Digital Foundations Module

Lesson 4: Connectivity

Ready?
Begin Lesson

What is Wi-Fi?

Part 1

ASK YOUR STUDENTS

• What devices can you use to access the internet?
• How do those devices connect to the internet?

TELL YOUR STUDENTS

Wi-Fi is a common way to connect devices to the internet. Wi-Fi uses radio signals to connect devices without a physical or wired connection.

Mobile devices use a cellular connection to connect to the internet, especially if they are not in a school, library, or home network. Cellular connections are a type of wireless radio signal that has a much larger coverage area than a router has. Cellular connections use particular transceivers, called cell towers, to connect your mobile device to the internet.

Part 2

ASK YOUR STUDENTS

• What are the benefits of Wi-Fi?
• What are some of the drawbacks of Wi-Fi?
• Do you think there are any security concerns when using Wi-Fi versus a wired internet connection? Why?
• Why is it that you lose Wi-Fi access on your phone as you leave a building?

Choosing a Wi-Fi Network

ASK YOUR STUDENTS

• Are all free Wi-Fi networks safe? Why/why not?

TELL YOUR STUDENTS

Sometimes, you are given a choice as to which free Wi-Fi network you would like to use. It’s important to remember that there are serious risks if you connect to the wrong network. For instance, unsecured Wi-Fi networks are those that don’t require a password to log in. If you are on an unsecured network, it’s possible for other people on the same network to see your information. They may steal information you send over the network or monitor what you are doing.

On the other hand, secure and trusted Wi-Fi networks are those that require a password, have encryption enabled, and those on which you are certain the network you are signing into is the one the network name is representing. For instance, signing into a network impersonating the name of your school’s network could lead to account information disclosure. Therefore, networks that are secure and trusted are the ones that offer the most protection.

One thing to consider is the context or location of the Wi-Fi network. For example, if you are at the movie theater and you see your school’s network name on your phone when looking for a Wi-Fi connection, you might consider that network is trying to imitate or “spoof” your school’s network to collect passwords from unsuspecting students.

When setting up a password-protected Wi-Fi network, the owner must choose to turn on the router’s encryption protocol. Common encryption protocols are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), or WPA2. These protocols make it so that the information that is sent wirelessly over the network is encrypted (or “scrambled”).

Encryption was created to make it more difficult for hackers to see what you are sending. All of these protocols (WEP, WPA, and WPA2), however, have been shown to be vulnerable to hacking. Therefore, it is important to also rely on secure web connections when transmitting information online.

HTTPS is a standard used by websites to encrypt data passed over the internet. Encryption can prevent any third party from easily viewing the data from your connection. It provides an extra layer of security and can be used in any browser by adding “https://” in front of the URL you use (e.g., https://www.mysite.com). However, not all websites support HTTPS.

You should only enter sensitive information (e.g., passwords, ATM card information, mobile banking password) on web pages with the HTTPS:// prefix. Most major browsers have security indicators that look like locks near the address bar to indicate HTTPS connections. Unfortunately, HTTPS does not guarantee that you are safe, as some malicious websites can also support HTTPS. HTTPS secures the connection but does not ensure the website is a good actor.

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) are names for the technology that keeps HTTPS secure. SSL/TLS uses digital encryption keys, which work a lot like real keys. If you wrote a secret on a piece of paper for your friend, whoever found the paper could see your secret. Instead, imagine you gave them a copy of a key in person and then sent your secrets in matching locked boxes. If someone intercepted the box, they would have a hard time seeing your secret without the key. If someone tried to replace the box with a similar-looking one, you would notice that your key would not work. SSL/TLS works the same way, but with a website.

Browser security indicators will also communicate Extended Validation (EV) certificate information. EV certificates are given to websites that verify their identity to a certificate authority. In browsers, sometimes the EV indicator takes the form of the site’s name or the registering entity next to the address bar. If you’re suspicious of the content on a particular website, you can check to see if the URL in the certificate matches the URL in the browser by clicking on “View Certificate.”

(It may be helpful, on the projection screen, to demonstrate to students how to find “View Certificate.” How you navigate to this varies by browser. For example, on Chrome, under “View,” click “Developer” and then “Developer Tools.” From “Developer Tools,” click the “Security” tab, then “View Certificate.”)

ASK YOUR STUDENTS

• What should you think about when connecting to any new network?
  • Possible answers include location or who owns the network), access (or who else is connected to the network), and activity (or what you are doing on the network).
• Does anyone have Wi-Fi or internet at home?
• For those who answered yes, who owns your Wi-Fi network at home? At school? At the internet café? At the supermarket/mall?
  • Your parents/guardians own your home’s Wi-Fi network, the administrators and/or the principal own the network at school, and the owner of the internet café or supermarket/mall owns the network at their store.
• Do you know these people personally?
• Do you trust these people?
  • Engage students in a discussion about how they might trust these people differently.

TELL YOUR STUDENTS

You should know and trust the person hosting the Wi-Fi network. Sometimes, you can determine who the owner is using the network’s SSID. The Service Set Identifier (SSID) is the name given to a Wi-Fi network that you can see when you try to connect. The SSID is often used to communicate who owns the network and other details about the network. Be careful, though, as nearly anyone (who knows how to) can create a SSID. For example, someone can create a SSID that is identical to the one you use at school. This is an example of impersonating a known and trusted network to potentially harvest usernames and passwords.

Knowing who is hosting the network can help you determine whether the network is secure. If it belongs to a person or organization you trust, then you will likely feel comfortable connecting. However, if it is an unknown network, you should not connect as you do not know who owns the router to which you are connecting.

Because all traffic on the network goes through the router, the owner could be monitoring or recording your web traffic.

When you connect to Wi-Fi, your device is connected to a local network of devices, and that network connects to the broader internet. Because your device is exchanging information with this network, it is important to trust the other devices you’re connected with — and that means any device on the network. It’s just like being divided into groups for a competition to win money, you want to make sure you trust everyone on your team to perform well and ensure they don’t run away with your money when you win.

Using a password on the network may limit who can connect to it. This means you will have a better idea of who is on the network — whether it’s your family, your friends, or other customers in the internet cafe or supermarket/mall — than if the network was completely open.

Whether or not you decide to join a network that may seem suspicious comes down to the trade-offs you are willing to make in terms of online security. You might consider, “How should I weigh the potential of my account being breached versus the convenience of joining an available network?”

ASK YOUR STUDENTS

• Should you read online news/a blog using your Wi-Fi network at home? At school? At an internet cafe? At a supermarket/mall?
  • Explain that the content of a web page is generally not sensitive information. You can probably do this on any network.
• Should you send an ATM card number or your mobile banking password using your Wi-Fi network at home? At school? At an internet cafe? At a supermarket/mall?
  • Engage in a discussion around why it’s safest to do so with their home Wi-Fi and not with the internet cafe or supermarket/mall Wi-Fi. Also, discuss how, while a school’s network is likely trustworthy, it may not be worth the risk since this particular information is highly sensitive.
• Should you check your personal email using your Wi-Fi network at home? At school? At an internet cafe? At a supermarket/mall?
  • Discuss how it’s probably safest to do so with their home network, depending on the content of the email account. For example, some individuals have multiple email accounts that they use for different purposes (e.g. work emails for one account and emails to friends and family on another account).

TELL YOUR STUDENTS

Sensitive information, including passwords and bank information, is better sent/viewed on a private and secure network, on websites using SSL/TLS, rather than on a shared public network. This private information is at risk if you submit or access it while on a shared network being used by people you don’t know or trust.

It may not be clear how sensitive or not sensitive information is because privacy is a personal decision that you must make for yourself. It’s important to consider each situation on its own to determine whether you should connect to the network. Ask yourself if you trust the network’s owner, others connected to it, what activity you are doing online and what information you are sharing before deciding to connect or not.

Secured and Unsecured Networks

Part 1

Please note: Part of the content of this activity has been covered in “Activity #2: Choosing a Wi-Fi Network.” We defer to your judgment regarding whether or not you would like to go over this material again or skip it.

TELL YOUR STUDENTS

As mentioned earlier, unsecured Wi-Fi networks are those that don’t require a password to log in. The use of unsecured networks poses a risk to the data you transmit and receive over the network.

Secured Wi-Fi networks are those that require a password and have encryption enabled. The person who configured the network is the one who chooses whether or not to enable encryption.

Encryption scrambles the information you send and receive over a network, so it is much more difficult for a hacker on the same Wi-Fi network to see what you are sending or receiving.

Just because a network is secured does not mean that your data is safe. It is certainly safer than using an unsecured network; however, a determined hacker may still find a way to access your information.

There are three common encryption protocols for Wi-Fi networks. They are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), or WPA2. WEP and WPA are outdated, and networks relying on these should be thought of as unsecured.

Furthermore, WPA2 has also been shown to be vulnerable to hacking. To make sure your information is protected to the fullest extent, check to see that the websites you are using are encrypted using SSL/TLS.

ASK YOUR STUDENTS

• Can anyone think of an example of a password-protected network that they have used?
• Some examples include their home Wi-Fi, a school’s Wi-Fi, and Wi-Fi networks at some public locations, like restaurants or supermarkets/malls.
• Can anyone think of an example of an unsecured network that they have used? How about examples of a secured network?

TELL YOUR STUDENTS

You can check whether a Wi-Fi network is encrypted by examining the network or wireless settings on your device.

Part 2

CLASS INTERACTION

Before this learning experience, conduct an internet search to review how to check Wi-Fi network encryption types for different operating systems. Then, demonstrate how to find out what kind of encryption a network uses. For instance, on macOS, click on System Preferences -> Network -> Select Wi-Fi -> select the appropriate Network name. Under the Wi-Fi tab, there will be a list of known networks and a column indicating which encryption type is used.

TELL YOUR STUDENTS

Not all connections are equal. When a network is unsecured, anyone can connect to the network, and it is unclear who controls the network. Joining an unsecured network leaves you vulnerable because the information you send and receive, like your web traffic (pages, passwords, etc.), could potentially be viewed by anyone on the network if you aren’t using an SSL/TLS connection.

CLASS INTERACTION

Depending on your students’ technical knowledge, you may wish to discuss the use of Virtual Private Networks (VPN) as an additional layer of security when using Wi-Fi.

Recognizing Connection Safety

CLASS INTERACTION

Divide students into groups of two or three. Pass out the “Connection Safety” handout and assign a scenario to each of the groups. Give students five minutes to discuss their scenarios. Afterward, ask groups to share their responses.

Assignment

Write your activities for a regular day, marking the Wi-Fi networks to which you connect.

From the selected networks depicted on the timeline, choose two and in a short paragraph for each, describe the network. Who else is connected to it? How secure is it?

Additionally — for the two networks chosen — describe what opportunities come with connecting to these networks and what the associated risks might be.

Congrats!
You've finished the lesson

Previous Lesson Next Lesson