Mar 30 2015

Beware of Public Wifi

Honestly, in our present day, that seems like it should be common sense, but all too often it is not. Yet another news story is shining a spotlight on the fact that another form of public wireless, this time hotel access, is vulnerable. (

Let me state the obvious: effectively, all wireless access is vulnerable. If you want to be security-minded, you have to expect that any connection you have can be breached. To think otherwise will lull you into a false sense of security.

That being said, as someone who has supported and set up more than a few wireless networks, let me say this: the only wireless networks I come close to trusting are those wireless networks which I administer. I will not get on so-called “free” wireless. I will not use my hotel wi-fi. I do not join site’s guest access, without taking some precautions first-such as ensuring I have a secure VPN connection to wherever I need to get to.

When I travel, my phone becomes my hotspot, and I still use VPN tunnels to ensure sensitive data remains secured. I still have to rely somewhat on my carrier, but the VPN connection keeps things safe. When I cannot confirm security, I don’t take care of anything like online banking, online shopping or anything else which requires my accessing personal information. Odds are it can wait until I am at my house, with my own network.

The major point people too often forget, especially on these free wireless offerings at coffee shops and such, is that it is wide open access, and it leaves your device and your information susceptible to exploitation. If conduct banking at a Starbucks, and some enterprising tech savvy individual happens to be sniffing around, it is entirely possible for them to catch a glimpse of pertinent information and take advantage of things. It is also not entirely unheard of for some nefarious individual to set up a rogue access point in such a densely populated area, with the express purpose of harvesting as much sensitive data as possible. They will make it look and feel like a legitimate access point (of course) and it will be easy to connect with in a convenient way, because the internet was designed for convenience, no security. And just like that, you could be willingly connected to a hacker’s tool, allowing them to collect just about anything they wanted.

If it’s sensitive-personal financial information or health records, for example- do what you can to secure your connection if you are not home and need to conduct that business. Otherwise, do yourself a favor and wait until you are home, or in an otherwise known trustworthy network. If you can’t be sure that the wireless network can be trusted, then don’t. Waiting to handle your business is a lot easier than cleaning up from identity theft.