Friend or Foe? Top 10 Advice When Using Public Wi-Fi
Wi-Fi is established as the preferred access choice for the majority of mobile users. It has supplanted 3G/4G cellular network access based on the localized performance it delivers for bandwidth hungry applications. It has gotten to the point where you can go about your day, moving around most major cities, with enough discontinguous Wi-Fi access to keep even a super Facebook fan somewhat satisfied.
At this point, Wi-Fi can be found in many places beyond the original hotspots that appeared in coffee shops and airports. Today, people in what seems unlikely scenarios, can access open Wi-Fi in places such as stadiums, airplanes, vending machines, and even city streets where legacy payphones are being converted into Wi-Fi access points.
Public Wi-Fi services can be provided for free, but increasingly are found sitting atop monetized business services. It’s mankind’s unquenchable thirst for always-on connectivity that is driving Wi-Fi deployment into every nook and cranny of the available airspace. And, without digression, businesses that are establishing Wi-Fi as a monetizable medium are no less evil than institutionalized business formed through massive medium outlets such as radio and television. It’s how our economy works; the dollar follows the need of the masses, and the revenue is driven by consumers receiving value from the service rendered. I can’t say much more on my opinion here, Wi-Fi is transitioning into a more powerful medium beyond predecessor behemoths. It’s the new delivery vehicle for content and consumption is creating big business forming around public Wi-Fi.
The word public is typically described, in the adjective form, as something that is open to or accessible to all. Open and accessible are words made particularity frightful when coupled with “all”. We are learning very quickly that “all” can be friendly people sitting nearby in a coffee shop minding their own business, or “all” can be a malicious user sitting quietly minding your business.
My concern with public Wi-Fi always rotates to security, particularly for the less techno–centric users out there. And, before going further, the concern with open Wi-Fi networks is well documented, and increasingly understood. What’s seemingly too common of a thought for general users is “this won’t happen to me” or “I’m in a hotel room, not a public space” – this is wrong, and frankly dangerous to your digital footprint that is valuable to those trying to steal it.
Let’s get to the heart of it, as I’m often asked the question – “Should I use Public Wi-Fi?”
There isn’t a definite answer other than “Proceed with caution.”
Here is my top 10 advice when using Public Wi-Fi:
1. Never trust open Wi-Fi, ever. That is to say, any SSID that is not encrypted is not to be trusted no matter where it is found
2. Limit your use of public Wi-Fi to things such as general web-browsing, or non-login apps such as games or YouTube (public access, not with your Google login)
3. Wait to get home, or to your office, if you are going to connect to highly sensitive information – such as online banking, or ecommerce sites (always ensure SSL and correct URL is being connected – if you know how, verify the site certificate for assurance)
4. Always use SSL/HTTPS if you are exchanging any credentials with a site, or through an app. This assumes you moved beyond #1 and #2 and are placing ‘some’ trust in the hand of others
5. Use a public VPN service to protect your traffic by tunneling from your laptop/tablet/smartphone to a point of presence out on the internet beyond the reach of someone physically local to you
6. Use a private VPN service back to your house, assuming you have capable technology to land a VPN and hairpin back out to the internet
7. Use your employers VPN service to connect to the corporate network – a particularly good idea if accessing corporate resources such as email or files
8. Rely on the mobile/cellular network for sensitive data transmission directly from your smartphone – or utilize a dedicated Mi-Fi hotspot – or use the hotspot capability in your smartphone to tether devices that are Wi-Fi only such as laptops (ensure your personal hotspot uses Wi-Fi encryption between smartphone and your other device).
9. Subscribe to public services that offer encryption options, including carrier based public Wi-Fi (Hotspot 2.0) – or even free services that offer secure guest access technologies (registration, credential distribution via SMS and/or certificate based)
10. Never let your guard down – security is never implied, security is never assured – airwaves can travel to places that your eyeball cannot including around corners and through walls
Bottom line is that if you use an unsecured network you are open to risk. If you choose to log into an unencrypted site — or a site that uses encryption only on the sign-in page — other users on the Wi-Fi network can see what you see and what you send. They could hijack your session with simple and free tools that make this easy, even for users with limited technical know-how. Your personal information, private documents, contacts, family photos, and even your login credentials could be up for grabs. All of this is happening through air without physical barrier or protection.
Remain mindful at all times when using someone else’s Wi-Fi, especially when it’s open. You are the one to decide. Your are the one that clicks to connect. Be wise and proceed with caution.