| Individuals October 19, 2015


October 19, 2015

The problem with public Wi-Fi

By Lookout

PhishingBlogImg
We’ve all been there: you’re running low on data, but you’re stuck in a really long line and want to check Facebook. Maybe you’re at the airport and realized you didn’t download that eBook for the plane.
Unfortunately, connecting to and using that public Wi-Fi may be jeopardize your data and privacy.
Isn’t it fine if I’m only on there for a minute?
When you use the Internet, you’re sending communications between computers. Accessing Facebook? Your phone is effectively talking to Facebook. The problem with public Wi-Fi is something called a “Man-in-the-Middle Attack,” whereby an attacker can sit on the Wi-Fi connection and eavesdrop on this conversation.
In this attack, a person is able to listen in on an unprotected network, intercept your communications, and decrypt them (if they’re even encrypted in the first place) to read what you’re talking about.
I don’t have anything interesting to say, so I’m safe
Downloading a book? You probably had to enter in your username and password. This counts as a communication that can be intercepted. Did you quickly enter your credit card information? That counts as well. Send off a last-minute work email that may have included sensitive info? That, too. We oftentimes don’t realize the kind of information we access or input on our mobile devices, but these phones and tablets are with us all the time. They access all kinds of personal data we should want to keep close to the chest.
Am I not supposed to use public Wi-Fi then?
In a way, yes. If you can avoid hopping on that free network, do. However, there are safe ways to surf the Internet while you’re on the go! Use your 4G/LTE networks -- they are much safer than public Wi-Fi. If you want to work at a coffee shop with free Wi-Fi, use a VPN to encrypt your traffic.
If all else fails, avoid any transactions over public Wi-Fi that may involve signing into an account, checking email, or paying for something. Your data will thank you for it.

Author

Lookout

Leave a comment

Submit


1 comment


Victor Ronin says:

October 19, 2015 at 1:19 pm

Hm... A bank, Amazon, Gmail, Facebook and pretty much 95% of other web apps use TLS. This stops man in the middle attack (the only thing which you need to know is to not install untrusted root certs). On top of that a lot of apps are using certificate pinning which solves even problem with untrusted root certs. It's true public WiFi are less secure. However, it's very different from the time when most of transactions were done over unsecured HTTP connection.