A sign that says "Free WiFi" is a beacon of hope sometimes. Your mobile data is depleted or the signal is spotty. You can even get a coffee while you're at it!
While getting free internet access is pretty great, public WiFi has one major problem: its public.
When you connect to a public WiFi network you are giving up almost all control you have over your own security. You don't know whether the network owner uses good security settings. Even worse, you have no control over the other people who are on the network with you. With the right tools and the public WiFi password, a hacker can easily decrypt your network traffic. Pulling information straight from your machine for goodness knows what purpose.
The good news is that keeping yourself safe on a public WiFi network isn't that hard. Just follow a few simple rules and those nefarious villains will become nothing more than a minor nuisance.
Avoid Dummy Hot Spots
It's the oldest trick in the book. Someone sets up their own hotspot near a legitimate one. Unsuspecting people connect to their network and everything can be captured by the perpetrator.
It's important that you make sure you are connecting to the right WiFi SSID. Make sure it is not misspelled or written to be confusing. Sometimes all a hacker has to do is switch an "O" for "0" or mix up capital "I" with lower case "l". If there are two SSIDs that seem to have the same name, don't connect to anything. Rather, inform the owner of the real hotspot so they can change the name or take some other sort of action.
Use Your Own Charger
Tablets and smartphones use one single cable for both data and charging. That's convenient, but also a way for malicious software to make it onto your device.
There have been cases of chargers at public hotspots that have been replaced or modified to load viruses onto your system. It's the main reason why phones now ask you what you want to do with your USB connection.
Using your own charger is the best solution (and the fastest charge!), but if you just using a public charge point, make sure your phone is set to "charge only". You can also get cables that lack the data wires and so can only be used to charge.
The best option is probably investing in a good USB power bank such as this popular Anker PowerCore.
That way you can be sure there's no chance of falling victim to a hacked charger.
Have Situational Awareness
You're using the internet in a public place such as a restaurant or airport lounge. That means there are other people around you. Remember that some might even be close enough to read what's on your screen. So be mindful of calling anything up that's sensitive. Don't read sensitive emails or do your banking where people can get a look at your screen. Don't enter passwords where someone can see your keyboard. Believe me, public hot spots are a target for people who have practiced stealing information in this way.
Apart from that, stay wary against actual theft of your devices. You're using expensive equipment in public. It takes just a second of distraction for a crook to lean over and snatch a phone or tablet. Besides losing your actual device, it also means they have your info. If they can hack the machine. This is also why you should always have remote wiping ability activated on your stuff. Personally, I also like some phones which let you auto-wipe if the passcode is entered incorrectly too many times.
Finally, if you aren't actively using a device, make sure it is locked. You'd be surprised what a trained hacker can do with your phone or laptop in the minute you aren't looking.
The is a constant arms race between hackers and the security community. New viruses are being written constantly. They find new exploits and then these get patched. It's a constant game of cat and mouse. One which you can't afford to fall behind in. So before you even think of using a public WiFi facility make sure your OS, antivirus and network drivers are all up to date. On modern systems, this doesn't take too much effort thanks to automatic updates. Just make sure they are switched on and are actually happening.
Use A VPN
Any good website should be using secure protocols, but there are still plenty out there that don't. By encrypting all of your network data with a VPN, you prevent other people on the network from seeing exactly what you are sending or receiving over the net.
Breaking WiFi encryption is pretty trivial if you already know the password. Anyone with a piece of software such as Wireshark can expose other devices connected to the WiFi. Your VPN will create another network tunnel inside the WiFi encryption that hackers don't have the key for. So even if they decrypt the WiFi signal, your information still won't make sense without the decryption key.
Using a VPN is easy enough, but finding the right one can be tricky. For one thing, you're shifting your trust to another unknown player. So it's very important that you choose a VPN which is trustworthy. Luckily we have a simple VPN buyer's guide for you. We've also picked out what we think are the five best VPNs, but make sure you know the legality of VPNs in your country.
Avoid Sensitive Sites
What you choose to do while using a public WiFi network has a big impact on how much risk you take on. If you just want to read some news sites or watch some YouTube, then you aren't really broadcasting anything sensitive. Unless you think your obsession with Simpsons' Wave is embarrassing. It is, by the way.
Doing your online banking, taxes or shopping at a public hotspot is a pretty bad idea. Even if you have a VPN, these are not the sorts of things you should do in view of the public.
Protect Sensitive Files
They say we should hope for the best, but prepare for the worst. So it's a good idea to imagine a situation where someone actually does get access to the files that are on your device. If that happens, what files would you really not want them to see? Those are the files that you should preemptively protect.
There are two ways of doing this. You can encrypt and password protects individual files. This is pretty easy to do on a laptop where you can use various programs to password protect file contents.
Keeping your sensitive files in cloud storage using something like DropBox and two-factor authentication.
Typical documents that should be included here are:
- Banks and credit card statements
- Medical records
- Copies of ID documents such as passports
- Documents containing passwords
The ultimate measure against this is not to have sensitive documents on the device you connect to public WiFi with. Using unsynced cloud storage is one way to achieve that, but keeping it on an encrypted flash drive is another option if you must have them with you on your travels.
Use the Right Network Settings
On your home network, the settings that govern how different devices relate to each other are pretty laid back. That's why you usually have no trouble getting network printers, media players, and computers to talk to each other.
On public WiFi networks, we don't know who the other machines are. We just want to access the internet. So we don't want those friendly and open network settings. When you first connect to a new WiFi network, many devices and especially Windows will ask what type of network this is.
If you are on a public hotspot, make sure you choose the option that specifies it a such. Don't use public WiFi with home network settings! You might as well be rolling out the welcome mat if you do.
In many parts of the developed world, you'll find that there are so many public WiFi spots around that you almost don't need to rely on mobile data at all. This is incredibly convenient for the frugal traveler but is fraught with danger.
In fact, it was this distrust of public internet services that lead the creator of the OpenVPN protocol to invent it in the first place.
It's easy to think of WiFi as just a sort of amorphous cloud that lets you hop on the internet, but hopefully, after our little chat, you'll have a healthy respect for the risks involved.