the need to actually read all the email going through the network. So is Panera Bread just filtering or are they listening in? Well if you go to www.wanderingwifi.com you will find this little tidbit which certainly sounds to me like they are listening and recording all traffic going through the network:
“We block outbound SPAM. We provide audit trails of usage. We can blacklist users or devices. We help you demonstrate proper due diligence and avoid frivolous lawsuits.”
I’m not surprised they would do this and other than general web browsing all my connections are secure by SSL, VPN, etc so if they want to know I went to Google to check a stock price then good for them. I wonder though how many users out there come into a HotSpot and launch Outlook Express checking their email, sending an email to somebody or even worse send an email with potential security and privacy issues in it? Come on I want to see a show of hands of how many of you have sent an email with a password, phone number, door access codes or worse in it. Yeah that’s what I thought so the next time your using a public wifi service just be aware that anything your typing that either isn’t secured by that little Lock in Internet Explorer or using some corporate secure connection you need to understand anyone and maybe everyone is watching.
For a pretty reference without all the Geek Speak you may want to check out this article: Coffee shop WiFi for dummies