Many of the WordCamps I present at, I also bring my bestie, Kimberly Castleberry and we’ve noticed a big issue: security. I’m not talking about WordPress security, but security for it’s attendees while using the Internet.
In fact, Kim asked this back at the 2014 WordCamp St. Louis. The venue was Washington University, in St. Louis, Missouri. She and I agreed that as much as WordCamps have been bringing on presenters to educate the attendees about WordPress security, they aren’t making sure the venue can provide a secure Internet connection. It’s kind of odd that this was forgotten. Having a secure website isn’t just keeping your site up-to-date, having a web host that does have some security in place, and hardening WordPress, but also protecting how you surf the Internet and your computer’s health.
This is a problem, especially when the venue is college campuses. I’m not gonna lie. When I went to college, and I was owner of several large Yahoo! Clubs (some over 50,000 members and the others in the 20K-30K range), I had been hacked while I was sitting at my computer in my own dorm room. For me, this issue hits home. I have access to information for clients that run high profile websites, and sometimes when I go present at WordCamps, I sometimes have to take a few moments to tend to their support issues.
The scary factor for others is that your personal information could be stolen as you surf. Now, I’m not pointing fingers, but I’ve seen the screens of laptops, tablets, and mobile phones from other WordCamp attendees. Some of them are shopping and some are even working. Oh, and those Automattic employees that come, they are letting things open if they have enough access to areas of WordPress.com and WordPress.org that may become a hacker’s dream…. at least, the wrong hacker. Not all hackers are malicious and I’m not trying to give any ideas, but this is really something to think about.
It’s enough that attendees may want to think about investing in a VPN (Virtual Private Network.) They could, but they shouldn’t have to. While WordCamp organizers do an awesome job of acquiring great venues, asking the venue on how they can provide secure Internet access for the event might be something to think about.
If that isn’t something that can be considered, at least making a huge announcement to their WordCamp communities that they may want to invest into a VPN should be done. It is a HUGE risk to allow a lot of people access to an unsecure Internet hub. It can lead to identity theft and even hacked websites… not a lot of fun.
Have you attended a WordCamp? Has it ever come to mind that your information was wide open for the pickings while attending a WordCamp? If you went to a WordCamp that actually provided secure Internet access, when was it? What are your thoughts on this?
The reality is that most WordCamp organizers have very little control – if any at all – regarding venue’s wifi and internet. If they’re lucky, there is public internet and private internet available to speakers. So I don’t think there’s much the WordCamp organizers can do. Furthermore, the majority of attendees aren’t usually savvy enough to even know how to set a VPN.
Most camps venues are public areas (colleges, libraries, coworking spaces) so the level of awareness for those should be the same as any other place they might use public wifi outside of their home. To my knowledge I haven’t heard about wifi security issues at a WordCamp, but it wouldn’t surprise if it happened in the past. I don’t see harm in a public reminder to attendees – this is the first time i’ve heard of the topic discussed, so it’s a nice general reminder.
Yes, the majority of WordCamps are held in college campuses or in specific conference venues. A secure connection is NOT available to speakers and organizers. I know… after speaking at 14 WordCamps since 2010.
WordCamps are volunteer based and funded by donations, so perhaps the budgets should be adjusted and they can ask the facilities to hook up a more secure connection during the event. That would be a big request, but prevent this issue from occurring.
While there hasn’t been a problem yet, it could always become one. The best bet is probably to encourage users to invest in a VPN. Some of them are not too expensive (in fact, one VPN company recently had a deal for $19 for 3 years) and they can always use for just the event. A ticket is already cheap anyway.
It’s kind of like how my house is located in a small town on 12,000 people. I live downtown. When I first lived here 6 years ago, the neighborhood had an occasional kid fight in the alley way. Just recently we’ve had a police chase, gunshots fired, strange people occasionally coming up to my door asking for other people (really looking to see if anyone was home), and someone even had the balls to open my front door while I was home. It use to be pretty safe, but now I have to be more cautious in this rural town.
it was about June 2014 the WordPress Founder came to my Campus all told us that there will be significant updates for the security layers in WordPress. yet still the problem with a wordpress site hosted on shared hosting is that the Host provider security itself. some of them easily injected and people blame WordPress eventually
VPN might help the situation, but at the end of the day we have to have some level of responsibility as well.
Thanks for the share Nile. Still data can never be securely concealed as general security risks associated with using computers via VPN also been highlighted by many cyber security experts.
“It’s kind of like how my house is located in a small town on 12,000 people. I live downtown. When I first lived here 6 years ago, the neighborhood had an occasional kid fight in the alley way. Just recently we’ve had a police chase, gunshots fired, strange people occasionally coming up to my door asking for other people (really looking to see if anyone was home), and someone even had the balls to open my front door while I was home. It use to be pretty safe, but now I have to be more cautious in this rural town.”
What you mentioned above was shocking but at the same time what preventive support from the local authorities?
Well, I think the question about the WordCamp’s security is really broad and not limited to one place. I attended the WordCamp at small city Baroda and it has all the necessary measures taken which I really liked a lot.