While a public Wi-Fi hotspot can be convenient, it may still be a security risk. Here’s why you should use one of the best VPNs for Mac while on public Wi-Fi.
Access to the Internet is crucial to modern life, to a level where it’s very easy to get online wherever you are in a variety of ways. One common method is through public Wi-Fi hotspots, which are offered by businesses and municipalities as a convenience to customers and visitors.
You’d be hard-pressed to find a coffee shop that doesn’t offer customers free Wi-Fi while they sip their drinks.
Practically everyone with a smartphone and potentially the ability to tether their iPad or MacBook Pro has cellular access to the Internet wherever they go. But for many, those cellular plans often have bandwidth limits, so Wi-Fi hotspots provide a way to avoid chewing through a data allowance too quickly.
While extremely convenient to the average person, public Wi-Fi may not necessarily be as secure as their home network, or a corporate network provided by their employer.
Just like the need to be vigilant and to practice good cyber hygiene on your normal data connection, you need to be especially protective of your data when using a public Wi-Fi hotspot. The simplest way is to use a Mac VPN or a VPN for your iPhone or iPad, at least while using that connection.
A lack of security
A primary reason for using a VPN is because a public Wi-Fi hotspot can be inherently insecure. In many cases, the public Wi-Fi access point is open to access without requiring a password, meaning that anyone within range can connect to it.
This also applies to businesses that openly display the Wi-Fi name and password on a sign inside the store. It’s effectively the same as setting the password to be off, but with one extra step that does little to enhance security.
That means you’re sharing the same network as other people that you don’t personally know, and therefore cannot trust. It’s entirely possible that other users using the same hotspot are doing what they can to see if they can sniff Internet traffic on the connection.
In many cases, there is some level of security on the public hotspot, with many providers offering public Wi-Fi packages to businesses including features to minimize this sort of activity. For example, the provider may have set up the hotspot so that guest users cannot see each other or other devices on the network at all.
Not everywhere uses commercial-grade routers for hotspots. Sometimes it’s using poorly-configured consumer hardware.
The same cannot be said for people using more amateur efforts. It’s not hard for someone to buy a Wi-Fi access point and set it up as a public hotspot, without configuring it to be that secure at all.
In this latter case, it’s possible for devices to see each other over the network. This is a highly insecure scenario, as it would be trivial for an attacker to listen in to your data.
Even worse, an insecure hotspot could allow attackers to try and infect your device with malware.
Man in the Middle and Fake Hotspots
Sticking with insecure hotspots and hacking for the moment, it’s possible that the hotspot itself could be illegitimate. Namely one that has been set up by a hacker for the purpose of stealing data.
This can come in the form of hotspots that have been purposefully set up to appear to be a legitimate public Wi-Fi hotspot, but are not. By tricking users to connect to the hotspot, the hotspot owner can have much more control over the connection, and have a much easier time snooping traffic coming from your devices.
This can also take the form of a man-in-the-middle attack, where an attacker uses an unsecured network to impersonate a legitimate hotspot, hoping that you’ll connect to their hardware instead of the real thing.
To the user, this could seem like a normal connection, as their traffic passes through the attacker’s computer before reaching the legitimate hotspot, and vice versa. Again, this gives the attacker a prime opportunity to sniff packets of data and try to glean information from your web browsing.
These also give attackers the chance of doing other things as well. For example, they could manipulate webpages you visit to inject malware-laden ads into pages, increasing the chance of infecting your devices.
They may even present network pop-ups, declaring that users have to sign in with their personal information to use the connection, as a simple form of data collection. They may even go as far as to demand payment, even if the connection is supposedly free, to steal credit or debit card details too.
Data Harvesting
Even if the connection is legitimate and not affected by an attacker, the hotspot may not necessarily be perfectly safe for your personal data.
It’s possible that, by using a free service like public Wi-Fi, the service provider could still be collecting information about your browsing habits. Much like other similar collection systems like cookies used by online marketers, this data can be compiled and sold to data brokers in the same way.
This means your browsing habits could be sold off and then used by marketers to enhance a profile made to target advertising to you. Even though you’re not on your normal Internet connection, digital fingerprints can help identify your computer, and therefore indicate which profile to add the new data points to.
There’s also the possibility of legitimate hotspots messing around with websites you’re viewing. To help earn revenue, it’s possible for a hotspot to replace or inject ads into a webpage.
Protecting yourself
The first and most obvious thing to do when using the Internet via a public hotspot is to make sure you’re using HTTPS. That S means the connection between the website and your computer is secure, so a lot of the web page injection stuff shouldn’t work, and your data should be protected.
It’s also advisable that, even with HTTPS enabled, you shouldn’t really do anything really sensitive while on the public networks, just in case. For example, logging into your bank’s website, or signing into a social media account with extra protection like two-factor authentication enabled.
These sorts of uses should be on a connection you know is more secure. Switching to a cellular connection is better in this instance than staying on public Wi-Fi.
VPNs use encrypted tunnels to secure your dataVPNs use encrypted tunnels to secure your data
It’s also advisable to disable features like file sharing and automatic Wi-Fi connections. This latter point is important, as the last thing you want is for your devices to automatically connect to a potentially insecure connection.
The best and more secure option is to use a VPN right from when you establish the Wi-Fi connection. With a VPN enabled, your traffic is being ferried through an encrypted tunnel to the VPN service’s server, preventing it from being snooped on at all.
This traffic isn’t just limited to browser usage, as all online communications pass through the tunnel. This includes other apps you may have on your iPhone or Mac that aren’t browsers, but connect to online servers anyway.
While a VPN is typically known for allowing you to connect through a server in a different country, you can also just as easily use a server in the same country you’re in. This will give you a similar browsing experience to doing so without the VPN, but with all of the security aspects a VPN provides.
You can, if you’re careful and know what to watch out for, connect to the Internet on public Wi-Fi hotspots with some safety. Using a VPN is, by far, the easiest and most comprehensive way to keep your data safe and secure if you must use public Wi-Fi.
