The high price of free Wi-Fi: Here’s why you never connect to an insecure network
Let me set the scene for you: You’re on the go and you need to stop and get a coffee. You enter the coffee shop and the aroma is the first thing to entice you. Next, you see all the lovely people sitting around making deals, writing the great American novel, chatting, and just generally enjoying themselves. You then notice a sign that states, “Free Wi-Fi.”
You pull out your phone, open the network connection app and notice the wireless connection doesn’t have a password.
You connect to the wireless network and order your quad long shot grande in a venti cup half caff double cupped no sleeve salted caramel mocha latte with 2 pumps of vanilla substitute 2 pumps of white chocolate mocha for mocha and substitute 2 pumps of hazelnut for toffee nut half whole milk and half breve with no whipped cream extra hot extra foam extra caramel drizzle extra salt add a scoop of vanilla bean powder with light ice well stirred.
While the barista brews your ridiculously complicated order, you sit down and start using all that free Wi-Fi. You send email, you communicate to team members on Slack, send SMS messages to friends and family, check-in on Facebook, and tweet the single most profound statement Twitter has ever beheld.
Life is good.
You get your drink and continue on as though nothing can touch you.
Eventually, you leave and think nothing of your experience (other than how delicious the coffee was and how on point your Twitter game is).
Later that day (or maybe the next day) odd things begin to happen. Your phone isn’t working exactly as expected and you start receiving a deluge of what appears like harmless spam.
Okay, fine…all in a day’s existence, right?
But then you get a warning from your bank.
And you start seeing reactions to things you didn’t post or send.
You check in on your bank account to find your balance is at zero.
Panic sets in.
What happened? You’ve always been so careful with your bank account credentials and you never share that kind of information with anyone.
This can’t be real, can it?
It can and it most likely all started with you connecting to a simple password-less wireless network.
The truth is, you are not safe. Your information isn’t safe, your identity isn’t safe, your mobile devices aren’t safe. Because of this, you have to take every precaution you can, which means never (ever, ever) connecting to an insecure network.
Why are insecure networks so bad?
The simple truth is when you connect to insecure Wi-Fi, you open your device to anyone who is also connected to that same wireless network. But why is that so bad? So what if other people can see my device on the network?
Let me put this in simplest terms.
Not every application you use on your mobile device encrypts your data. That means you could be submitting usernames, passwords, and even text messages in plain text. What does that mean? Simple: When you use an app that works with encryption, any data you send or receive is encrypted in such a way that it’s very difficult to read. So instead of sending the plain text “password” (which you should never use), it’ll send something like this instead:
hQGMA0mnhEQQ+utUAQwAixnPWw4LcXk1Njq0zHc8RRYnlN1424RASIT+s0d9DAHe wIwzrLemIKo0Z97aZ97g0FdmlbWbPELt4Er7O0L/4ERvaWRhW3hf7WsipX0/PAVD Kz99IN/TT6srb6T08f6wpVCn4kuKl60Dl2630QvFxe4HtmbgzqnzqdUZ53sFknX4 TlRJw8K8lZ+/o5nW88JG+3MfKq/gd5eHIxDWLUZg5MDORhPy6FckeuF4ejWjKfzM WCkNP+IEq7trZ6/SH724HES8nHxIiaH9CaI1D7cHckR0cvF40Xo+rCIP9Qu6Ahax yOHqKmDhjfjV11H4MVZrhjn2zFI5jBahmUvZc0+JvtHuI/Bd26buo50Xg3co01em kog0P9GK/4TNMtIuxupiSMryNM0l18FjWzso6ojf662nF4nDpiUQmJVCcpRhSNHO twXM1tvmNSjN0OTf6hiU3tD4iE1N5FhTSkeq7Rz9DunraO7aILNArpt8ndbOssV5 gt5eWnsGMUR/7EK6htvA0kQBgHjl0o98rjTcvTF+pZtQSr3omSQTiafRXDxHBbT7 xbMWyNxWQ91PEDWuTtaMbqlDkxbUmqlFFJ6XgvyzqjsRqaTuCQ== =psm9
That, my friends, is encryption. And unless your applications are all using it, you’re sending plain text over a network that anyone can access. Once connected, a bad actor could use a sniffer to intercept your plain-text data packets and read them. And the tools used to capture those packages are readily available to anyone.
You might think this is just a warning that can be ignored at will. To that point, you would be right. This is a warning but it’s one you should heed. When you connect to insecure wireless networks, it’s only a matter of time before someone intercepts your data and you fall prey to any number of nefarious doings.
Here are the reasons why you should never connect to an insecure wireless network:
That’s really the only bullet point you need. And although I’d like to sugar-coat this for you, the truth of the matter is the longer you ignore this advice, the more at risk you are.
What can you do?
You might find yourself in a situation where you absolutely must connect to an insecure wireless network (maybe you’re out of data and have work to do). When you find yourself in such a situation, consider the possible options:
- Never send any passwords or sensitive information when connected to that insecure wireless network.
- Use a VPN (such as Tunnelbear) when connected to those insecure networks (as it will encrypt and anonymize your data).
- Use a more secure web browser (such as Brave or Firefox), so you can enable features like always use HTTPS and secure DNS.
- Enable secure DNS in your web browser of choice (so all of your searches are encrypted).
- Enable end-2-end encryption in the Android Messenger app (Settings > Chat features > Enable chat features) so all of your SMS messages are encrypted.
- Disable sharing features as needed (so you’re not opening your device up for even more unwanted connections from bad actors).
- Invest in an unlimited data plan for your phone, so you never have to bother with connecting to an insecure network.
Let’s break the above done. The absolute best path you can take is to invest in an unlimited data plan. Why? With an unlimited plan, you will never have a need to connect to an insecure wireless network (especially given how fast 5G speeds are). If, however, that’s not an option, I would highly suggest, at a minimum, you use a VPN every time you connect to an insecure network, work with a more secure browser and enable end-2-end encryption on your SMS apps. As you can see, other than only using your data plan, there’s no 1-step solution for this problem. And even when using your carrier data, you could up your security game by following the above advice.
The same thing holds true when using a laptop and is especially true when using a Windows-based laptop. If the location you’re working in only offers an insecure network, your best bet is to tether your laptop to your mobile device and use the phone’s data plan for connectivity.
I know the inclination is to roll your eyes at such warnings, but this is one you should take seriously. Do not connect to insecure wireless networks. Period. End. Of. Story. If you value your privacy and the security of your data, you will follow this advice to the letter.