Public WI-FI: A hacker’s paradise
This article primarily focuses on those who think public wifi is secure. To those who think, 'I have nothing to hide, I don't log into any of my accounts, I'm safe right?'
To those who think that, no, no, you are not.
I’ll first list the reasons why not to use public wifi, and then I'll talk about alternatives or what you can do if Public wifi is the only option…
It's not secure!
I wrote in the previous article talking about what one could do to secure their home wifi networks. These don't go hand in hand, you don't have control over the wifi (and if you do then hello fellow hackers). Even if it's using a splash page asking one 'you will not hack the wifi' or 'please type in your credentials for blank University'. Public wifi is still not secure with those in place. Getting on to those types of wifi is pretty simple for the modern hacker.
It's not encrypted! (Most of the time)
Encryption doesn't work both ways, if the attacker is on the same network as you then encryption doesn't matter, they can see all the data you send over the network. Some login pages are encrypted but after that, it's all free reign for the attacker.
Scammers love public wifi, not only to catch login credentials but use those login credentials for your bank or Instagram account. I've known people, who look at the login screen for Instagram, dazed not knowing why they've been logged out.
More people catching that data…
We know big tech companies work hard for your data, but would you want to stop some of that by not using public wifi? The most common form of Public wifi is the company providing the service simply asking for an email, phone number, and maybe if you feel so keen to give them the last 4 digits of your social security number…
So those are just some of the ways, here's what you can do!
- Looking for the nice little lock next to HTTPS is a good start, but that doesn't mean it's legit. Scammers know how to encrypt sites too.
- Tor is a great way to get security, privacy, anonymity, and trust. But not Ease of Use. I'll talk more about Tor and VPNs later.
3. Don't update on public wifi!
- If you just clicked on a site, you knew was secure, but Chrome or Firefox
Opened another tab letting you know that you need to update, DON'T.
Close your tabs and get off public wifi. Go home and change your passwords as soon as possible.
4. Install browser plugins like HTTPS anywhere and Force-TLS, these are chrome and Firefox addons that force websites to encrypt your traffic and use trusted layer security.
To summarize, never use public wifi, and I mean any wifi that's offered to you at a hotel, coffee shop, college. Use a mobile hotspot with a long password, try to use your company phone if one was provided to you.
Next article: Types of WI-FI attacks and tools used by hackers.