Public Wifi is safe right?

wifi network

If your definition of safe is leaving your front door wide open then yeah sure it’s safe.

Let’s talk about the reality of public Wifi. For starters we need to define public wifi.
1. Public Wifi in our scenario is any company offering “free” wifi at their location – so Starbucks, NYC subways, even your airport.
2. Just because it has a password doesn’t mean it is safe.
3. I do not mean Mobile Wifi hotspots.

So let’s discuss how to protect yourself on when you are connected to these Wifi networks. One thing “hackers” (I use that term loosely) like to do is spoof a wireless name (called an SSID). If you were to click on your Wifi icon to see all the available Wifi networks you would see probably a good dozen or so. But how do you know the Starbucks AT&T Wifi you are connecting to is the actual Starbucks Wifi?
Wifi networks
If for example you saw Starbucks Wifi and Starbucks Wifi would you catch that difference (this is an easy one folks). Other networks that have numbers are easier to spoof. Marriott Guest Network 1 and Marriott Guest Network l look very much the same at first glance (also depending on which font is used) – but they are different. The first one has the number one at the end, and the second one has a lowercase L. The spoofed network can even generate the same pop-up terms and conditions screen you are so used to seeing. Once connected to the spoofed network you are opening yourself up to potential intruders.

Even if you connect to the right Wifi network, someone else connected to that network may be “sniffing” the traffic. Network sniffing, more commonly known packet analyzing is a way to see and to intercept what people are doing on the Internet. This means if you are on the same network as someone else, they can tell what websites you are going to. They can see the traffic that you pass through on that website also, including user names and passwords.

So how do you protect yourself?
On your Mac there are a few things Virtua Computers would suggest. The first is turning on the built-in OS X firewall. This option is in your Security and Privacy System Preference. System Preferences is under the  Menu.
wifi firewallwifi firewall 2
Enabling this option and turning on block incoming connections will stop intruders from getting into your system. It will also warn you when someone tries to log in.

Another great program to help block incoming connections is Little Snitch. This app is great, but annoying somewhat (the amount of pop-ups for each program since so many “call home”). Using Little Snitch though will also allow you to monitor your incoming connections to stop people from logging in.

Not all services built into OS X will record what someone else is doing to your computer – so be weary of what networks you connect to.

You always want to have a complex password for your user account. While it’s easy for you to save that password and autologin on your own machine, for someone else to try to break in you want to make it as hard as possible. If you have questions about what is and what isn’t a complex password check out our “Passwords – are you really secure?” post.

If you are in a public place, clearly don’t leave your laptop out to go get your Latte, but if you do happen to leave your laptop somewhere make sure you turn on FileVault. FileVault is in the same System Preference as Firewall. FileVault is a full disk encryption of your hard drive – so if your laptop is stolen you need a master password to access the drive. Great feature that’s built right into your OS!

To protect against packet analyzing – make sure the web sites you are going to are secure sites. A secure site starts in https:// and if it’s legitimately secure your web browser will show you with a lock icon, similar to this one in safari: Screen Shot 2016-03-22 at 8.15.22 PM
Be smart, don’t do any banking from a public Wifi!

So those are some tips to stay protected. As always if you have any questions about any of this or want help getting your system more protected contact us.

Leave a Reply

Your email address will not be published. Required fields are marked *