Security Tip: Verify open Wi-Fi hotspots before using them

SecurityIconXWhen you connect your Mac to a Wi-Fi hotspot at a cafe, library, or other public location, do you ever double-check to ensure the Wi-Fi hotspot is a legitimate one? Quite often, when you are out and about, it is not uncommon to find a number of open hotspots, that you can easily log on to surf away, and while most of these will be perfectly fine options to use, there is nothing to inform you whether or not the hotspot was set up for nefarious purposes.

Granted, most home routers are fairly closed systems that are difficult to modify for malicious purposes, but since all of your network data will pass through a router, it is conceivable that one could be set up to monitor this activity and perhaps even attempt to hack it. This is especially the case with services like Apple’s “Internet Sharing” feature in OS X, where you can use any PC with custom software to create a router and broadcast a Wi-Fi signal.

This approach was recently done at a tech conference, where a young hacker (or shall we say “security researcher”) by the name of Gustav Nipe, set up a custom open Wi-Fi hotspot with the fairly benign name of “Open Guest.” In using some custom software that would track who connected and where they would visit, he sat back to see what fish would bit.

In the course of his experiment, Nipe saw a number of conference goers connect, and could see what sites they were visiting, as well as track e-mail and text messages. Whether or not he could read any data from these traced connections has not been revealed; however, it was amusing to know that this happened not only to understandable victims like politicians and journalists, but also to a number of apparently tech-savvy security professionals.

With this in mind, even though you will regularly run across a number of open Wi-Fi hotspots, should you take the chance when connecting to one? Since in most cases open Wi-Fi networks are set up purposefully for convenience, or even mistakenly, the chances are that you will not fall victim to a hacking scheme. In addition, many online services you use, such as Messages, and connections to financial and medical services are highly encrypted, so intercepted data cannot be read. However, any snooping by others is likely unwanted.

Therefore, when at a venue and connecting to its network, first be sure it is a legitimate one by contacting the venue for the exact name of its Wi-Fi network, and then only connect to it. This is important, because anyone could go into a legitimate place like Starbucks and create an open hotspot called “StarbucksGuest” in an attempt to lure unsuspecting users.

Secondly, be aware of what it takes to connect to the Wi-Fi network. Most public networks use an active portal authentication approach that will present you with a welcome screen or Web page, with official information about the connection and support numbers you can contact, if necessary. Rarely will an open Wi-Fi network simply allow you to connect.

Finally, an approach you can take is to avoid public networks altogether, and use personal hotspot options that are available on many cell phone data plans. With a few steps, you can tether your Mac to your iPhone or other phone via Bluetooth or even USB, and then be able to use an unlimited plan (or careful browsing if you have a data cap), and then be able to surf away. Granted this will only work if you have cell and data coverage in the area, but is a way to ensure your Mac is on a network you trust.

2 thoughts on “Security Tip: Verify open Wi-Fi hotspots before using them

  1. Mr. Smith (@hsmith254)

    I’m surprised Topher didn’t mention using a VPN s a secure way to use the Internet over an open WiFi connection… You can even use your home Mac as a VPN gateway for all your mobile devices.

Comments are closed.