Holiday travel is about to be in full swing for the holidays, and we’re all going to be wading in dangerous waters as we seek WiFi to keep ourselves and our kids occupied while we move around. Paul Ducklin just put together a great blog post on Naked Security about a risk you should be aware of when connecting to these networks. He specifically talks about unsecured requests for information before you are allowed to reach the Internet. There are a couple of other scary things you should be aware of:
- Don’t forget that open, free, and no-password-required WiFi is about as wild west as you can get. When you connect to these networks, anything you do that is not encrypted can be seen by anyone near you.
- Just because you see the SSID “attwifi” doesn’t mean that it is operated by AT&T. So called Evil Twin SSIDs can capture your device so that bad guys can launch attacks against it.
If you are sitting in a coffee shop and need to transfer money using online banking (or your mobile banking app), you may be better served turning off WiFi and using the cellular data through your phone instead. If you have your laptop, use the HotSpot feature on your phone to let it ride those data rails. It’s neither perfect nor immune to attack, but it may be the safest way to get online this holiday season.