TAMPA - On a sunny afternoon, Joe Tomasone and I jump into his SUV for a drive through downtown Tampa to snoop on people using the Internet. And the snooping is easy.

As we drive Kennedy Boulevard over the Hillsborough River, hundreds of names of people using Wi-Fi wireless data connections start scrolling up Tomasone's notebook computer screen. With alarming ease, we read digital conversations from corporate computers, restaurants and hundreds of private individuals surfing the Internet - all in vivid detail.

•Someone named Kari is downloading music to her Apple computer with iTunes software.

•Someone with the screen name "Dieselman1276" is sending a password.

•A lawyer is sending an e-mail about troubles with a federal court case.

A few days before, Tomasone and I drove through Oldsmar and noticed people booking airline tickets on Orbitz.com and someone, somewhere near a coffee shop, downloading pictures of actress Denise Richards naked.

"Imagine if I used this for evil and not good," said Tomasone, an expert with the Tampa wireless security company Fortress Technologies.

The Tampa Bay area appears awash in the digital conversations of people unaware that anyone with a basic notebook computer and some free software off the Internet can see whatever they're doing and sniff out their passwords, credit card numbers or corporate secrets. Because Tomasone and I are merely "listening" rather than intruding, no one would know they had been snooped on.

Secure from snoopers or not, such Wi-Fi antennas are exploding in popularity as businesses and residents buy them as a cheap, easy way to connect computers together - and to the Internet - without cumbersome wires. All too few users, meanwhile, appear to take security precautions to hinder an ill-intentioned snooper.

Granted, Tomasone's job involves giving scary demonstrations like this, as his company sells wireless encryption software to corporations, the government, the military and police.

He has another message as well: "People should know that if they're using wireless connections and not using any security, they're just crazy."

To drive this point home, Tomasone gave me a compact disc with a free program off the Internet that hackers tailor-made for computer novices to use - no technical expertise required.

It's the kind of security disaster-in-waiting that computer experts know all too well - and most consumers know little about.

Meanwhile, shipments of Wi-Fi antennas are growing madly. ABI Research in Oyster Bay, N.Y., estimates U.S. residents bought 5.36 million antennas in 2003, 10.81 million in 2004 and 16.09 million in 2005.

There's little research on how many people secure their Wi-Fi signals with encryption at home or work. If Tampa is any guide, few do.

In about 20 minutes of driving, Tomasone and I logged more than 1,200 open wireless connections between the Channel District and The Tampa Tribune newsroom. Fewer than half had security software in use.

Most users had not taken the basic step of changing the digital name of their Wi-Fi antenna after installing it. That quickly tells hackers that the wireless link probably has no security.

And perhaps worst of all, hundreds of the Wi-Fi users who did use encryption were using old cryptography software called WEP that was broken five years ago by California college students.

Avivah Litan, a computer and privacy expert at the research firm Gartner Group, said new forms of wireless security are coming on the market. But the popularity of Wi-Fi equipment simply has overtaken the development of effective and easy security software.

"Everyone says to be careful about sounding alarmist, but in this case, things really are out of control," Litan said. "Everyone, including criminals, has access to this equipment, and criminals have a lot of time to use it. There are improvements being made in security - millions of dollars being spent - but it's like turning a slow ship around."

False Security

Many people seem to have a false sense of security as well.

Computer users might expect some exposure in public "hot-spot" wireless access points, such as those in hotels or coffee shops.

But the vast majority of computer users Tomasone noticed in our brief drive were using personal or work computers, and merely using wireless antennas to connect to networks or the Internet.

Apple computer users who have enjoyed a relatively higher level of security with Wi-Fi aren't immune from snooping, Tomasone noted. Although their antennas may act more "anonymously" and hinder strangers from logging onto the signal, readily available hacking software can disrupt the link, then monitor the signal for the moment the user retypes a password.

Stacy Arruda, a supervisory special agent at the local FBI office who investigates computer crime, said, "There are folks who just drive around looking for open wireless connections and credit card or bank account numbers."

That doesn't always mean snooping on a bank or store. She points out that even dentist offices often keep Social Security or credit card numbers on file.

"People need to lock down their systems a little better. ... Companies should hire experts to conduct tests and spend some dollars," she said, because the signs of snoopers aren't always obvious.

For example, Pringles potato chip tubes can be used as homemade antennas that can be pointed at a specific floor of a building, so someone in a parked car pointing one at your office may be a sign of trouble.

Harold Schomaker, chief information officer for the city of Largo, notes that the explosive growth in Wi-Fi is leading many cities to deploy free Wi-Fi access.

Schomaker said he might consider using Wi-Fi for some city employees involved in things such as code enforcement and inspections. But he would require an escalating level of security and encryption as job duties involve more sensitive information. Schomaker said he doesn't think Wi-Fi is ready yet for his city's police use, and he's planning a system to connect police cars with cellular links instead.

"The vendors who sell this equipment want to make it as simple as possible, out of the box, so that it works [without security] right away and they can sell a lot of them," he said.

Web Site Protections

The good news is that more Web sites use encryption when handling some kinds of sensitive information such as passwords, credit card numbers or bank account information. (The small padlock icon at the bottom of most Microsoft Explorer Internet browsers indicates a higher level of security in use.)

More Wi-Fi antenna makers are adopting stronger standards of encryption. Consumers should look for the brand Wi-Fi Protected Access, often called WPA, or an upgraded version called WPA2, signaling the product uses newer forms of encryption approved by an association of Wi-Fi equipment makers. The Wi-Fi Alliance, based in Austin, Texas, has tips on making wireless connections more secure at www.wi-fi.org.

Companies such as Cisco Systems sell networks for a few thousand dollars that can encrypt wireless links and detect potential intruders. New Cisco antennas have a single button on the front to set up encryption.

Older, flawed wireless security measures, such as WEP, that came with the first low-cost Wi-Fi antennas were not a good start for the industry, said Ben Gibson, director of wireless marketing for Cisco, marketer of the popular Linksys brand of Wi-Fi. "The good news," he said, "is that new wireless security standards are to the point now where they're just extremely solid."

Unfortunately, Gibson said, not enough people have upgraded to them or set up security on equipment they already own.

PROTECT YOURSELF

Wi-Fi is a brand name for wireless devices that allow people with mobile devices such as laptops to connect at high speeds to other computers or the Internet via land-based access points. Coffee shops often offer access for laptop owners who have the right equipment, and companies set up hot spots for employees to use. The links are very popular for computer users looking to connect to each other and the Internet without wires. Setting them up securely means taking a few extra steps. Here are some general steps that computer security experts suggest:

For Consumers

•Be aware: Most wireless access points are sold with no security as a default setting. Securing your network takes a few extra steps outlined in your instructions.

•Don't use wireless equipment with Wired Equivalent Privacy, or WEP, encryption, a system broken several years ago. A much better system is sold under the brand name Wi-Fi Protected Access, or WPA or WPA2. (The instruction manual should indicate which format the equipment uses.)

•Change the wireless connection's name, called the SSID, so a relatively anonymous number appears when nearby users look for available connections. Names like "TheSmithFamily" or "ConferenceRoom" only invite hackers.

•Set a password to administer your wireless router (the sharing device typically plugged into your Internet connection) so only you can change its security settings. The setup software should have an option to administer the router, but if not, check the "Help" file in the program.

•Use a personal firewall program (Windows comes with one, or you can buy others), plus keep antivirus and antispyware programs up-to-date to detect threats and clean out malicious software.

For Companies

Follow the above steps, plus a few more:

•Be aware: Current law requires encryption of any wireless communication that handles credit card data, such as cash registers.

•Build, and encourage employees to use, a virtual private network, or VPN, that directs data traffic through more secure routes.

•Consider fully encrypted systems for any computer handling sensitive information.

•If your company offers "guest" wireless accounts to visitors, separate that account from the company's internal network.

•Hire computer experts for periodic testing.

•Require employees to change their passwords regularly and not use predictable passwords.

•Install network-monitoring technology that detects whether nonapproved computers connect to your network.