The recent booming of public Wi-Fi has been an advantage for working people. Even before this whole pandemic thing, lots of employees used to work from remote locations (Alexa, play Bored in the house). Anyway, free access points are available at bookstores, airports, cafes, and ... basically anywhere with people.
That said, here comes a joke on how easily accessible public Wifi networks are today:
A teenager at a funeral asks the priest for the wifi password.
The priest is shocked and asks the boy, "Have you no respect for the dead?"
The boy responds, "Is that uppercase or lowercase?"
Ok, that may be too true to be funny. But tell me, what is the first thing you do when you sit down for a bite? Hint: ask for the Wifi password.
Here are some risks you should be aware of when using a public Wi-Fi spot:
1. Rogue Wi-Fi networks
An attacker sets up a honeypot in the form of a free Wi-Fi hotspot. Thus, he can get all data exchanged over the network.
On the eve of the international exhibition Mobile World Congress 2016, Avast employees carried out an experiment. The day before the opening, several Wi-Fi access points with Starbucks SSIDs, Airport_Free_Wifi_AENA, and MWC Free WiFi were deployed at the Barcelona airport. Avast's goal was to demonstrate how much users put themselves at risk while using public Wi-Fi hotspots.
In just four hours, Avast harvested over 8 million packets of data from more than two thousand users. Of course, all data was immediately deleted. But still, it is a nice example of our carelessness and a danger public Wi-fi can present.
Also, according to Kaspersky, more than 20% of hotspots worldwide lack password and encryption protection. The study revealed that a further 3% of hotspots use the outdated Wired Equivalent Privacy (WEP) protocol. This makes the hotspots extremely vulnerable to hackers.
Welcome NordVPN, today's newsletter sponsor. NordVPN offers high-quality P2P support for smooth surfing. No-logs policy and strong encryption are part of their core service.
They're offering a 70% discount to Hacker Nooners until August 17th. Grab yours here.
What's next?
2. Man-in-the-middle attack
This term refers to the process when an attacker places himself in a two-party conversation. His goal is either to eavesdrop or to impersonate one of the parties. Next thing we know, he can steal personal data like login credentials or credit card details.
The well-known non-cryptographic "man in the middle" attack was carried out by a Belkin wireless network router in 2003. From time to time, the new model of the router chose a random HTTP connection and redirected it to an advertisement page of its manufacturer. Such behavior of the device certainly caused a storm of indignation among users, after which this "feature" was removed from later versions of the router firmware.
In 2011 the security breach of the Dutch certification center DigiNotar led to fraudulent issuance of certificates. Subsequently, the fraudulent certificates were used to carry out "man in the middle" attacks.
In 2013 it became known that Nokia's Xpress Browser decrypts HTTPS traffic on Nokia proxy servers, providing companies with clear text access to their customers' browser's encrypted traffic. Nokia stated that the content was not permanently stored and that the company had organizational and technical measures in place to prevent access to private information.
We’ll talk more about the risks of public Wi-Fi later. In the meantime, there is a simple tool that will help you fight off hackers. And it’s the almighty VPN.
Did you see it?
Since it encrypts your information, all personal dets will be safe and sound. So please, make an effort and get one on all your devices.
