I took a trip to the San Francisco Bay Area last week for a project. As with any travel, there are blocks of free time. Also as usual, there were many things to do online and almost everywhere had free WiFi available including airports, coffee shops, and the hotel. Since I have so many points on Southwest, they even provided free WiFi on the flights. All the free WiFi hotspots were “open networks.” Those are the networks that don’t have a little lock symbol by their names and you log in using a separate webpage. The airport hotspots had ads, “watch this short video and get 30 minutes of free WiFi.” This was great, it all worked well, but what about security? How public is public Wifi? The lack of security on free public WiFi has been in the news regularly in the past year.
- Fox News – http://www.foxnews.com/tech/2012/12/08/5-tips-to-stay-safe-on-public-wi-fi/
- eWeek – http://www.eweek.com/security/slideshows/public-wifi-security-10-things-to-remember-before-signing-on/
- InformationWeek – http://www.informationweek.com/byte/personal-tech/wireless/open-public-wi-fi-how-to-stay-safe/240149727
These articles are basically correct. Personally, I use a Virtual Private Network (VPN) on any Public WiFi while traveling. There are several good companies, some are free, but I prefer to pay for Witopia because they seem to be the most reliable. But Southwest airlines WiFi didn’t work while connected to the VPN. Was it worth the risk to get some work done? Could somebody on my Southwest flight see my email password on this “public” WiFi? This required some complicated research to determine what was really going on technically. Once I returned, I installed a WiFi data capture program on my laptop and looked directly at the data my iPhone was sending and receiving.
The results were fascinating. The common iPhone apps I use while traveling did actually encrypt the data. Even if somebody captured the WiFi data on the flight, they would not be able to see my passwords. These apps included Mail, Flipboard, Google+, LinkedIn, Twitter, Facebook, and Tumblr. Logging into certain websites with Safari was a serious problem through since passwords were sent over the public WiFi for anybody to see. The only exceptions were websites where the HTTP part of the address was replaced by HTTPS which stands for “HTTP Secure” connection. If I logged into my email through webmail and the address was HTTP and not HTTPS, anybody could capture my password. This was obviously not good.
To summarize, public WiFi is a great convenience, but be careful. It is best to use a VPN connection. Do this by connecting first to the public WiFi hotspot, logging into the hotel or airport website, then once the connection is established, start your VPN software. To find a good, free VPN provider, just do a Google search for “free VPN” before you next trip. You can then enjoy that free public WiFi in comfort and safety.