Public WiFi Security Not a Priority for Many

Michael From our Perspective

Many people are clueless when it comes to public WiFi security. Like most other aspects of the average Joe’s life online, as long as it is free personal information security falls to the wayside. The carefree mentality of a lot of netizens’ use of public WiFi stems from both not fully understanding the risks and lack of information about how to achieve proper security while on a public WiFi network.

Public WiFi Security- if Only we Knew

A poll of 2,000 Britains conducted by Intel Security, formerly known as MCafee, highlights the free spirited manner that many people exhibit- especially when traveling. Surprisingly, the worst offenders of poor public WiFi security were 18-24 years old- perhaps their naivety leaves them to believe that a threat to their security does not exist.

38% of that age range said that they connect to public WiFi abroad- even aware of the security risks. 13% of this age range also said they perform the same activities as they do at home, even banking online.

Continuing with the surprises, the over-55 group were the most cautious. Only 5% said that they use public WiFi abroad in the same manner as they do at home.

The study also revealed that over 90% of those polled had not a single security product installed on their mobile devices.

An experiment conducted by Safe & Savvy and F-Secure reaffirmed what just about anyone can tell you: as long as you offer a free service that is easy to connect to, people will use it- regardless of terms of conditions. Mostly because we don’t even bother to read those anyways.

While conducting the experiment (video below) in only half an hour 250 devices connected to an unsecured public WiFi hot spot. Most of those devices were more than likely automatic connections. However, 33 people actively sent internet traffic on the network and the conductors of the experiment were able to collect 32 MB of data.

Furthermore, according to the site, “The researchers were a bit surprised when they found that they could actually read the text of emails sent over a POP3 network, along with the addresses of the sender and recipient, and even the password of the sender.”

To drive home the point, the same company, F-Secure, also hacked 3 UK politicians’ mobile devices via a public WiFi network. They had the politicians’ permission of course.

What were they able to do? They were able to access David Davis’ (a conservative member of the Parliament) email and draft a message that would be sent to the national press. Because Davis used the same username and password they were also able to log into his PayPal account.

In addition to that, they were able to intercept and record a voice over IP (VoIP) call that Lord Strasburger made from his hotel room.

With Mary Honeyball, who is on the European Parliament and also sits on the same committee that produced the “We Love WiFi” campaign, they were able to start a phishing campaign. They sent a bogus alert while she was on Facebook which prompted her to willingly gave up her Facebook login to the do-good hackers.

After the experiment, Mary Honeyball echoed many peoples’ sentiment about public WiFi security when she said:

I think something should be done because we all think that passwords make the whole thing secure.

How to Stay Safe on Public WiFi

So how exactly would you go about doing that. What is the best way to stay secure on public WiFi? Well, I can tell you now, you are not going to like the answer.

Just like they teach you in sex-ed the only way to be completely safe is to abstain. The internet was not built with ultimate privacy or security in mind, so there is no way to be completely safe- unless you simply never use public WiFi.

However, there are several things you can do to lessen the chance of falling victim to a hacker.

  1. Think before you click links. Clicking questionable links is the single biggest mistake that the average netizen commits.
  2. Manage your passwords. Change them on a regular basis, make them random, and don’t reuse passwords across multiple sites.
  3. On top of having strong passwords, use two factor authentication wherever possible. It might take an extra 30 seconds to log in, but isn’t your security worth it?
  4. Keep your software up to date. The changes that you think are minimal to programs like Flash, Java, Internet Explorer, Chrome, and Silverlight- programs that you likely use everyday- can have big consequences if you don’t update them promptly.

You can also follow these tips here and here– like use DuckDuckGo to search because it doesn’t store your searches. Or use one of these apps that improve your anonymity when browsing on your mobile device.

The best advice that anyone can give you, however, is to use a VPN whenever possible- and don’t log onto public WiFi without it. Any data that is gleaned by a hacker will be nearly completely useless due to the encrypted nature of your internet traffic when you surf with a VPN.

LiquidVPN has solutions to not only encrypt your traffic on your laptop or home computer, but to also encrypt your Android or iOS mobile device. With these options, there is no reason why you shouldn’t have your data encrypted.

Here’s an excerpt from the Safe & Savvy experiment (emphasis mine):

For part of the experiment, the guys enabled a terms and conditions (T&C) page that people needed to agree to before being able to use the hotspot. One of the terms stipulated that the user must give up their firstborn child or most beloved pet in exchange for WiFi use. In the short time the T&C page was active, six people agreed to the outlandish clause.

feature image courtesy of Banalities via Flickr. 

If you take your privacy as seriously as we do, then you should follow @LiquidVPN

You can follow the author @FreelanceTony

Share this article!