Security of Public WiFi Networks

It would seem that in today's world everything is protected, and there is no easy way to extract our data. Unfortunately it's precisely the other way around, considering that public WiFi networks are an ideal spot for cyberattacks.

What is a public network

It is every network that distributes wireless access to the internet, unprotected by password and accessible for every device.

What does an attacker see in an unprotected WiFi network?

If we are located in the same network as an attacker, he might receive access to the packets that are received and sent by us. A sniffer is software that allows to analyze network traffic, making it possible to identify their content. Packet analysis is no easy task due to their large number, but with proper filters in place suitable information can be found quite easily.

Packets include IP addresses of the websites we visited, so with a bit of analysis it becomes very simple to determine our destinations. Any transferred files are also prone to being read by the attacker. Text files are the easiest to read, but more sophisticated sniffers allow to open documents, archivized files or images.

Utilizing webmails, or WWW sites that provide access to an email service we should pay particular attention to transmission encryption. Accessing an account without SSL encryption means that the messages are at risk of being intercepted and read. For example, Gmail does not encrypt messages in default setting.

How to protect oneself while using a public network?

First and foremost, it is important to avoid logging in to services from public networks. It is advised to use a connection encrypted by a VPN (Virtual Private Network), which acts as a tunnel for our traffic. AnchorFree is an example of free SS VPN service.

Ignoring warnings regarding SSL.HTTPS certificates is not advised. If you're using an encrypted connection, the data is much more difficult to read. While logging into a bank or performing credit card payments the connection between the user and the WWW server is protected regardless of our web settings. In some cases SSL protocol is used, which can easily be recognized by the URL address - if it begins with "https://" instead of usual "http://", then you're good to go.