What should I do to prevent being sniffed while using a public WLAN?
Wireless hotspots have significantly changed the way people work. Due to public hotspots we can work while traveling, or while enjoying a coffee at the favorite terrace restaurant. Any device equipped with a wireless card (laptop, notebook, tablet, smartphone and so on) can access public hotspots and benefit from high speed Internet connections. From free municipal WiFis to wireless networks you can access with a username and password while being the client of a coffee shop, library, restaurant, airport or hotel – connectivity is some clicks away in most populated places on Earth.
However, the accessibility of public WLANs works both ways. If you can connect to them without too much questions asked (or none), anyone else can do so. Moreover, not everyone is well intended. On the other hand, if supplementary security measures are needed while connected to your home WLAN, then it comes without saying that extra precautions should be taken with public WLANs.
Apart from the basic rules applying with every Internet connection, here are some guidelines about minimizing risks when using a public WLAN:
Remember you are in public. Your online behaviour should be in accordance with this reality. When using a public wireless network, always keep in mind that you are not in the privacy of your home connection. This means you should confine your online behaviour to those actions you are comfortable with while knowing others can see over your shoulder. Not only in the literal meaning but also – and most importantly – metaphorically speaking: public WLANs are exposed to the prying eyes and of hackers. Whenever possible, avoid actions using sensitive information such as online purchases or banking, and choose the network that ensures the most secure connection.
Use SSL and HTTPS encryption. Public hotspots do not encrypt data. Data exchanged between regular HTTP websites while you browse the web over the wireless network can be sniffed by anyone with the right skills and motivation. This is why enabling SSL (when using an application that connect to the Internet, such as Outlook or Thunderbird) and HTTPS (when visiting websites) is important for your privacy and online security. Look for the lock icon in the address bar next to the “https://” – that means the connection is encrypted. Some web e-mail clients and other offer the option of always using a HTTPS connection, or you can use an encryption extension for your browser (such as HTTPS Everywhere for Firefox and Chrome). Further on, you can manually encrypt the files or folders on your computer that you know you will be using while connected to a public hotspot, or make those folders private.
Verify and confirm network name. When connected to a public WLAN (in a restaurant, while traveling, for example) you should know that hackers can set up a fake WiFi network as a bait for unwitting users. Before connecting, confirm the network’s name with the personnel of the place you connect from to be sure you’re connecting to their public network and not a fake one with a similar but not identical name.
Use VPN. A Virtual Private Network (VPN) extends the security and privacy of a private network over a public network by routing all activity through a distinct secure network. Background running applications are available that set up the VPN automatically.
Turn off sharing. File and printer sharing enable other computers in the network to access resources in your computer. It comes without saying that this option is not desirable when you do not have control over who is connected to the same network – your data is exposed to hackers. To patch that breach, always ensure that sharing is disabled on your computer when connected to a public network. You can also use the automated settings of your operating system to differentiate from your home or office networks and public networks – it will automatically select the privacy and security settings according to the level you associate the network with (home, public, private).
Avoid automated connections. Even if your device (such as a smartphone) is built to connect to any hotspot available, it is recommendable to disable this option, and connect on demand, at your choosing and after verifying the connection for authenticity (with the people who provide you access for example).
Consider two-factor authentication. You already know the first rule about passwords: use strong passwords (longer, hard to guess) and change them regularly. Nowadays, most popular websites such as Facebook and Gmail provide the option to use two pieces of information to ensure your account stays yours. One is the password that you use to login, and the other is sent to you via your mobile phone in the form of an SMS with a code. When using the Internet in a public network it is a good idea to enforce the security of your account with this kind of double authentication, even if it seems a bit of an effort.
Turn WiFi off when not using it. When you are using your computer in a public hotspot, but have no need to access the Internet, make sure you turn off the wireless connection (by removing the external WiFi card or by disabling the WiFi connection).