Yes, public Wi-Fi is mostly safe. From a technical standpoint, modern security standards make it difficult to do any real damage. The main thing to consider is the threat model. It’s highly unlikely that someone is sitting in a café all day trying to hack people on public Wi-Fi. For the average user, it’s more of a theoretical concern than a real danger.
It is not about using SSL or SSH. When you are in public WiFi the attack vectors are not at the data you connected to WiFi to transport over. In the first place. It is that now you machine can be attacked with various other vectors for example what did you still in the public folder or what drive shares you have that do not require a password. I am not going to attack what you are actually using at the time. I will attack those things you forgot you had on your device.
As everyone has pointed out, protocols in place on modern sites make it a different landscape than it used to be. That said, bad actors are looking for new holes all the time.
I would say it depends mostly on scope of the network you’re on and the likelihood of someone sniffing around the corner. From public Wi-Fi at a grill on the side of the highway for example, very low; everyone on the network is probably in the immediate vicinity and within eyeshot. (That’s not to say an undercover actor won’t look like everyone else of course) but if you happen to be the only one who appears to be online during early or late hours, threats are simply not there. Your traffic is staying on the network.
At an airport or busy metro on the other hand, or even a grocery store or hotel, it’s another story. Slightly higher in that case where sniffers could be hiding from anywhere.
Public Wi-Fi isn’t really safe, even if you’re using HTTPS. Here’s the deal: when you connect to a public network, like at a coffee shop or airport, the data you send and receive is often not encrypted. This means that anyone on the same network could potentially see what you’re doing. While HTTPS does help by encrypting the data between your device and the website, it doesn’t make you completely safe.Hackers have a bunch of tricks to mess with public Wi-Fi. They can use man-in-the-middle attacks to intercept your communications, even with HTTPS. They can also set up fake Wi-Fi networks with names similar to the real ones, tricking you into connecting and then spying on your traffic. And public Wi-Fi can be a hotspot for malware, which can steal your personal info, including banking details and passwords.To stay safe, think about using a VPN, which encrypts all your internet traffic and makes it harder for hackers to see what you’re doing. Also, try to avoid doing sensitive stuff like online banking or shopping when you’re on public Wi-Fi. Make sure your device isn’t set to share files or allow remote access over the network. Keeping your software updated is also a good idea, as updates often fix security holes.
Don’t browse http and then you’re chilling. Unless someone has a quantum computer in the Starbucks, then be careful.
I can just connect to a Wi-Fi in a cafe with my PC and then search IP addresses online at the location. I can scan for any vulnerabilities and insert malware or I might just launch a Dos or DDos attack. No, itis not safe.
With tethering available on almost all cell phone plans, why use free WiFi? Stay safe and use your hot spot.
I would never connect to a public wifi, unless i have to for some urgent reasons, and if you use the public wifi, use the encrypted protocols like HTTPS, SSH, + a VPN Client on your phone for extra security
No, use a VPN if you can.
Https can help, but there’s still risk.
In short: no
There are quite a few man in the middle attacks made possible by connecting to a network with unknown levels of security.
Here are some examples:
- Fake AP - it can pretend to be you and the remote server, invalidating any encryption (as it sits in between and can see everything in plain text)
- packet sniffing - this is where everything on the network can see each other and look at unencrypted data. Even if using https there is still a lot of data that can be collected that never gets encrypted
- session hijacking - where enough unencrypted data allows an attacker to take over your connection
- DNS poisoning - an attacker pretends to be authoritative and can make your machine think you want to connect to a breached IP address, handing over logins and private data
- packet grabbing - this is where encrypted data is saved to be decrypted later. This is becoming more common with AIs to aid with pattern matching and will increase with quantum computing
Generally a VPN can help, but it’s still possible that you could be compromised - so best to be on the side of caution and only connect to trusted networks (even then, double check that the Access Point is valid where you can)
By using private VPN that encrypts the content of the packets, you can mitigate the risks.
I would love to have all of you that think it’s safe be connected to the same public wifi hotspot at the same time as me…. I can’t believe what I’m seeing being written here. Are these people really professionals in security?
Nope you should look into the most recent research on DHCP option 121 and think about carrying around a mifi with good wireless practices everywhere you go
Depends. Please describe your threat model.
I have seen apps fall victim of URL reflection attacks. Cross-site talk resulted in cleartext username:password in the URL.
So if on a public wifi with no VPN, it could happen if the app is not properly secured.
Depends on which sites your visiting…
Better than it used to be, I’d still use a VPN every time. I have a VPN server set up at home so I just route to my home connection. Haven’t had issues with blocking that route.
I would initially wonder if your question is a joke. No public wifi isn’t safe. Not only is all of the traffic you send and receive available to bad actors, generally bad practice. As a researcher I am aware of ways to compromise a VPN, is it common? No. Just employ best practices. Note, I am not saying I can personally compromise a VPN, I am aware of it being done by other researchers.
To be clear, what I mean is general google searches and such are lower risk. Be conscious of the sites you visit, Don’t go log into your city bank account etc. The bad news is I can spoof a network, you connect to it and all kinds of nasty things can happen. At a minimum someone is probably going to target / steel your data, possibly inject malware without you ever knowing. Also be ware of public charging stations…
Keep in mind that not all sites are up to date or have all the security functions enabled. I personally avoid unknown to me pubic connections, at times places like airports can have bad actors that set up their own wifi and skim your information/ date as it’s being transmitted. It’s far more common than people like to think, are you certain to allow threat actors into your system by just connecting and searching for cat videos? No, the point is assume that every key stroke is logged and you should be fine. That’s assuming you don’t get malware injected by logging onto someone’s public network. lol. The internet is a dark scary place… stay away from it :). Context, I have 2 firewalls and and a DMZ on my home network lol, so some call me paranoid.
I think a key point that some of the people here are missing is that the compromise doesn’t have to break the encryption protocols… you simply have to side step them for access. Trust me, why bother with trying to break encryption?
The answer is always no to this question. Just use your phone’s tether. I mean if you want a secure connection.
No, even with full tunnel encryption it’s not safe.