Tens of millions of us in the US alone daily log into public WiFi networks – in coffee shops, on airplanes, at airports, in hotels, at libraries, in schools, in shopping malls. Word of advice: just stop.
Earlier this year a USA Today reporter dropped a bomb when he reported that on an American Airlines flight from Dallas to Raleigh he was “hacked” as he used GoGo, the inflight public WiFi.
Another passenger on the flight approached the reporter and shared with him substantial slices of “private” email he had sent and received. Said this passenger to the reporter: “I hacked your email on the plane and read everything you sent and received. I did it to most people on the flight.”
Understand there is a way to protect yourself and your data if you insist on using public WiFi. But start by understanding the very real and very big risks :
Data interception is rampant on public WiFi. Not just on Gogo, but on every public WiFi network. If you use these networks, it has happened to you. That is fact.
Widely available are tools called packet sniffers – Wireshark is one such – that allow traffic across a network to be intercepted and analyzed.
That is how easy it is to snoop on a public WiFi network.
No real technical skill is required, just a willingness to snoop into others’ private Internet activities.
On a comparatively small network such as an inflight WiFi it probably is very easy to associate one person with particular traffic.
On a very busy network, it is easy to intercept packets of data, much tougher to associate those packets with a particular sender.
But think about this. What if a criminal knows that executives from XYZ hedgefund are staying at a particular hotel. How much would it be worth to know what target company brought them to town? And how hard would it be to sift through the hotel WiFi traffic to drill down to emails from the hedgefund execs?
Public WiFi usage gets stranger – and more dangerous. Have you ever watched a coffee drinker in a shop sign onto a bank’s online banking network? You do know that with the smallest amount of effort that coffee drinker’s login almost certainly can be grabbed from the network.
Repeat after me: there are no protections on public WiFi. None whatsoever.
It is a shame that public WiFi does not come with a cigarette type label. It should read: Use of public WiFi is dangerous to your privacy. Hackers may – and often will – intercept your private data, your email, your bank account log-ins.
Is this saying never use public WiFi? Nope. It really is an enormous plus when smartly used.
Use it without worry for stuff that does not require a username and password. If you want to catch up on ESPN sports scores, TMZ celeb gossip, or stockmarket activity (not your account but the market movement), have at it.
You want to do a little banking? Use your cellphone. A cellular network just is vastly more secure than public WiFi.
Or use the cellphone to create a personal hotspot and connect other devices through it.
Cellular connections are not bulletproof but they are vastly better than public WiFi.
Virtual Private Network (VPN)
You insist that you want the speed of public WiFi. Often it does indeed have that and, even better, the free price is right.
Advice from legions of security experts is this: Use a VPN (virtual private network). That’s because the VPN – often provided to traveling employees by big companies; individuals can get a service, often free for a starter amount of data – encrypts all data and that means if a criminal sniffs those packets what he will smell is garbage.
GoGo incidentally recommends that its inflight users who crave privacy use a VPN.
VPN is so useful it’s a surprise we all don’t employ it whenever we sign onto any public WiFi, anywhere.
Hotels do not urge their guests to use VPNs on the WiFi – at least not in our experience – but that is a grave oversight. Security experts insist that hotel WiFi is some of the most penetrated by criminals and that makes sense. Hotel guests, almost definitionally, are affluent and tasty targets. Plus, the hotel networks generally are utterly unprotected, meaning they are prime playgrounds for crooks.
Use VPN when signing on from a hotel. Always.
Use a VPN when signing onto any public WiFi.
Is there a downside to a VPN? The only one really is that using it will almost always impose a speed hit – connections just will seem slower – but ask yourself this: isn’t privacy worth a speed bump?
What is your experience with public WiFi? Share your story in the comments below.