Credit card numbers? Check. Website logins? Check. “Private” chats between cheating spouses? Double check.
Spend ten minutes in a coffee shop snooping on the “Free Public Wi-Fi!” and you’ll see all these things and more. Airports, libraries, parks? Same situation. Hotels are a little different, though. All the bandwidth is being taken up by people streaming porn, so there’s not much else going on.
Granted, this is the same type of traffic you’d see on a private, secure network, but in that setting you’re probably going to have a little better idea of who you’re sharing the network with and there are controls to keep potential criminals out.
Public Wi-Fi is exactly that, public. You are sharing it with everyone else in the local area, just like Jenny, that nice girl you went to highschool with who just wanted to feel pretty. For someone who’s interested in stealing financial information or identities, it’s an appealing target, mostly because it’s so easy to exploit. I wouldn’t even call it hacking, it’s more “collecting” – monitoring the network for unencrypted information and capturing the info that looks interesting.
Protect your neck
That being said, public Wi-Fi can be relatively safe to use if you take the appropriate steps to secure yourself and use a little common sense.
- Starbucks is not a good place to balance your checkbook. Context is everything and there are certain places for doing certain things. Doing your online banking on public Wi-Fi is just a bad idea. Even if you’re taking steps to protect your laptop, there are too many factors that are out of your control to justify the risk. Restrict financial and other “sensitive” activities to networks you trust (like the one at your house).
- Use a VPN service. A VPN (virtual private network) service will protect your internet traffic inside a secure tunnel out to the internet so that someone snooping locally won’t be able to see anything other than you connecting to the VPN service. Good VPNs aren’t free, but if you’re a heavy public Wi-Fi user, the cost is definitely worth the security you gain. I personally use a service called Cloak that works on Mac and iOS devices. If you’re not a super-awesome-Apple-user like me, I’ve also heard good things about StrongVPN.
- Know what you’re connecting to. Although they can easily be spoofed to match the name of a real Wi-Fi network, it’s important to pay attention to the names of the wireless networks you use. Much in the same way that an e-mail titled “Free Money Waiting For YOU!” is probably spam, a wireless network named “Free Public Wi-Fi” is likely a scam.
- Look at the physical signage wherever you are visiting. Starbucks uses AT&T to provide their Wi-Fi (It says so on the front door.), so the network there is called “attwifi”, not “starbuks” (The laziness that’s paired to Wi-Fi snooping is often paired with stupid.). Just being on the right public Wi-Fi for the location will keep you more secure. If you’re reading this thinking “Well, Mr. Smartypants, what if someone has exactly mimicked the name and setup of a real network and is performing a man-in-the-middle attack?” – see points 1 & 2.
When in doubt, bail out
Ultimately, if you doubt the safety or validity of a Wi-Fi network, don’t use it. It may come as a surprise to some people, but there are other things to do in public than surf the internet. If you’re presented with obviously unsafe options for wireless, maybe it’s a good time to strike up a conversation with one of the people around you. Read a book. Or maybe you should just sit quietly and contemplate your existence and how to become a better person.
Image Credit: Ed Yourdon