We agree that public, open WiFi networks totally cannot be trusted. And that compromised routers can be used to wiretap all your communications. But we’d also say that in most cases your credit card numbers and banking info are pretty safe, even with someone watching all of your communications over the wire.
Why? The keyword is HTTPS.
The HTTPS protocol encrypts messages sent between your device and the server and ensures end-to-end transport security. What that means is that people can look at the messages exchanged between your device and the server, but all they see is random bytes. They cannot extract useful information out of the stream of bytes flowing through.
How do you know that HTTPS is being used? Simply check the green lock on the left of the URL address bar.
Who’s using HTTPS? Google, Facebook, Instagram, your bank, your credit card company, your company’s payroll, your insurance company, your ISP’s web site, even YouTube and Vimeo! Basically, almost every web site that matters.
So what’s all the fuss about your personal information being stolen? Well, there’s a small possibility that you might have mistyped your bank’s URL, and the mistyped URL happens to be a website created by some bad guy, and it serves a valid SSL certificate that matched the mistyped domain name. There’s also a possibility that a bad guy redirected you to a plain HTTP URL (a technique called sslstrip).
You should be pretty safe if you:
You might have seen the suggestion that you should remember to turn off Windows Network Discovery and file sharing when you connect a Windows PC to a public WiFi hotspot. But Windows has already figured it out for you. When you connect to a new WiFi network, Windows will ask you if the connection is Public, Home, or Work.
When you connect to a public WiFi, you should choose Public. And when Pubic is chosen, Windows automatically turns off file sharing.
For apps on your smartphone, there’s no green lock to look at so there’s no sure way to tell if an app is using HTTPS/SSL encrypted communication behind scenes. If you are really cautious, you should not connect your smartphone to public WiFi hotspots.
Even so, we speak with high confidence that security sensitive apps (such as your bank’s) will not use insecure communication protocols when talking back to servers. Therefore, you should be safe using your bank’s app, even on a public WiFi connection. Ask the app developer if you wan to be sure.
If you use the pcWRT router, there’s a simple way to check out if there are insecure apps on your smartphone. Here’s how:
Certainly. Connecting to a VPN is the easiest way to make sure you have a secure connection at all times. Remember though, with a VPN connection you are simply shifting your trust to the VPN service provider. Make sure you pick a trustworthy VPN service.
With the pcWRT router, you can easily set up a VPN server at home and connect to it when you are away from home. In our opinion this is the best solution. Not only you solve the trust problem with a VPN server under you control, it’s also free!
* WireGuard® is a registered trademark of Jason A. Donenfeld.