Online security tools
I usually on public wifis while traveling, and, after reading a few shocking stories of how people get hacked through these open networks, I got concerned. I already own Surfshark, Bitdefender and Lastpass, but is it enough? Do I need something like TOR?
|
Probably not.
Even if you're doing online banking on airport wifi, the more likely ways you're going to get hacked are:
|
Moderator's Action
The Practical safety and Security Issues forum is for discussing topics directly related to travel, including security screening, travel documents, customs and immigration, personal safety during transportation and in hotels, and securing personal property while traveling.
Discussions of cyber security and safeguarding computers, cell phones and other electronics from hackers and malware belong in the Travel Technology forum. Please follow this thread as if moves there. TWA884 Travel Safety/Security co-moderator |
Completely agree. That said, VPNs are so inexpensive nowadays, and I appreciate the peace of mind it gives me to use one when using public wifi
Originally Posted by der_saeufer
(Post 31381688)
Probably not.
Even if you're doing online banking on airport wifi, the more likely ways you're going to get hacked are:
|
Originally Posted by PackingIt
(Post 31387649)
Completely agree. That said, VPNs are so inexpensive nowadays, and I appreciate the peace of mind it gives me to use one when using public wifi
|
Originally Posted by PackingIt
(Post 31387649)
Completely agree. That said, VPNs are so inexpensive nowadays, and I appreciate the peace of mind it gives me to use one when using public wifi
There are are a few different concerns at hand here, and vpn probably isn’t solving the problem you think you are trying to solve. But as my friend says, you do you. |
Trust me, I will 😉 But more seriously, it is not hard to research VPN providers and determine your own level of trust. Additionally, a VPN can be very handy when traveling out of the country and needing to connect to services as if you are still in that country.
Originally Posted by gfunkdave
(Post 31389870)
As long as you trust the VPN provider. Using a vpn is just trading trust from the local isp to the vpn provider. Either way it’s irrelevant if you’re using TLS, which you should be in this day and age of https being more of a standard. There are are a few different concerns at hand here, and vpn probably isn’t solving the problem you think you are trying to solve. But as my friend says, you do you. |
Originally Posted by der_saeufer
(Post 31381688)
Probably not.
Even if you're doing online banking on airport wifi, the more likely ways you're going to get hacked are:
Note, for #1 above, I, personally, don't type critical things where people can easily see them without being noticed, and my laptop always has a security screen on it which minimizes the "over the shoulder" viewers. But unlike the average person, I lean very far to the paranoid side of situational awareness. For 2, there's NOTHING you can do to mitigate that, so it's not a concern at all. For 3, that's why I use LastPass and a purely random password for every single account I have. |
Originally Posted by Dread Pirate Jeff
(Post 31408573)
This is probably true, but aside from the obvious benefit of location swapping to use Geo-locked things, a VPN is kinda like a condom. Sure, the chances of you getting an STD from connecting to that random free public hotspot in $RANDOM_CAFE is pretty slim, but why take the chance? .
*assuming you are like 99.9% of the population and a nation state's intelligence service isn't after you |
Originally Posted by gfunkdave
(Post 31411038)
Connecting to a network is not going to give you malware*. That's just plain silly.
*assuming you are like 99.9% of the population and a nation state's intelligence service isn't after you That said though, the actual point was that you can't know or really vet that MyCafeWifi and MyCafeWifi are both legit, or know that one is legit and the other is someone doing a MITM faking an access point. So using a VPN when you do connect to MyCafeWifi is just an added layer of protection. As for the assumption... I hope so, but you don't necessarily have to think you're a surveillance target, for instance, maybe the Chinese intelligence apparatus can decrypt traffic passing through my VPN, and likely they do not care, but when I'm in China I absolutely do not connect to anything without a VPN running. Fun experiment. Go to a hotel with a travel router and give your travel router an SSID that is eerily similar to the legit hotel WiFi. Maybe something like "Marriott_Guest" vs "Marriott-Guest" and then just wait and see how many people try connecting to it unaware that it's not the right AP. But yeah, 99% of all people really do have little to worry about that TLS doesn't already address, and like I said, personally I lean more to the paranoid side of things. |
Originally Posted by Dread Pirate Jeff
(Post 31412991)
Of course not, the malware comes from the token rings...
That said though, the actual point was that you can't know or really vet that MyCafeWifi and MyCafeWifi are both legit, or know that one is legit and the other is someone doing a MITM faking an access point. So using a VPN when you do connect to MyCafeWifi is just an added layer of protection. As for the assumption... I hope so, but you don't necessarily have to think you're a surveillance target, for instance, maybe the Chinese intelligence apparatus can decrypt traffic passing through my VPN, and likely they do not care, but when I'm in China I absolutely do not connect to anything without a VPN running. Fun experiment. Go to a hotel with a travel router and give your travel router an SSID that is eerily similar to the legit hotel WiFi. Maybe something like "Marriott_Guest" vs "Marriott-Guest" and then just wait and see how many people try connecting to it unaware that it's not the right AP. But yeah, 99% of all people really do have little to worry about that TLS doesn't already address, and like I said, personally I lean more to the paranoid side of things. |
Out of curiosity, what VPNs do you use when connecting from McD or Starbucks (DataValet...a managed wifi service)? Up here, if I am using one of the "big-box" free Wifi, I find PIA and Nord won't connect. I haven't really researched it, but I'm curious if anyone has already figured out a way to make the two work together.
|
Originally Posted by gfunkdave
(Post 31414975)
As you said, TLS addresses the MITM issues you raise. Use a VPN if you want; as far as I'm concerned they are a waste of money unless you're trying to access something the local network forbids (like getting through the Great Firewall) or want to appear to be in a different place because of geographic restrictions on what you're trying to access.
|
Originally Posted by gfunkdave
(Post 31414975)
As you said, TLS addresses the MITM issues you raise.
It's a few years old and there have been improvements, but this post from a similar thread here a few years ago explains some of the issues, even with SSL/TLS. |
Try using OpenVPN using TCP and port 443.
Originally Posted by StuckInYYZ
(Post 31418821)
Out of curiosity, what VPNs do you use when connecting from McD or Starbucks (DataValet...a managed wifi service)? Up here, if I am using one of the "big-box" free Wifi, I find PIA and Nord won't connect. I haven't really researched it, but I'm curious if anyone has already figured out a way to make the two work together.
|
All times are GMT -6. The time now is 12:58 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.