10 Tips for Public Wi-Fi Hotspot Security

Telco ZimbabweComments off.

Public Wi-Fi Hotspots can be a hacker’s paradise. Following these basic security tips can mean the difference between safe surfing and an identity-theft or data-loss nightmare.
For its 2017 Wi-Fi Risk Report, Symantec chatted with thousands of adults who used public Wi-Fi hotpots in 15 countries across the globe. You’d think it would show people concerned for their privacy and in fear of identity theft, spying, and worse. Wrong.

Instead, it showed that people are addicted to free Wi-Fi and don’t think twice about connecting to any network that can get them online in most cases. Getting Wi-Fi in a hotel, on an airplane, even in a restaurant or bar drives decision-making on where to go and stay. Half said the most important thing to access is GPS information. And 40 percent said they have used public Wi-Fi in hotels/rentals to watch adult content—and I’m not talking about HBO GO. There are plenty of people doing that on trains, buses, airports, at work, and even in the public toilet.

Worst of all (yes, it gets worse), while 60 percent said they feel their info is safe when using hotspots, 53 percent can’t tell a secure network from an insecure one.

For many, open, public Wi-Fi hotspots are just too convenient to ignore. But that’s risky behavior, especially because it’s not that hard to make sure you’re secure. Some of the tips below involve common sense; the rest you can set up before you even leave the house or office. Make sure the next hotspot you connect to—be it in the café or in the sky—isn’t a security nightmare waiting to happen.

1. Pick the Correct Network

Have you ever tried to connect to public Wi-Fi and seen multiple network names that are similar but not the same? EricsCoffeeHaus versus EriksCoffeeHaus, or HiltonGuest versus HiltonGuests, for example. This is a tried-and-true man-in-the-middle attack used by hackers—dubbed Wi-Phishing—which tries to trick you into logging into the wrong network to get to your info. Most people don’t take the time to check, and jump on the strongest, open signal they see. But you should always check that you pick the legitimate network.

2. Pick a Secure Network

When you want to pick a Wi-Fi hotspot to log into, try and find one that’s got you locked out. You read that right. Usually if you see the lock icon it means you can’t get access. Networks with zero security don’t have a lock next to them, or the word “secured,” which shows on a Windows laptop. On an iPhone, if you click an unsecured network—even if it’s your own at home—you’ll get a warning that reads “Security Recommendation.”

Of course, this isn’t a hard and fast rule. Some hotspots don’t show the lock because they have what’s called “walled garden” security: you have to log in via a browser to get access to the internet. The login usually is provided by the hotspot—you may get it from the front desk at a hotel, for example, while checking in.

It’s best to stick to hotspots where the provider, be it a conference, hotel, or coffee shop, provides you with a clear network to choose, plus a password to grant access. Then you know at least you’re on the network you’re meant to be using.

3. Ask to Connect

You can set most devices to ask before they connect to a network, rather than just automatically connecting to either the strongest open network around, or a network they’ve connected to before. That’s a good idea; never assume the network you used in one place is as safe as one with the same name in another place. Anyone with the right tools could spoof a Wi-Fi network’s broadcast name (called the SSID). If the device asks first, you’ve got a chance to make a decision about whether it’s safe to connect or not. On iOS for example, go to Settings > Wi-Fi, and check off “Ask to Join Networks.” On Android, it’s Settings > Wi-Fi > > Advanced > Wi-Fi notifications (turn it off).

 

4. Be Your Own Hotspot

Almost all laptops and phones make it easy to become your own hotspot for others. Rather than risk everyone in a group, one person could designate a device as a hotspot. Of course the best person to do this is someone with a tethering-capable carrier data plan on their laptop, tablet, or phone—since the backhaul to the internet doesn’t have to then go through the public Wi-Fi. It won’t be fast, but it will be more secure.

In Windows 10, turn it on at Settings > Network & Internet > Mobile Hotspot so you can pick the kind of internet connection used (if there is more than one option; this is best if you’ve got an Ethernet connection), and get the name of the network to hand out to people (or change it), as well as the network password they need for access (or change it—it has to be eight characters at least).

On macOS, go to Apple Menu > System Preferences > Sharing and click the Internet Sharing box. Pick a connection type to share, how you plan to share it (Wi-Fi, duh), then click Wi-Fi options to name your Mac hotspot and give it a password.

5. Use a VPN

This should go without saying: you need a virtual private network (VPN) when you’re on a public network. While this was moderately good advice the first time we wrote this story almost a decade ago, we live in a surveillance/hacker state today that seemingly rivals that of Orwell’s 1984—if you’re not careful. Yet according to Norton’s study, 75 percent of consumers don’t use a VPN at all when on public Wi-Fi.

A VPN creates a private tunnel between your laptop or smartphone and the VPN server on the other end, encrypting your traffic from snoops—even your ISP or the operator of the hotspot itself. To find the one that’s right for you, read our roundup of The Best VPN Services, pick a top-rated one, pay for it, and put it on all your devices that use public Wi-Fi of any sort. You’ll be glad you did. (For complete anonymity, use the Tor network.)

6. Avoid Personal Data in Hotspots

This is less a technical tip than a behavioral one: if at all possible, avoid doing more serious tasks like bill paying, accessing your bank account, or using your credit card when connected to public Wi-Fi. And filling in your taxes at a hotspot? No way. Save those transactions for when you’re connected safely to your home network, where you’re a lot less likely to get targeted by snoops, since you already keep that one secure, right?

7. Avoid Using Your Passwords

There are a lot of passwords to remember, and you probably have to enter a few even while you’re on public Wi-Fi. But if you’ve been compromised—say some hacker is sniffing the airwaves and pulling down data—anything you type and send to the internet could be equally compromised. That’s why you should use a password manager like LastPass or Dashlane, which got perfect 5-star reviews from PCMag. They store passwords for you and keep them encrypted, even via their apps. If you do use passwords, try to make sure they’re on sites where you have two-factor authentication set up.

8. Disable Sharing

When you connect to a network with a PC, be it a Windows or Mac, the goal is typically to share some services—at the very least files and printing ability. If you leave that sharing open at a hotspot and connect to the wrong thing, you’re giving bad guys easy access. Disable it before you go out. In Windows 10, go to Settings > Network and Internet > Wi-Fi > Change Advanced Sharing Options (on the right) and look for Guest or Public—click the down caret to open that section. Click the radio buttons next to “Turn off network discovery” so your PC isn’t seen, and “Turn off file and printer sharing” to avoid sharing.

 

9. Take Your Hotspot With You

Public access Wi-Fi is great, but you could just carry your hotspot with you. Cellular modem hotspots have their own battery, use cellular backhaul for an internet connection, and provide multiple people with Wi-Fi access. Sure, it costs more, but it might be worth it if you’ve got a lot of traveling ahead.

10. Keep Your OS and Apps Updated

Operating system (OS) updates are an annoying yet necessary evil. Don’t be lulled into a false sense of security because you’re a Mac or iPhone user. OS updates are serious business; they often fix serious security holes. For example, the iOS 10.3.3 release in the summer of 2017 didn’t look like a big deal, but it fixed a vulnerability that let hackers remotely control phones with Broadcom Wi-Fi chips inside—which is most of them.

Once an update is available, everyone in the world knows about the hole—if you haven’t patched it, your device becomes low-hanging fruit ready to be plucked by an opportunistic hacker.

Don’t forget your other mobile apps either. App updates may also fix serious security holes. Especially the browser apps, but anything that goes online could be vulnerable. On iOS, go to Settings > iTunes & App Store, and make sure “Updates” is turned on so apps update themselves. On Android devices you can do the same with Google Play > > Settings > Auto-update apps. You can set them to update over Wi-Fi only, or using Wi-Fi or cellular connections. You may still have to occasionally go in and click an “Update All” button to install the downloaded updates.

 

Source: 14 Tips for Public Wi-Fi Hotspot Security by Eric Griffith

 

 

 

Posted in: Uncategorized