It’s vacation time! I just got back from a twelve-day road trip, and being the techie that I am, I just had to take my iPhone 6s Plus and iPad Pro along with me. To keep my usage of cellular data below my monthly limit, I made good use of public Wi-Fi networks when I found them. To stay safe, I followed a simple set of guidelines that you should consider when you’re off of your home network. In this Rocket Yard Guide, I’ll share these guidelines for staying safe on public Wi-Fi networks.
Use Only Secure Websites and Apps
Do you know the difference between a secure website that uses a secure HTTPS connection and one that uses a standard HTTP connection? HTTPS encrypts your web connection end-to-end — that is, from your web browser to the web server on the other end, and back again.
HTTPS connections are usually in place for commerce websites and those online locations that require a login. To make sure that you’re on an HTTPS connection when using Safari on your Mac or iOS device, look for a small lock icon next to the website address (see image above). That indicates that your device is using an encrypted connection, and in the Mac, you can even verify the encryption certificate being used by the web server to encrypt your connection.
Sometimes you may see both the lock icon and the web address in green in the address bar on a Mac or iOS device both in Safari and Google’s Chrome browser — this indicates that a trusted third-party has verified that the connection is encrypted. The image below shows that Symantec Corporation has verified Apple as the owner of the certificate for iCloud.com.
If you’re not using a secure website or app, then do not send anything important across that Wi-Fi connection. Logins, credit card numbers, and other personal information can be grabbed by someone else on the network if that data is being sent in plain text and not in an encrypted format.
Also, try to stick to using web browsers rather than apps — especially on mobile devices. When using Safari or Chrome on an iOS device, the browsers check and verify HTTPS connections. That’s not always the case with mobile apps, since the security — if any exists — is up to the developer. Apps that are created by trustworthy and well-known developers will usually indicate that data is being encrypted prior to transfer.
Virtual Private Networks (VPN)
Even when you have to “sign in” to use a Wi-Fi network at a hotel or coffee shop, chances are very good that the network is still unsecured. Often, that sign-in is used just to harvest names and email addresses for marketing purposes, and doesn’t supply the WPA2 encryption that is common with home and office networks. If the network’s not encrypted, everything you send over the network — usernames, passwords, personal information — can be grabbed by another user on the network using an easily-available packet sniffer app. Using a Virtual Private Network or VPN, your web traffic is routed through dedicated encrypted server. Think of it as an encrypted tunnel for your data to travel through from your device to any server on the web.
There are many reputable VPNs — both subscription versions and free services as well. The Opera mobile web browser for iOS has a free VPN version, but of course that will only work while browsing. Other iOS VPNs include CyberGhost, HotSpot Shield, and SurfEasy VPN (this is a full VPN from the makers of Opera) among dozens of others.
Use Cellular Data Connections Instead of Public Wi-Fi Networks
Surprisingly, this is something that a lot of users don’t even think about since they usually want to reduce cellular data usage. But if you’re making any online transactions and want to drastically reduce your exposure to possible identity theft or other issues, consider turning off Wi-Fi on your device and letting the built-in cellular data connection work for you.
Sure, you may go over your monthly data allotment, but isn’t it worth it to know that your connection is completely encrypted at all times? If you have a Mac and an iPhone or cellular-enabled iPad, you can even share your cellular data connection with the Mac through the Personal Hotspot feature (Settings > Personal Hotspot).
Me? I’m cheap, so I did use public Wi-Fi networks at hotels and restaurants most of the time.
Watch Out For Bogus Wi-Fi Networks
I used to do a lot of traveling by air for work, and one of my favorite pastimes was to see whether I could spot bogus Wi-Fi networks that were being used by hackers to snare folks who wanted free network bandwidth at airports. Generally, the hackers used the most obvious names, like “Free Wi-Fi” or “Free Wireless”. When attempting to connect to a network like this, the hackers did one of two things; make it as easy as possible for people to use their unsecured networks by not requiring a login of any sort, or require a login that asked for a user email address and password.
A lot of people tend to use the same password for everything, so entering that common email and password opened the door to a hacker who could then try that combination on a number of sites.
Instead of falling for the obvious bait networks like this, try to search out Wi-Fi networks that are associated with a reputable business. For example, McDonald’s restaurants and Starbucks coffee shops are well-known for their almost ubiquitous Wi-Fi service. Likewise, AT&T and Comcast Xfinity are trying to make Wi-Fi networks available to their customers in many businesses. If you see an attwifi or xfinitywifi SSID (network name) and happen to be a customer of either company, you can log in with your account credentials for a secure Wi-Fi connection.
Turn Off Sharing
One of my other little hobbies while I was traveling for business a lot was to act as a “white hat” hacker and warn other people about the dangers of having file sharing enabled on their laptops. If I was bored, I’d fire up my Mac and look for shared computers on the hotel network, then see if I could get access to folders or even the desktops of those computers.
When I was successful, I’d leave a text file named “YOU’VE BEEN HACKED” on their computer that basically told them that their computer had been visited a nice guy and hadn’t looked at anything on their device. However, a not-so-nice person could run rampant on their computer, so I told them in the note that they should turn off file sharing (and told them how to do that).
On a Mac, it’s incredibly simple: go to System Preferences > Sharing, and make sure that all of the services listed are unchecked (see image above). You can turn them all back on when you’re back home or in the office, but it’s a very good idea to disable sharing when you’re on the road.
Other Safety Tips
Other than the ideas listed above in this guide, there are some other things you can try to make sure everything is safe when you’re using public Wi-Fi:
- Don’t install any software that doesn’t come from the Mac or iOS App Stores when you’re on a public network.
- Make sure all of your apps and operating systems are up-to-date before you leave on your trip. This assures you of having the most recent security updates installed on your devices.
- Use different passwords for each of your accounts; this is made simple through the use of Safari’s built-in password manager that suggests complex passwords and then saves them in your secure keychain. This prevents a stolen password from one site from compromising the rest of your accounts.
- Never make credit card purchases or send out important information (like your Social Security Number or bank account logins) while on a public Wi-Fi network. As noted earlier, if you must do this, it’s best to use a cellular data connection rather than send the information on a questionable Wi-Fi network.
What’s Your Tip?
Do you have any special public Wi-Fi safety tips for Rocket Yard readers? Please leave them below in the comment section.