Is becoming more common that we We connect to the Internet from your smartphone When we are away from home, in public places such as restaurants, bars, hotels, airports, or simply when we go by public transport or walking down the street. As data rates are often scarce and expensive, many choose to access the network through free WiFi hotspots rather than through the networks of the operators (3 G, 4 G, etc).
The problem? So that the safety of these seemingly harmless connections is not as good as we would like and can even that the network is designed on purpose to steal data Personal. Then we will review the problems that we can have by connect to public Wi-Fi networks and their possible solutions.
Imagine the following situation: we are quietly sitting on the terrace of a bar or waiting to take off our plane and decided to connect us to the Internet to read the mail. As we do not want to spend mega we look for one free WiFi network and indeed we find it, with a SSID (network name or Service Set IDentifier) that seems legal, since it has the same name of the place in which we are.
It is usual that we connect to this network, since the SSID appears to trust, which can be a big mistake. Why? Maybe because We cannot be sure that this network really belongs to who believe. It may have been created by third parties hoping to capture unwary who evade them personal data such as passwords, credentials, bank accounts access to social networks, etc..
The hunt for the unwary surfer
How is this possible? To start because behind an attractive network ID you don’t have to be a reputable company. It is our duty and responsibility to verify who is. But in addition, because as WiFi networks they support roaming, if an attacker configures an access point with the same name (SSID), key and encryption, our smartphone will believe it is one node of the network and will connect to it automatically when you receive it with greater signal power than the original.
Europol (the European Union Police Agency) already concienciaba us several months on this type of hazards and special emphasis on the so-called man-in-the-middle attacks they are being increasingly used to steal valuable information from our smart phones and that they may even lead to theft or identity theft.
This type of attack is basically confused to the mobile terminal or to the router that the WiFi network in a way that provides both send their data to the attacker believing that it is the actual recipient and forwarding them also to the real destination, to go unnoticed.
Thus, the attacker would be in the middle of a communication, with access to all the data being exchanged both devices, and may from capture passwords of bank accounts and other payment systems online to get our credentials in social networks, email, etc..
What options do I have to be sure?
This situation most immediately is to think about stop forever using public WiFi networks and thus avoiding the problem. It is a choice, although too exaggerated. In fact just that I should take a few precautions. For starters, that avoid using them for banking transactions and for activities in which we have to give personal data.
We must also make sure only connect to access points that we know who owns, disable the auto-reconnect to WiFi networks in the mobile and always use some type of encryption in data, choosing always the strongest enabling us to the router and the phone: WPA2-PSK, WPA-PSK and WEP last-resort.
Ideally, if we want to check a web site where you have to login with our credentials, it is important that we can check that we are using the secure HTTP protocol (https://). Now increasingly more sites opt to implement this type of security on their pages, but not all.
Therefore, if the website or service does not support this Protocol also we can opt for other options. The simplest is make us an alternative digital identity (account mail, user on Facebook, etc.) with which we always connect to the public WiFi. It is the simplest choice and although we can not access all the services (such as banks) with all the privileges, nor will be safe from prying eyes, we will at least guarantee that steal us data we will not lose anything important.
But if we want to be sure of truth (or almost, because there is no really infallible method), it is best to choose to create our own virtual private network (VPN), which are very useful in hostile environments. Why? Maybe because allow “isolating” our insecure network terminal and insert it into another with greater guarantees of privacy thanks to the automatic encryption of data packets.
It is normal that VPN networks are contracted with third-party companies that will give us data configuration and access that we have to introduce later in mobile or tablet, although many modern high-end routers also provide the option to mount your own VPN network. In addition, we will have to configure some parameters in the phone so that everything works correctly. For example, here’s the tutorial on how to do this here on iOS and Android.
As we see, public Wi-Fi networks can reach assume more than one headache for any user that connects casually and without knowing the real dangers that may be behind them. Although we can take some precautions to improve the protection of our valuable data, the best of all is use common sense and not trust us never make important connections in public places. I.e., if you are in the street and you can wait a little to enter your bank, make payments, or access to other web sites of importance, better do it and access from home or from a trusted network.