Public Wi-Fi networks are becoming more and more abundant. Recent reports show that there are over 410,000 public Wi-Fi networks in the United States[1]. While this is a good thing for the general public, it is also a good thing for malicious hackers. There is no guarantee that the Wi-Fi hotspot you are using is secure, and this creates a gold mine for hackers who want to take advantage of this.
Some of the many risks associated with public hotspots:
- Not paying attention– Some people just assume that the hotspot they are connected to is secure, and this makes them more susceptible to malicious hackers[2].
- Lack of encryption– Countless Wi-Fi hotspots lack sufficient encryption and in some cases, have no encryption at all. This makes the Wi-Fi hotspots very susceptible to hackers breaking in and stealing people’s information[2].
- Lack of password protection– A lot of public hotspots lack secure passwords, and some lack passwords at all. This makes it effortless for hackers to gain access to the network and hack into your data[2].
My personal experience with public Wi-Fi networks
I have never had my data leaked while using a public hotspot, knock on wood, but that is because I have always taken extra precautions when using these networks. For one, I have never and will never use online banking in a public hotspot. That would be like inviting a hacker to access my bank account. You can never know for sure that a public hotspot is secure, it is my opinion that it is unwise to access any sensitive or private data on these networks. Stuff like Instagram, Facebook, and the likes are all fine, but something like bank statements or government records would not be a good idea.
How the government is keeping public hotspots secure
Governments around the world have begun to impose rules for these networks to keep them secure[1]. One of these rules is what I will be focusing on, and that is DNS filtering.
DNS filtering
DNS filtering is a great way to protect users in public hotspots. DNS filtering acts as a barrier or second layer of protection from hackers. This works by preventing the threats from ever reaching your device. DNS filtering prevents connections to shady or unsecure websites that might try to steal your data. Another feature of this is that the business or whoever owns and controls the public hotspot can choose what websites to block. For example, they can block pornographic websites, websites that involve violence, etc. to create a safer environment.
VPN
Another way to make these public networks secure, would be to use a VPN. Although in my opinion this is not very practical. Only the user who has the VPN is protected and not the whole network, so multiple VPNs would be required. With the sheer amount of public hotspots, and the many more users who access those hotspots, having that many VPNs is not feasible on a large scale. A VPN works by creating a private secure connection with the network, and this can encrypt whatever data you access. However, this is a good option if you want to have extra protection for yourself, but you have to take into account that most VPN services come with a monthly fee.
Final thoughts
Public Wi-Fi networks have come a long way in the past 10 years, but they now must focus on the issue of security. Public Wi-Fi networks are not always secure, so it is better to play it safe than to get “pwned”. I will continue to exercise caution when I access these public networks and I strongly advise you to do the same.
Sources:
In a previous job I’ve had, I was drilled to never login into sensitive websites such as (Online banking, social media etc) due to how much information a malicious actor can capture based on the unencrypted packets that were transferred. I think that using a VPN is an easy and convenient solution to help add further protection with keeping your web traffic private. Make sure you do research on your VPN provider! Having a VPN with a shady VPN provider really only just exposes you to someone else.
It’s honestly crazy that so many people are unaware of this issue and that it is extremely easy to get hacked when using public Wi-Fi. A friend of mine was recently hacked after she joined her local Tim Horton’s Wi-Fi to log into MyHealth Records…
I agree with your statement “you can never know for sure that a public hotspot is secure…” You can never be too careful nowadays.
Awesome Post!
Interesting post. I typically use public networks whenever they are available so as to consume less data on my monthly plans. I admit I wasn’t aware of the risk of being hacked.
However I tend to use VPNs just out of habit so I hope that it provides enough of a safety layer.
By the way I believe ProtonVPN offers a freemium model and is a pretty well known provider. Also, most VPNs are really not that expensive and in my opinion are worth it in the long-run. I just think of it as a digital insurance policy to mitigate the cost of risk. I personally recommend ProtonVPN because they have a strict “no logs policy” so it has that extra layer of privacy.
It’s scary how easily it seems public Wi-Fi can intercept your data for malicious purposes, and how little people seem to realize that. I remember a few years ago hearing about a device called a Wi-Fi Pineapple that could spoof the signal of public routers and allow for easy man in the middle interception of data from any device accessing it. Like you said, VPNs are definitely only a solution for the individual, and more care needs to be taken as a whole to make public Wi-Fi more secure.
This was an interesting read. Up until now, I have always assumed that the wifi you can find in public (#TELUS, the Calgary public library’s wifi, etc.) were secure. I can definitely see this as an issue that people should be more aware of now more than ever, especially with how accessible our sensitive information is from our smartphones.
Great Post!
I always take for granted WiFi in public places and even though I have never been hacked. I must admit I have used public WiFi to open confidential emails about health records. This post gave me a wake up call to not access any sensitive data on public WiFi. I have a follow up question though how secure are LTE networks on phones, like when using data for apps. It would be a great followup topic to look into.
You do raise a very good question. I have not done much research on LTE networks, but based on what I have read it depends on the carrier. Some carriers are more secure than others, and I would imagine LTE to be harder to hack than a public network as it is not something everyone who sees it can connect to. With that said, it is never a bad idea to be too safe and the better solution would be a VPN in this case. That way if a hacker does gain access to your LTE network you will still be safe. I will be looking forward to if anyone chooses this topic for their blog post in the future.
That was a fun post to read! I got to know hackers can also use an unsecured Wi-Fi connection to distribute malware and if someone allowed file-sharing across a network, the hacker can easily plant infected software on your computer. I believe that as mobile Wi-Fi becomes increasingly common, we can expect Internet security issues and public Wi-Fi risks to grow over time. In addition, I really do agree on that post even personally I was used to join public WIFI networks perviously without taking any precautions.
This was a good post!
One of the most interesting things about this to me is just how easy it is to forget not to log into anything important while in public, as it would typically seem quite harmless to anyone who doesn’t have that kind of knowledge. It raises the question as to how public places could deal with this common issue and somehow have a more secure system, though I don’t really know much about the logistics behind that.
Hi!,
This is a very interesting topic! I actually enjoyed reading this article because I always thought public wifi’s are stechy in some parts. So I try to use them less since I don’t know who can see my data and go through my phone. When I do use public wifis, there are occasions where I try to enter this sport watching websites, but the website wouldn’t let me for some reason, but now I know that those who are preventing me from enter the sites are acutally helping me secure my devices and it is DNS filtering that is prohibiting me from getting me hacked!
Great blog post, Owen!
Personally, I also have been wary of joining unsecured public hotspots but have never been subject to any data leaks (that I know of). With that, I’ve recently started using Apple’s “private relay” option bundled with their iCloud membership. This private relay allows me to use the internet without having any personally identifying information such as my IP address or browsing activity revealed to the internet service provider that I am using.
Wow, I have never heard about Apple’s “private relay” option before. I might have to check it out for the next time I use a public network. This goes to show that there are many options that can help protect you on public networks. I talked about VPNs and DNS filtering, but this also seems to be a plausible solution. I will definitely do more research on this and try to figure out which would be the best way to protect myself on public networks.
Great post!
This post was fun to read because I could relate this to me as I use public Wi-Fi while I’m on transit. I have always thought of public Wi-Fi as free internet and never thought of it in this way. Although, I have never accessed my bank account or any important data on a public Wi-Fi, this post gives knowledge to someone who does that. I also have a follow question, what are your thoughts on ShawGo and ShawOpen, are they secure and are there any websites that are blocked by Shaw?
Hey, this was a really good post!
As someone who relies on public wifi daily, this was a really interesting post. I always had my doubts about public wifi which is why I never log in to anything when using public wifi. However, your post is also reassuring that even if I were to connect to the public wifi, I can take steps to protect my data such as using a VPN. Additionally, it also feels good to know that the government is taking an active role in protecting users’ data. I think through the implementation of protocols, we can take a stronger step in ensuring data security for the citizen.
Interesting topic, I use to always think about this while using public Wifi-networks. I do use these hotspots only while watching youtube or for a quick google search. If any other like my banking app I just use my mobile data. But most people don’t really think about these unsecured network connections while using them and they do end up leaking their personal information. I am happy that the government is looking into
this.Hope they make more secure connections for public’s Safety.
According to a study conducted by the Kaspersky Security Network, nearly a quarter of the world’s public WiFi hotspots don’t use any kind of encryption. Public WiFis, even if protected by VPN, should not be something I would recommend using because a lot of information are at stake when we are browsing our mobile phones. One of the most concerning part is Packet Sniffing, which is basically similar to the man in the middle attack, but uses tools to view everything that has been transmitted over the Wifi network, provided it is not encrypted. There is always a risk whenever a person is using public wifi to browse over regular emails or social medias, especially the login credentials, pictures, financial information etc. It is very difficult to determine whether a public wifi is safe and secure because users donot get any guarantee of SSL certificate whether it is provided by the server or not. Interesting post and a great read!
This was a fun and informative topic. Ironically, I never realized that using a public hotspot could be such a serious risk, because I used to think that public networks are all there for the convenience of others. I use a VPN all the time, but now it seems that even with VPN protection, connecting to public networks is still risky, and I will consider installing some protective apps on my phone. As for DNS, I thought it would not be used on a large scale, but recently I found out that many banks are using DNS filtering to protect their networks, so it seems that the government is paying more attention to the security of public WiFi.
Thank you for the informative post and I believe that this is something that a lot of people are not aware of. Personally, I got to know about the vulnerability of using public Wi-Fi from a more tech-savvy friend of mine. He explained to me how using the Starbucks Wi-Fi is like giving away your personal information to anyone because apparently hackers can monitor the traffic from that Wi-Fi network and gain access to your passwords. I even remember a scene from the famous TV series ‘Mr. Robot’ where in the first episode, the protagonist Elliot hacked into the Wi-Fi network of a coffee shop owner and started tracking his traffic and found out about his malicious activities by accessing his servers. Usually, I try to use a VPN to overcome this problem but I remember once watching a YouTube video by the creator Tom Scott where he pointed out the many flaws and redundancies that come with pay-to-use VPNs. Here is a link to that This Video Is Sponsored By ███ VPN
It’s an interesting overview of VPNs and how modern websites use stricter protocols and that we do not always have to have access to these kinds of services. I also try to use extensions such as ‘HTTPS Everywhere’ which switches websites from insecure “HTTP” to secure “HTTPS”. I believe people need to be made aware more of these extensions and methods since the public policy has not been as strict to prevent hackers properly and appreciate the usefulness of this article.
Great post Owen!
Very insightful and interesting blog post!
I have always used public wifi without any hesitation. This does make me want to reconsider using public wifi.
Nice article Owen!
Reminded me of a co-worker who used the corporate guest wifi to check his bank balances every day.
He would log in multiple times each day and constantly be watching his investments through his banking app (RBC I think).
Until one day his account was compromised, from what I heard he lost a decent portion of his investment portfolio and was not reimbursed as the bank claimed he was at fault for using a public network!
This is an interesting post! I have never believed in the security of public Wi-Fi before because it does not require any password to connect my phone to Wi-Fi, which makes me very skeptical about its security. But I know a lot of people like to use the public network because it can save mobile data and convenience for everyone. Your post proves my conjecture, and sure enough, public Wi-Fi is a good thing for malicious hackers. There is a lot about hotspots risks such as not paying attention, lack of encryption and lack of password protection etc. I also think public Wi-Fi should be more secure.
This is a very interesting post as I myself am very much interested in hacking things XD. I try youtube tutorials and definitely try to get information myself via public wifi. And let me tell you none of them works and the so-called 3 minutes tutorial requires a lot of steps in them. That being said, I am very sure that VPN provides a lot of layers of protection and I guess it will be very difficult for one to get your personal or banking info easily but at the same time, VPN usage reduces a lot of my speed so using it in public seems to be waste of time. But this a very nice post and at last my methods are fine and they are just some random experiments I do. I literally don’t want someone’s banking details 😀
This is very informative post that goes well with what we have learned in the course, the methods to become secure are also well established alongside why public wifi’s aren’t that safe to begin with. You don’t wan’t to end up in a situation where your bank account gets locked for suspicious activity.
I had a talk once in my middle school about the danger of unsecure wifi networks.
I’ve seen Defcon conference talks about how much data online is sent unencrypted (Wall of Sheep).
This idea is always in the back of my head while connecting to networks, and its great that you’re talking about it again. WiFi networks are dangerous like anything, and can easily serve as a vector of attack. Someone could be sitting in the back of your café, casually sniffing the packet traffic as you browse websites, looking for that one website not configured properly, and that one packet containing your login information in perfect plaintext in order to cause a ton of damage. A popular attack is to set up your own WiFi router and spoof it to entice people to connect to your network instead of the legitimate network, something like insert_cafe_wifi_name_5G, and watch everyone roll in and hand over their credentials like a bouncer checking tickets. It’s important to be aware of what’s a proper network, and what’s stealing information, and if you can’t tell the difference, just use your data plan or ask someone who does know the difference.
But these are just my two cents on top of what you articulated pretty well in your post. This is an important topic, and once again, I’m glad you brought it to light.