Category: 

Is it Safe to Use Free WiFi® ?

Patrons at a restaurant or other public establishment should only use password-protected wifi.
Https at the beginning of a URL means the site is secure.
Free public WiFi is becoming increasingly more common and available.
When using WiFi in a public place, it is best to avoid using websites where you will be entering passwords and other sensitive data.
Wireless router.
Article Details
  • Written By: R. Kayne
  • Edited By: O. Wallace
  • Last Modified Date: 07 November 2014
  • Copyright Protected:
    2003-2014
    Conjecture Corporation
  • Print this Article
Free Widgets for your Site/Blog
The oldest known tortoise is 182 years old, and is believed by scientists to be the oldest living land creature.  more...

November 23 ,  1936 :  The modern version of "Life" magazine published its firs  more...

Free WiFi® or hotspots are public places where Internet connectivity is available to anyone within broadcasting range. Cafes, libraries, school campuses and civic centers are just a few places where people might find access. Generally, it’s safe to use hotspots with a few common sense rules.

Hotspot networks are often unencrypted, as encryption would require log-on credentials for each person joining the network, hampering accessibility. Networks that don’t require credentials are easy for anyone to jump onto with little or no user direction.

A wireless router broadcasts all dialog taking place between itself and connected computers. If ten patrons of a cafe are using their computers to access the Internet, check email or download music, ten conversations are being broadcast throughout the cafe and immediate area. Others within range can use widely available tools to eavesdrop on that dialog, trapping and analyzing the data packets. This is a good way for nearby malicious persons to gain usernames, passwords, email messages, and other personal information that is traveling unencrypted on the wireless network.

As a precaution, users might avoid visiting websites that send usernames, passwords or email in the clear when using free WiFi®. That said, when accessing such websites from home, the data is still traveling across the Internet in plain text, subject to online snoops. By avoiding visiting the sites in public, users are only eliminating the additional risk of local users who might be snooping wireless traffic.

Ad

Even if a free WiFi® network is encrypted, there are different types of encryption. An old protocol known as Wired Equivalent Privacy (WEP) can be easily broken with readily available software. Only the stronger WiFi® Protected Access (WPA) will prevent local snoops from being able to decipher the dialog between the computer and the wireless router. In all cases, the router will decipher traffic before sending it on to the Internet, so online snoops will still be able to read unencrypted data exchanged between yourself and the Internet. WPA will only stop local snoops from reading wireless traffic.

It is safe, however, to use hotspots for accessing sites that provide end-to-end (also called point-to-point) encryption. End-to-end encryption is automatically put in place when visiting a site with an address that starts with https. In this case, the browser will encrypt all communication before it leaves the computer, and it will only be decrypted at the destination site. The website likewise encrypts everything from its end, which gets decrypted by the browser. An interloper, whether local or online, can still trap passing data packets, but the contents of those packets will be unreadable.

Online banking employs point-to-point encryption, as do shopping carts and all legitimate websites that require personal information to provide a service or product. Ideally, any website that requires a username and password should provide a secure connection to exchange those credentials, but many sites that require registration allow the username and password to travel in the clear. Unfortunately, this is also true of some web-based email services. In this case, the email is also traveling in the clear for snoops to trap and read.

While free WiFi® is safe for secure websites, highly sensitive activities should only be performed from a person's home computer. A public computer should not be trusted for anything but casual surfing. Computers store passwords, usernames and other revealing data in a type of memory called cache, making it possible to retrieve later by others. A public computer could also be infected with keylogger software that records keystrokes, defeating the purpose of point-to-point encryption by trapping account numbers, usernames and passwords as they are typed into the keyboard.

To keep a computer safe, users should employ reputable anti-virus and anti-spyware software that is updated frequently. Additionally, people should regularly scan for rootkits, which are scripts that can be used remotely to control a computer online without the owner's knowledge. Rootkits use resources that can slow performance, interfere with the proper functioning of the computer, and can also be used to install keyloggers and other malicious software.

Ad

More from Wisegeek

You might also Like

Discuss this Article

anon295547
Post 12

What about Skype video calls from hotels or internet cafes? Is that safe? What can hackers see?

anon290139
Post 11

My question is: If you check your email when using unsecured wi-fi, doesn't that put your username/password into the stream, so someone / a hacker, could hack your account, mess with your email, etc?

amypollick
Post 10

@anon180228: I was so sorry to hear about what happened in Joplin. I'm from North Alabama, so obviously, we understand what you folks are dealing with. Our power and internet were out for several days. I could occasionally get my iPhone to connect on the 3G network, but AT&T was pretty much down the day after the storms hit, although they had it back up, mostly, by Friday.

I don't know that much about wi-fi, but I'd tell people that it was not secure, and they might be taking a risk in using it, and to make sure they had good anti-virus protection for their computers. If you could put up a firewall of some description, that might be good, too.

One of our local radio stations went on wall-to-wall coverage until the power came back on, and that was really our only source of information for several days. It was a blessing!

Good luck and God bless!

anon180228
Post 9

Here in tornado ravaged Joplin MO, we have intermittent cellphone service and only those with ATT DSL internet have Web access. (The cable company is offline.)

To help neighbors, I thought I could just hook an unsecured WAP to my hardware router, so people in the neighborhood could at least get info from FaceBook.

Have you any advice for leaving unsecured wi-fi running, in this disaster-stricken area?

anon167198
Post 8

Okay, here is my problem. I have a Dell Inspiron 1150 laptop-it does not have built in WiFi. I have to use an internet adapter, Belkin. I reside in a weekly motel, for now. Problem is, they go through Cox Internet, and the rooms do not have their own router so we have to rely on it coming from the office.

Well, because of this, when the office router cuts out, they have to reset it, and this messes up my connection, And, because of this, it is putting wear and tear on my adapter. It has cut off and gone out and my USB ports are failing now because of it.

So, in my opinion, no, it is not always safe to use free WiFi, because people like me, who aren't privileged to have a descent laptop, get messed up.-JMO.

anon101702
Post 7

Using a Mifi/Aircard from your cellphone provider offers a more secure (though slightly slower) connection. Verizon and Sprint in particular use CDMA technology that is more secure than the standard GSM data services from AT&T. I use the free wifi in hotels for general browsing, but anything remotely sensitive in nature I use my Mifi.

Sprint offers a 4G(true broadband) service now in some cities & VZW will be launching their 4G solution later this year, again in certian areas, which will match or exceed most of the free wifi speeds you tend to get.

anon90297
Post 6

There is a way to do it - it is to use your home computer as a server and connect from the hotspot to your home computer using a secure channel.

Essentially you use your home computer to surf via the internet connection of the hotspot.

There are tools such asp link to create the connection, you then need to set up your browser to use this.

You can also set up dns to do the same thing ie use your home computer through a secure channel.

If you don't other people will be able to know the web pages you are surfing.

I think if you google "using plink to establish secure connection" you will find how to do this.

I have done it using firefox as web browser, I am not sure how to do it with ie.

anon69820
Post 5

Thank you! This little article answered questions I've had for three years in a very clear and practical manner. Even my tech-averse spouse will be able to understand and remember this info.

anon69764
Post 4

I manage the IT in a group of libraries with wifi. Signing in to any hot spot does not necessarily use https. We require authentication with your library card number, but the connection is not then encrypted. So surfing can be seen by those with the right snooping software. If you are then signing in to your online e-mail account with https, then all your e-mail is therefore secure.

Windows Live allows you to specifically select to "Use enhanced security" which switches to https from http. anon28069 states that "the people you email *with* also need to use encryption". I do not believe that is true. Their e-mail interactions are quite separate from yours.

anon41302
Post 3

I have issues with WEP and interactivity with my nintendo systems, both my wii and ds's.I can't figure out how to get this to go away so I can use it. We use a lynksys wireless-g router, with vista, also using internet explorer 7.0,and firefox. I hope you can help me disable this. Thanks for reading.

anon28069
Post 2

You cannot secure the WiFi connection of a public hotspot. Either they offer a secure connection, or they don't. A secure connection requires you enter credentials like a username and/or password. Most public hotspots are not secured. This only means that *if* a hacker were nearby you (within range of the network) s/he could theoretically trap information traveling between your computer and the router you are connecting to... meaning the one in the hotel, or cafe, or wherever you happen to be. Are the chances of that high? Probably not. But it's possible.

An unsecured WiFi connection does *not* mean someone can hop on to your computer. You are actually more in danger of that coming from the Internet itself, than from an unencrypted (unsecured) WiFi connection. And there is no way to avoid being exposed to that ever-present danger as long as you get online, except through having a firewall and anti-virus, anti-spyware software running, which minimize the risk.

Surfing on an unsecured WiFi is no problem. If you are worried about people seeing your email, you'll need to encrypt it, but that means the people you email *with* also need to use encryption. A good idea, but not everyone is willing to do it.

Otherwise, don't worry. Millions of people use unsecured hotspots every day.

dannie
Post 1

I just bought a Toshiba laptop that has WiFi built in for use when I travel. All I want to do is check my emails and maybe search the internet for directions for my Tom Tom. Whenever, I open the WiFi network, I can get only unsecured connections.

I plan to use it in motels that I stay at...I thought that they would offer secure connections, but a friend tells me that I can get the key to connect, but even when she does that...it comes up an unsecured connection.

How can I get a secure connection? Is there a secure way to connect to WiFi hotspots? My laptop came with Norton 360 good for 60 days. I saw where AVG offers an Internet Security software program...will that keep me secure in hot spots even if I can only connect to an unsecured network?

I don't have a cell phone per say...I use TracPhone and pay as I go. At home I have Verizon DSL for my computer. I have Verizon forward my emails to Outlook Express as I like using it.

I'm only able to connect to unsecured WiFi. All I want to be able to do is read my mail and surf a little, but without getting hacked into!!!

Can you help me? Thank you so very much...I'll be awaiting your reply. Dannie

Configuration: Windows Vista

Internet Explorer 7.0

Post your comments

Post Anonymously

Login

username
password
forgot password?

Register

username
password
confirm
email