What could be better than sitting in your favorite café, sipping latte and browsing whatever the drama of the day is on Reddit? I’ll tell you – doing it securely! Although public Wi-Fi networks are useful for staying connected on the go, they’re also notorious for being easy for attackers to spy on and install various malware on your device.
So, why are these networks so insecure? What are some of the common ways they get attacked and what can you do to keep yourself safe?
Even though public Wi-Fi hotspots have been around since the early 2000s and people have generally become more aware of online security risks since then, there are still several popular vulnerabilities that hackers can exploit. For instance, many public Wi-Fi networks use no password or encryption of any sort, in which case attackers can see all the traffic on the network, and you, actually, don’t need any special hacking skills to do it. There are many software tools that enable spying on unsecure networks with just a few mouse clicks.
Now, you might assume that public Wi-Fi that uses WPA2-PSK the standard data flow encryption in most modern routers is safe. That would be true in a home setting as you’re only sharing a password with people you trust. In a public place like a café, anyone with a password who connects before you do can spy on your handshake. The communication that occurs between your device and the access point when you first connect to the hotspot. In this way, an attacker can steal your encryption key and see all of your traffic, even though your connection is encrypted.
Public Wi-Fi is also susceptible to man-in-the-middle attacks, which is just what it sounds like: a bad person sitting between your device and the Internet, looking at all of your stuff as it flies by. Many times, this kind of attacker will set up a rogue Wi-Fi hotspot that will look like a legit one. If you connect to it, your Internet traffic will go right through the attacker’s computer, possibly allowing them to see whatever you’re doing.
Public Wi-Fi is about as secure as a screen door made of cheese. But is there any way that I can use it without broadcasting everything I’m doing? Fortunately, yes. Here are several things you can do to protect yourself:
- Use HTTPS. You know that thing that encrypts your connection and puts a little lock icon in the corner of your browser? Many websites that require login such as Gmail and Facebook use HTTPS by default, but for sites that don’t, you can actually download browser extensions that force sites to use an HTTPS connection as long as the site supports it. Some of these will also enable sending your cookies over a secure connection to prevent cookie theft. This allows your traffic to be unintelligible to attackers even over an unsecured Wi-Fi connection.
- Use a virtual private network or VPN for more serious security. This will create a secure connection between your device and a proxy server that encrypts all traffic, even if the website you’re visiting doesn’t support HTTPS. VPNs are available as both free and paid services and often let you choose between various tiers of service, depending on your needs.
- Make sure to ask the management that whatever establishment you’re visiting what the name of their actual Wi-Fi network and avoid connecting to a fake access point.
Remember: identifying fakes won’t always be as easy as not connecting to the shady white van parked outside Wi-Fi network.
[su_box title=”About David Balaban” style=”noise” box_color=”#336588″][short_info id=”64625″ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.