You may have heard that public Wi-Fi is dangerous. Tips for avoiding public Wi-Fi are almost as common as public Wi-Fi itself.
Some of these tips are outdated because public Wi-Fi is safer than ever before. However, there are still risks.
Is public Wi-Fi safe or not?
This is a complex issue. It is true that browsing public Wi-Fi is much safer and more private than in the past thanks to the widespread use of HTTPS on the web. Other people spying on a public Wi-Fi network may not just be watching everything you do. The Man-in-the-Middle attacks are not as serious as they used to be.
Does that sound logical? It would be great if public Wi-Fi was completely secure! We would definitely use it a lot more and we do not worry so much.
But if you ask us if Wi-Fi is completely secure, we can not give an affirmative answer. Contrast Security's David Lindner disagrees with the EFF's argument, pointing out the dangers of public access points. The Hacker News community also had many objections to "harmless" public Wi-Fi.
Below we will try to explain these risks.
In short: Random people will no longer monitor your activities on a public Wi-Fi hotspot. But it is possible for a malicious hacker to set up a hotspot to do many bad things. Its use VPN on a public Wi-Fi network or avoiding public Wi-Fi is still the safest solution.
Because public Wi-Fi is safer than ever
Extensive HTTPS encryption on the web has fixed the main security problem with public Wi-Fi. Before the use of HTTPS, most websites used the non-encrypted HTTP protocol. By accessing a standard website via HTTP on a public Wi-Fi, other people on the network could track your traffic by looking at the exact web pages you are visiting and any messages or other data you have sent.
But the worst part is that with the public hotspot and without encryption you could fall victim to a "man in the middle" attack, with modified websites that you want to open. The hotspot could change any web page or other content you want to access via HTTP. If you downloaded software over HTTP, do not be sure it is on your computer.
HTTPS is now widespread, and browsers mark HTTP sites as unsafe. If you connect to a public Wi-Fi network and access sites via HTTPS, other people on the same public Wi-Fi network may see the name of the site you are connected to (for example, iguru, gr), but nothing other than that. They can not see the specific web page you are reading and they certainly can not change anything on the site when it is transferred to your computer.
The amount of data that malicious users can monitor has been reduced and it is much more difficult even for a malicious Wi-Fi network to interfere with your traffic.
Some tricks still work
Although public Wi-Fi is now much more private, it is still not completely private. For example, if you browse the web, you may end up with an HTTP site. A malicious user could infringe on this site and of course you clicked…
Even with the use of HTTPS, monitoring is still possible. The encrypted DNS are not yet widely available, so other devices on the network can see your device's DNS requests. When you connect to a website, your device contacts the configured DNS server over the network and finds the IP address associated with the domain you entered. In other words, if you are connected to a public Wi-Fi network and you are surfing the web, someone else could see the sites you are visiting.
However, snooper could not see the specific web pages you are visiting from this site (HTTPS). For example, they would know that you logged in to iguru.gr but not the article you were reading.
There are still security risks in public Wi-Fi
There are other potential security risks with public Wi-Fi.
A malicious Wi-Fi hotspot could redirect you to malicious websites. If you log on to a malicious Wi-Fi hotspot and try to log in to a bank page, it could take you to the address of a phishing site that looks like a bank page. In other words, he could carry out an attack. "man in the middle“. So if you try to log in you would send your login details directly to the scammer.
How to protect yourself
Public Wi-Fi may be safer than it used to be, but beware. Do not connect to your bank from a public network, as in the example above, even if everything is in HTTPS.
For maximum protection on public Wi-Fi networks, we also recommend one VPN .
You could also not bother with public Wi-Fi networks at all. For example, if you have a cellular data packet with wireless hotspot (tethering) capabilities and a fixed cellular connection, you could connect your laptop to your phone hotspot to avoid potential problems with a public Wi-Fi hotspot.