In this post, we are going to talk about using public Wi-Fi hotspots and doing it securely. So on public Wi-FI hotspots like the coffee shop, restaurant, etc, the owner of the Hotspot is a man in the middle so can both observe and inject into any traffic you send unencrypted. Other users on the network can try to observe your traffic, inject packets into your traffic to attack you, and attack you directly via open ports. The hotspot you connect to might not even be the real one you think you’re connecting to and be replaced by an evil twin so there are many known risks. So let’s go through some mitigations and see how many of these you would have come up with yourself
Mitigations
Avoidance
Avoid using public wi-fi hotspots if possible which reduces the risk to zero. If you can use Ethernet instead of Wi-Fi that is a preference for no fewer types of attack but generally we know that these things are not very convenient but the first step is to always avoid them if you can since wifi is vulnerable to packet sniffers.
Switch off when not in use
Switch off or disable all of your wireless technology unless you’re using it. It’s safer and they actually save your battery and this includes Wi-Fi also Bluetooth, 3G they don’t need to be on if you’re not using them and it’s safer if you can only connect to hotspots you have some level of trust in, again this may not always be possible. Try to use hotspots that follow the security standards laid out in the section on Wi-Fi security and make sure they’re using WPA2 and if they’re using WEP anybody could be on it. You should still learn how to remove adware from Macs or Windows platforms as well as other malware.
Use Encryption
Without fail as an absolute minimum always use at least SSL NTFS encryption even if you’re not sending sensitive data without end to end encryption packets can be injected to attack you, to attack your browser unless you have an outstanding excuse then use an encrypted tunnel for all your traffic everything that is sent from your operating system.
Normally this is done with a VPN because the VPN will tunnel all traffic from your operating system but if you know what you’re doing you could also use SSH, JonDonym, Tor, they’re all fine but remember if you don’t set it up so the whole operating system is sending traffic encrypted you could have things in the background like maybe checking email for example that isn’t going over the encrypted tunnel so do make sure everything from the operating system has an extra layer of encryption to protect you.VPNs are recommended as an encryption solution so we suggest that you check out our antivirus with VPN lineup.
Disable services on ports that aren’t needed
Disable or switch off services running on your local ports that aren’t needed. This is just a general step of hardening for any operating system and to also help block access to those services or maybe you don’t want to switch them off or you just want to block them. You can use a host based firewall with an implicit deny to all inbound traffic unless it’s for some reason required but generally because you are on a wi-fi hotspot it’s very unlikely that any inbound traffic is going to be required so maybe have a firewall profile when you are on public hotspots and on public networks.
Physical Isolation
And finally, if you can, use a physical form of isolation with a portable router/firewall. This means getting yourself a hardware router/firewall and connecting via an ethernet cable which is safer instead of connecting your laptop or device to the hotspot which can prevent man-in-the-middle attacks. This provides a layer of physical separation and you connect to this device instead so this device can be used to form an encrypted tunnel and as a firewall.Â
FAQs
1. Is it safe to use public WiFi with VPN?
Yes, it is safe to use public WiFi with VPN. VPNs create a secure tunnel between your device and the VPN server, which helps protect your data from being intercepted by third parties. Additionally, using a VPN can also help you bypass censorship and access blocked websites.
2. Can you trust public Wi-Fi?
It depends, according to security experts. While encryption has made web browsing safer, it does not eliminate risk. Long have security experts recommended users avoid public Wi-Fi networks due to the risk of being hacked. The majority of sensitive data is now transmitted via encrypted channels.
3. Can you get hacked using public Wi-Fi?
Yes, you can get hacked using public Wi-Fi. Public Wi-Fi is not secure, so anyone could potentially see your information if they are using the same network. To protect yourself, avoid doing sensitive activities like online banking or shopping on public Wi-Fi networks. You can also use a VPN to create a secure connection.
4. Why is public Wi-Fi not safe?
Public Wi-Fi is not safe because it is unsecured. This means that anyone can access it without a password and potentially view your data or steal your information. To keep your information safe, avoid using public Wi-Fi and instead use a VPN or secure connection.
5. Is it safe to use Facebook on public Wi-Fi?
Yes, it is safe to use Facebook on public Wi-Fi. However, it is always a good idea to be cautious when using public Wi-Fi networks, as they are not always secure. You can help protect yourself by using a VPN or by avoiding sensitive activities like online banking.
