LifeHacker had an excellent post entitled “How to Stay Safe on Public Wi-Fi Networks” last week. This was probably the most technical security-wise from a number of articles that have come out in recent days due to Starbucks now offering free wifi. Of course this isn’t the first time free wifi has been offered. At Starbucks you could always get two hours free with a registered Starbucks card. And McDonalds has been offering free wifi for about six months now. Additionally, establishments like Panera Bread and Silver Diner have had free wifi for years. So why the big fuss with Starbucks? I don’t really have a clue. Perhaps it’s that they are just everywhere and it will make quick Internet access a little more accessible.
(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under News. [email protected]grecs)
Regardless, one thing that I like about this fuss over all these Starbucks free wifi articles, especially the LifeHacker one, is the focus on using these connections securely. It’s really helping raise security awareness among average users who use these free services. Every post has at least one section that discusses the potential risks of using these connections and how to protect yourself. We, as security professionals, are familiar with many techniques an attacker can use for sniffing sensitive network traffic or attacking computers connected to the same wifi router. Typical precautions include technical advice such as enabling/locking down your firewall, using application specific secured proxies, and implementing VPN connections as well as user behavior suggestions like not performing sensitive transactions over free wifi connections.
If you could only do one of the many suggested security precautions, I’d say the most important is probably to immediately connect to a VPN server. In many cases this not only protects your network communications from being sniffed but also typically works as a decent firewall in most VPN client implementations.
Do you think VPNs provide the best bang-for-the-buck security-wise? If not, which security precautions would you recommend over VPNs? If so, what type of VPN services do you use when taking advantage of free public wifi hotspots? Let us know in the comments below.
Anyway, thanks to Starbucks and happy free wifi-ing… See ya!