Free Wi-Fi is great but beware password thieves
BY ANDY IHNATKO firstname.lastname@example.org September 24, 2012 5:52PM
Updated: October 26, 2012 2:08PM
I’m happy that Chicago is championing free Wi-Fi in public spaces. Honest. I’m writing this column from a bench in a public park, for real, on my iPhone. While all around me, tourists unpocket devices to check maps.
But there are two problems with free public Wi-Fi that you need to keep firmly in your forebrain before connecting to that access point.
The first access point is in Millennium Park, where hundreds of thousands of tourists come to nest. Which means it’ll be a prime target for any no-goodnik who wants to hijack Wi-Fi traffic for passwords and other personal information.
You need to suspect only the people with pockets. Any one of them could hold a compact, affordable device that autonomously intercepts open Wi-Fi communications and can in many cases even break the encryption protecting common Wi-Fi security protocols.
So don’t even think of using any unsecured public Wi-Fi without adding your own private tunnel of security. Connect to the access point and then immediately flip a switch in your computer’s network settings that activates VPN. A virtual private network service routes every byte of your traffic through an encrypted server and is immune from third-party access by all but the most extraordinary of means. And after you’ve enabled it, you just use all of your Internet apps and services as usual.
I subscribe to the WiTopia service, www.witopia.net. It’s easy to set up, works with all of my laptops, phones and tablets and it costs just $50 a year. I’m covered in parks, coffee shops, hotels . . . everywhere.
“But I only connect to secure sites, with ‘https://’ URLs, and I always check for the little padlock in my browser that confirms everything’s secure.”
Good, you should do that. It won’t help you if a site is well-spoofed, or if an interloper’s software is telling your browser what it thinks you want to hear. Plus: Accidents happen.
Public Wi-Fi is beset by mundane security problems, too. A bench, a pair of binoculars, a pad of paper and four hours of patience could yield a lot of valuable login data. Be aware of shoulder-surfers.
The other problem with public Wi-Fi: You can’t count on it. You can generally count on Wi-Fi in public libraries (because librarians have “information access” in their RNA). With all other spots, it’ll be a crapshoot. Particularly when 133 tourists are all trying to Skype video of this weird giant chrome bean to their friends.
I am indeed writing this column in a public park. That was no jive. But I’m doing it via my phone’s 4G connection. A friend of mine who spends six weeks out of every year camping tells me: “The only supplies you can count on and the only ones you can absolutely trust are the ones you carry with you.” He’s a smart guy, apart from his preference for spending his vacation sleeping behind two layers of nylon instead of several layers of concierges and doormen.