The majority of networks we access, websites we visit, and protocols we use cannot keep us safe online. As a result, it all comes down to individuals who need to build their defenses. In this article, we will go through the things you need to stay safe while using public Wi-Fi.
First, check is your device safe to begin with. Use strong passwords and perform a virus scan with your antivirus software. Implement two-factor authentication on all of your accounts and enable login alerts for your financial accounts.
1. Stay up to date
Web browser bugs, TLS/SSL vulnerabilities, Wi-Fi authentication protocol vulnerabilities, and application and OS vulnerabilities should be all patched before going into others’ networks.
Keep your various device operating systems and apps up-to-date, as well as all your other devices, like home routers, printers, and smart devices, as these can become vectors of attack for different devices and online accounts.
After updates are installed, it is typically necessary to restart applications like web browsers (or, in the case of OS updates, even the entire device) actually to apply those updates.
2. Cover your attack surface
Before even contemplating about connecting to a public network, first think about how you will protect your device from attack.
You need to ensure no artificial network-accessible services or file shares are running on your computer and that a firewall is installed and properly configured.
Limiting the number of applications installed and uninstalling no-longer-used applications is a nice additional step to reduce the attack surface. Another best practice is to keep an (offline) list of all accounts you own, so that you do not forget about them or any information associated with them, and to periodically review the list for accounts you no longer use and deactivate them.
3. Prevent interference
Before connecting to a public network, you need to arrive with countermeasures in place to prevent application data from being hijacked.
What you need is a trustworthy VPN solution, installing it, and configuring it properly so that it can be started immediately.
The VPN solution must be downloaded before connecting to a public network because an open network cannot be trusted to provide the ability to download software free of malware.
4. Avoid pineapples
Wi-Fi Pineapples are routers that offer hospitality, but the catch is that they are malicious hacking tools disguised as benign networks.
If a firewall and a VPN solution are both working correctly, a pineapple should have little to attack; but, as stated before, risk can be increased by captive portals, not to mention leaky VPN configurations.
The truth is that a malicious network can easily be disguised as a legitimate one, but even an authorized public network can have malicious actors connected to it.
5. Use browser plugins to patch the Web’s security holes
Let’s face it — over 25 percent of websites are visited without the use of encryption, and websites everywhere are tracking their users.
The web browser extensions HTTPS Everywhere, and Privacy Badger will help you browse the Web securely. Container extensions also exist to isolate better websites/tabs and their data from each other, which also can effectively block certain online trackers.
If you are a member of an at-risk group, such as an activist, reporter, or billionaire, you will benefit from stronger physical isolation between different types of online activities by utilizing separate, dedicated devices for sensitive operations. No level of virtual containment is as good as physical separation.
6. Understand and optimize your threat model
Each person has a different threat model defined by various circumstances. It can depend on high-value assets, places they are most vulnerable to attack, the most likely threats, and many other things. So make sure you ask yourself the right questions and protect yourself accordingly.
Staying safe on public networks and the Internet requires awareness and taking action.
Unfortunately, we still do not have a way that would provide a reasonably good user experience and the required security. But in order to stay safe, we have to take measures, even if they are a bit difficult to do.
Join us on social media and let’s continue the discussion. We are here for you!