Public wi-fi’s are no more dangerous than logging in from anywhere else

We were all taught to be CAREFUL about logging in at Starbucks or any other public wi-fi. This article reminds us that there’s nothing that’s inherently more dangerous about public wi-fi use than any other log onto the internet. Useful info.

Public Wi-Fi Is Safer Than Ever—But You Still Need to Be Careful

Yes, there are still risks every time you go online in a public place—but they are the same risks you run anytime you log on

Public Wi-Fi at hotels and coffee shops isn’t quite as risky as it used to be, because of better security on the internet, your devices and the wireless networks themselves. Photo: Jeffrey Greenberg/Universal Images Group/Getty Images

For as long as we’ve had access to public Wi-Fi networks—the ones in the airport, the Starbucks around the corner and your hotel room—we’ve been told the same thing. They’re unsafe. You should never enter sensitive information while on a public network, the advice goes, or even think about logging into your bank account. The second you log on, you’re practically begging hackers to steal all your data.

But while you should always think twice before entering sensitive information, the public Wi-Fi story has changed. In recent years, the internet itself has gotten more secure. So have your devices and the networks themselves. It’s still true that logging on to a public Wi-Fi incurs certain security and privacy risks—but they’re generally the same ones you encounter anytime you’re online, at least in the U.S. Connecting to networks comes with different risks in different countries.

If you follow a few simple tips that I’ll lay out for you, you should feel free to hop on the network whenever you find yourself killing time on a layover or waiting for food at McDonald’s .

Don’t leave off the last S

The most important contributor to your safety on public Wi-Fi has nothing to do with the Wi-Fi at all. As more websites have adopted an encrypted protocol called HTTPS—you don’t need to know the term, just that HTTP is a standard for network communication and the S stands for “secure”—everything you do online has become safer. When you visit an HTTPS-enabled website, you immediately open an encrypted connection. Even if I could intercept all the data you are sending and receiving, all I could figure out is the site you’re on, not what you’re doing there.

Websites have increasingly adopted HTTPS, which helps keep your browsing activity encrypted. Always check for the lock icon in your browser bar. Photo: David Pierce/The Wall Street Journal

“Every website you care about has HTTPS,” said Jacob Hoffman-Andrews, a senior staff technologist at the Electronic Frontier Foundation. “You should be able to get on any network and not worry about it.” I still recommend quickly glancing at the websites you visit to make sure they’re secure. Chrome, Safari and others denote this with a lock next to the URL in your browser. No lock? Sometimes you can switch to a secure connection by going up to the web address itself and adding an “s,” so that “http://” becomes “https://”.

Another technology helping to make Wi-Fi networks safer is known as Passpoint. The first time you connect to a Passpoint-enabled network, it prompts you to download a small piece of software called a “profile” that identifies your device going forward. If you’ve ever used a LinkNYC payphone-turned-hotspot, you’ve experienced this tech. It’s now coming to many airports and other public places. Once it is enabled, your device can hop among Wi-Fi networks the way it does cell towers—automatically and seamlessly, without asking for a password every time you switch networks.

In addition to saving you from entering Wi-Fi passwords, Passpoint offers one solution to an important security problem—connecting to the proper network.

Nearly everyone I spoke to agreed that the biggest current problem with public Wi-Fi is the “evil twin”: Someone sets up a legit-looking network designed to trick you into letting them access your device. If you’ve ever opened up your Wi-Fi settings only to find networks called “HotelWiFi,” “HotelWiFiFree” and “FreeHotelWiFi,” you are likely looking at one real network and two evil twins. Make sure you join the right network—for instance, by asking an employee for the correct name.

New York City’s LinkNYC Wi-Fi network has security-enhancing tech. Photo: Richard Levine/Corbis/Getty Images

In some cases, public Wi-Fi networks themselves are helping to keep you safe. Many providers disable peer-to-peer access on their networks, meaning nobody else could access your computer over their network. (Upside: It keeps everybody out. Downside: You can’t wirelessly share PowerPoints at Taco Bell. I call that a good trade.)

Some networks will even attempt to protect devices from themselves. “If you go to a bad website and you have a virus, we’ll see that kind of activity coming through somebody’s laptop and we’ll stop those things,” said Derek Peterson, chief technology officer at Boingo .

All these protections rely on the providers having up-to-date wireless tech, which not all of them do. They might work better if you’re on Boingo-powered airport Wi-Fi than if you’re connected to the dusty router in Tommy’s Diner. Either way, though, it’s far harder to be compromised than even a few years ago.

Bye-bye, Privacy

The most problematic thing about public Wi-Fi isn’t security but privacy. You know those login pages that show up when you connect at a coffee shop or hotel? Don’t confuse that login with a security measure. You’re actually agreeing to the network’s terms of use. Usually that includes a list of things you can’t do while online, such as watching adult content or mining cryptocurrency.

You are also agreeing to let the network collect all manner of data about you and your internet activity, from the device you’re using to the sites you visit. In many cases, you’re agreeing to let that data be sold or used for advertising and marketing. A passage I found in Target ’s terms of use summed it up in all-caps glory: “YOU DO NOT HAVE AN EXPECTATION OF PRIVACY OR CONFIDENTIALITY WHEN USING THE SERVICE.”

Got it.

Most tips for staying safe on public Wi-Fi also apply to your at-home Wi-Fi. Use your mobile data if you aren’t confident of Wi-Fi security. Photo: Robert Alexander/Getty Images

Of course, this, too, is the case virtually anywhere you are. Internet providers are allowed to collect, sell and use information about you and your online activity—even when you’re at home.

At this point, whether you’re online at McDonald’s or in your living room, you are in roughly the same spot: You aren’t totally safe, but you’re still more likely to be the victim of a phishing scam, or tricked into clicking a malicious link or entering your credentials into a spoofed Google page, than you are to sit down next to a hungry hacker. If your banking info gets leaked, odds are it’s because the bank’s servers were breached.

That’s why most tips for staying safe on public Wi-Fi also apply to your private, at-home Wi-Fi. Here’s what you should do, basically every time you connect to the internet:

•Always check that lock to make sure the site you are on uses HTTPS, particularly when it’s a bank or involving sensitive information.

•If you aren’t confident in your current location, use your mobile data instead, or use a virtual private network, aka VPN.

•To avoid phishing attacks, type in your bank’s website or use its official app, rather than clicking on a link to the site from your email.

•Keep your devices and apps up to date.

Use a password manager—along with two-factor authentication—and never re-use a password (seriously!).

SHARE YOUR THOUGHTS

Do you have to rely on public Wi-Fi for work at times? How do you secure your devices? Join the conversation below.

•One more, mostly for sanity’s sake: Create a throwaway email address when these networks ask for one. Even the ones that don’t store and sell your activity will definitely send you marketing emails.

There are plenty of reasons to worry about your security and privacy online. But you don’t need to worry about hopping on the network at your local coffee shop. Go ahead and surf away.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s