How To Combat WiFi Security Risks When Connecting To A Public Network
The specifics of why an unsecure connection can be a problem is more obscure, however – as are the methods that can be used to beef up your security even when using an unsecured public hotspot. Let's have a look at the exact WiFi security risks of public networks, and the solutions available to counter those risks.
Ah! My Airwaves!
The problem of unsecured wireless networks is a part of the way radios work. Unless specifically designed to do so, a radio won't broadcast in any particular direction. It will send information across the airwaves in all directions.
As a result, anyone nearby can potentially pick up the data sent by a wireless radio, and if that data is unsecured, it can be read. WiFi security works by encrypting the data sent. It can still be picked up, but can't be easily read because of the algorithm used to scramble it.
Most people understand this broad summary of the issue, but it's actually a bit misleading, because it seems to imply that someone can simply open a notepad, connect to a public network, and watch passwords drop in. In truth, obtaining data even over a public WiFi network requires a certain level of knowledge about software such as WiFi scanners, and your average person simply doesn't possess the necessary skills. Yes, there are tools like the FireSheep extension for Firefox that can hijack sessions easily in theory, but in practice some technical knowledge is usually required to do anything truly malicious.
HTTPS Security Is Your Friend
Attempts to read data can sometimes be thwarted by the first line of defense on a public WiFi network – site or service encryption. For example, when you type in and send your password across a network, it does not need to be, and ideally should not be, sent as "plain text". It should instead be encrypted via HTTPS or SSL. The same goes for all potentially sensitive information.
Many sites will automatically switch to HTTPS when you visit a page that requires the exchange of potentially sensitive information. Some sites, like Google, Twitter and Facebook, give you the option to remain in HTTPS at all times. You can decrease your risk when using any public network by making sure that any site on which you are entering potentially sensitive information is secured. Usually this is as simple as watching for the "https" prefix on the URL. If you're on a public network, and the site is not secured, then just wait until you're home before entering any important information.
Use a VPN
Although HTTPS can be great, it does depend on the website's implementation, which is something you have no control over. A poorly designed HTTPS site could have huge security holes – and it's never wise to assume that a site has great security just because it's popular.
A VPN is a great way to make public WiFi secure for your use 100% of the time. VPN stands for Virtual Private Network, and it's a method of creating a secured connection even on a network that is public and unsecured. Instead of connecting directly to the Internet, you connect to a specific server, which is itself connected to the Internet. The connection between your device and the server is encrypted, so the information you send is protected even on unsecured WiFi.
There are quite a few different ways to set up a VPN, but the easiest is to use a free VPN service. Free use of a VPN is usually limited to a certain amount of traffic per day or month, after which you'll have to pay for more bandwidth. The speed of your connection might also be handicapped unless you pay up.
Tunnel For Safety
Another common method of creating a secure connection even on public WiFi is to use tunneling. Leave your shovel in the shed – this method is a server capable of SSH protocol.
Tunneling is the process of placing a packet sent via a specific network protocol inside another packet using a different network protocol. In the case of SSH tunneling, all packets are placed inside SSH packets, which are encrypted. The packets are then sent to the designated SSH server.
This method can also be used to work around attempts to block access to specific websites, which can be handy if you're on a WiFi hotspot that's trying to prevent you from accessing certain content without paying up. You can tunnel either by using a virtual server or by using your own server, which presumably would be left at home.
The best way to make sure your information isn't obtained when using a public WiFi network is to not send any sensitive information over the network. This is not always practical, however, so the methods above can help provide extra security.
Of the three, relying on HTTPS is by far the worst, because only specific information will be encrypted and that information is designated by the site, rather than the user. Still, it's better than nothing.
Let us know in the comments if you have any other good WiFi security tips for protecting yourself while on a public WiFi network.