I think the "gold standard" of privacy when using unsecure public hotspots would be a VPN but that's not really compatible with setting up a netbook for a totally un-technical Windows user with no patience for software hassles. So I'm going to do the best I can with some basic precautions that are totally unobtrusive (i.e. invisible). Here's the deal:

Windows XP netbook (a Toshiba if it matters).

The Windows firewall turned on.

Prevx running.

Firefox browser running in Sandboxie.

E-mail access via HTTPS web client to a MS-Exchange server.

The only other software on the computer is Word/Excel/Powerpoint 2007.

I make periodic whole-disk backups using the Paragon Drive Backup Free to an external HDD. And I have the Panda USB innoculation thing installed to hopefully slow down any bad stuff by arriving by that vector. But that's the whole gig right there. Very simple and cheap stuff all around.

What are my exposures when using this setup at a hotel lobby, Starbucks or other public WiFi connection? Is there anything else obvious that I ought to be doing, keeping in mind that it has to be invisible and low impact?

Hi Brent Hutto,

I guess you are ready to get the most common attack in a lan:ARP sniff attack,which is one of Man In the Middle attacks.

So,you still need to encrypt your internet.

Some vpn's are really easy to set up. But the one I use (vpnuk.info) never works in wifi hotspots. Maybe it is standard to block a vpn port? I don't know.

Anyway, if you are accessing the web via https:// your communications are encrypted (assuming for example you're not using something like yahoo mail which only encrypts the password login page and after you are running standard http://) or google mail which only encrypts everything if you go deep into the settings and ask it to.

Otherwise a hacker who has wireshark on his computer can sit across the room and watch everything you send and receive.