Public WiFi is not Your Friend

Not long ago I ate at Sugar and Spice in Boquete. I noticed it was full of customers and all were using the Internet via laptop of cell phone.

I opened my phone and saw that there was an open WiFi server set up by Sugar and Spice. I continued to use my Cell Phone provider’s connection and ignored Sugar and Spice’s available connection.

I told the friend I was with that I never use public open WiFi. I explained why and told him since he was a regular there that he should advise S&S to enable a simple password to protect their clients.

Whether he has done that and they have changed or not, I have no idea.

Today, I came across this article in my daily reading.

It provides a very good explanation of the danger.

This is another reason I have ordered a Google Pixel. With the Pixel, Google is providing a builtin VPN that will be enabled in cases where you come upon open WiFi sites that are known.

You can’t be too secure these days, but you can become more secure by learning a little bit more. It still surprises me how many non secure WiFi sites are available in Panama. It may done in the name of simplicity, but when simplicity enables identity theft, it should be avoided.

UPDATE: I had posted this on Facebook Boquete News to insure that those in Boquete, who don’t follow this blog, could be made aware of the problem and inform the owner, if it had not been corrected.

However, the post on FB Boquete News was deleted, I have to assume because it was considered to be a negative inditement of a Boquete business. It was not. It was informational and I assumed some client would be willing to notify the owner as well as other businesses that provide similar non secure connections.

This appears to be another example of political correctness being more important than public safety.

12 thoughts on “Public WiFi is not Your Friend

  1. How does a VPN help protect you, Don? Doesn’t the unprotected router give others, on the network, access into your system anyway?

    If a VPN is useful, I suggest people try the Opera browser. It comes with a free VPN that you can easily turn on or off, with 1 click. And it is a fast browser and with limited users compared to the popular ones, probably less likely to be the target of hackers.

  2. If you use Apple products, Netshade is a good solution to your security issues. Both a VPN and Proxy server.

  3. Good article Don… let me share some thoughts…

    The problem is trust. While I agree that an open WiFi connection has it vulnerabilities, so does one with a password. In the example given, if Sugar & Spice were to put a password on their WiFi connection, it only takes the hacker a moment to get the password from Sugar & Spice, then connect and capture the packets within the local Sugar & Spice network. Regardless of what WiFi network you are connected to, it is possible for someone else that is connected to that same WiFi network to snoop.

    I have people tell me they do not use WiFi, they only use the data signal on their cell phone, so they would be safe. This is another fallacy. Your cell phone connects to the closest cell tower signal. A very cheap, yet illegal, device can be had that mimics a cell tower and captures all of the data transferring between it. It is called a man-in-the-middle attack.

    A VPN is a good step and has value because it keeps your data encrypted as it travels across the WiFi network or any network. However, that is not the end of the story. Your data is being encrypted ONLY to the other end point of the VPN. After that, it is in the clear as it travels around the Internet.

    For those that like a “free VPN”, I am of the opinion that you are fooling yourself. The company giving you the free VPN service is getting something out of it – most likely scanning your data as it is unencrypted at their end point and preparing to travel the rest of the way to its destination. This goes for all of those things that “include” a VPN service too.

    It it a matter of trust. If you are going to trust a VPN provider, I would want to pay for the service rather then wondering what they are doing with my data to be able to give me free service. It is still possible your data is getting captured but I know there is no such thing as a free lunch (VPN included).

  4. Great post it done, thank you. A question: is a Wi-Fi network secure if they just post the password on the wall is it any more secure than just an open network?

  5. Dan’s writeup has most of the information. At the moment you connect to a server that is open, all communication between the server and the client is in the open. If you connect to a server with a password all data flowing between your client device and the router becomes encrypted so data between your device and the router can’t be read. You are as safe as you consider yourself in your own home, other than you may be in the midst of thieves in a public place.

    When you use a VPN, it now encrypts everything between your device and the servers of the VPN. There are good and bad VPNs. You have to trust your VPN. And as Dan says, there is no free ride.

  6. There are a lot of old routers still installed in Panama. Ones using WEP. That protocol is not secure, so if the router uses it, the the answer is absolutely not. If the router (all new routers) is using WAP, then the answer should be yes.

    The only real way to feel secure using WiFi is in one’s own house and then you need to have used strong passwords for the connection.

    When you are unsure, you are better off using your cell provider network.

    Here is a link describing the different router protocols. http://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/

    I should also mention that routers can have software problems that require its internal software to be updated. Not all manufacturers provide updates. So there is another vulnerability you can worry about.

    You should also educate yourself between the difference in http// addresses and https// addresses. Connecting to an https:// address will bee encrypted from your device to the final destination.

    Lastly, an open wifi connection is the least secure connection to the Internet there is.

  7. Good information. It saddens me when people live if a fantasy world in reference their security and safety. At times even a “base ball bat” can’t people to look out for their safety. It’s all good though! Just sit back “and smile”.

  8. Marcopanama: “question: is a Wi-Fi network secure if they just post the password on the wall is it any more secure than just an open network?” The Wifi network is exactly as secure as your password. If it is not password protected it is not secure. If you have a password but tell it to everybody it is like having none. It’s like the key to your house. If you give a copy to everybody, it’s like having no locks at all. A cafè network with a password given to all clients is a bit safer than no protection at all, but a data thief just needs to buy a coffee in order to steal your data if the key is given to every client.
    The better way is using a VPN in your device. The built in VPNs from some smartphone builders or the free VPN from avast! are paid by them for marketing of their main products and IMO they would not take the chance to destroy their image by abusing your data by scanning and selling them, other than what is being done anyway by NSA without your knowledge..

    Don regarding WEP, this from an article from 2007:
    “Now it takes just three seconds to extract a 104-bit WEP key from intercepted data using a 1.7-GHz Pentium M processor. The necessary data can be captured in less than a minute, and the attack requires so much less computing power than previous attacks that it could even be performed in real time by someone walking through an office.

    Anyone using Wi-Fi to transmit data they want to keep private, whether it’s banking details or just e-mail, should consider switching from WEP to a more robust encryption protocol, the researchers said.”

  9. Hi Pueblopablo3. I am always amased how mny people in Boquete prefer not using their own name when they comment.

    You are correct. A experienced data thief, with the right software and snoop on your traffic, if he is signed onto the same wifi network. The point was to raise awareness that using any WiFi public network is risky and much more risky if there is no data encryption. That is another reason people need to understand the difference between http:// and https://.

    Here is a good article worth reading. http://www.howtogeek.com/204335/warning-encrypted-wpa2-wi-fi-networks-are-still-vulnerable-to-snooping/

    Maybe this will also alert people that they need to better secure their home WiFi networks.

    Related to WEP, like I said, anyone using a router with WEP security, should through it in the trash.

    Thanks for taking the time to comment. Oh, and since you understand the problems, and live in Boquete, maybe you should check out all of the tourist areas there, providing free WiFi, and help them improve their client’s privacy.

  10. Don I think it is absolutely fine and normal that people not just from Boquete but all over the world do not use real names but nicknames. On the other hand I do not undersand why especially americans are so comfortable to post their names everywhere. You are talking here about data and privacy safety concerns and you are surprised to see a nickname at the same time? Regarding a password to a router or not doesn’t make a difference. It is good only for getting the access to the internet and that is it. I have never had problems anywhere being it in Conway or Sugar and Spice. I use any open wifi that exists. No big deal or story to write about or to make news in Boquete businesses.

Leave a Reply