Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


BrettOnTheNet

75 posts

Master Geek


#190697 9-Jan-2016 10:55
Send private message

I've been trying to find out if the Spark Free WiFi Zones are secure to use, or whether you have to be very wary. Seems to me that as long as someone can connect they can also then see all the traffic on that WiFi transmitter. (But, I don't really know this subject that well, so I am guessing)

Do you need to be careful, or are they safe?

Create new topic
jamesrt
1242 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1466477 9-Jan-2016 12:24
Send private message

Personally, I'd be very careful about what I used ANY form of "Free" WiFi for.

Basically, if you didn't need to type a password to connect to the WiFi hotspot in the first place, then the transmissions over the air are unencrypted and can be snooped by any theoretical "bad people".  Having to use a passphrase/password to even connect in the first place means there is some security on the over-the-air component, but your session can still be snooped by the people who run the WiFi point should they so choose.  Of course, the ISP could (theoretically) snoop the data regardless...

If you're then running an HTTPS session over the top of any connection, then there is more encryption at that layer, so that individual data transfer is somewhat safer.  "Somewhat", because there are a number of ways of bypassing that, too.

I guess you need to assess the risk for yourself. I wouldn't be using my Internet Banking over "free" WiFi under any circumstances; Facebook over an HTTPS session on a phone-app / browser that was already signed in (so using a cookie to authenticate rather than a password) would probably be more acceptable (to me).

Affiliate link
 
 
 

Affiliate link: Trade NZ and US shares and funds with Sharesies.
BrettOnTheNet

75 posts

Master Geek


  #1466480 9-Jan-2016 12:30
Send private message

Thank you! That pretty much confirms my suspicion. I will take care

Cheers
Brett

Noodles
487 posts

Ultimate Geek


  #1466853 10-Jan-2016 07:45
Send private message

I always use tor or VPN when connecting to wifi hotspots these days. It's trivial to snoop on traffic, even https traffic (sslstrip etc)



gareth41
704 posts

Ultimate Geek


  #1467240 10-Jan-2016 20:48
Send private message

Why can't they just switch to using Hotspot 2.0 authentication, its a standard defined by the wifi alliance back in 2011 and is designed to address all these problems of connecting to open wifi.  At the very least I think spark should be broadcasting a second ssid requiring eap-tls with client isolation, and you simply login with your spark account.

hio77
'That VDSL Cat'
12970 posts

Uber Geek

ID Verified
Trusted
Voyager
Subscriber

  #1467259 10-Jan-2016 21:41
Send private message

any public wifi be it secured or open, im always mindful of.

majority of the time i will straight out use my mobile data over it, and when i am in the situation where i do actually end up using, ill generally be tunnelling my traffic - im just a little paranoid like that, like to know at least to the endpoint of my choosing, my data is untouched. 




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


Shakingaj
17 posts

Geek


  #1467701 11-Jan-2016 15:46
Send private message

use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.

hio77
'That VDSL Cat'
12970 posts

Uber Geek

ID Verified
Trusted
Voyager
Subscriber

  #1467720 11-Jan-2016 15:54
Send private message

Shakingaj: use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.


now if only wifi had singles like train tracks to tell you when your being snooped on!




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 




jnimmo
What does this tag do
1057 posts

Uber Geek

Subscriber

  #1467758 11-Jan-2016 16:28
Send private message

Any sites using SSL you should generally be OK (people could see the domains of the sites you are accessing but that should be all)

The biggest thing to be careful about is not logging into any websites that aren't HTTPS, and making sure your device isn't checking IMAP or POP email without encryption (how many people have it set up)

EDIT: On any sites of value I always check the padlock to view the certificate path to make sure the certificate was issued by a trusted CA and isn't being spoofed by a dodgy root or intermediate CA

MikeB4
17167 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #1467761 11-Jan-2016 16:31
Send private message

I never use public WiFi for anything outside of basic browsing

Create new topic





News and reviews »

Belkin Screenforce Tempered Glass Screen Protector and Bumper - Apple Watch
Posted 15-Aug-2022 17:20


Samsung Introducing Galaxy Z Flip4 and Galaxy Z Fold4
Posted 11-Aug-2022 01:00


Samsung Unveils Health Innovations with Galaxy Watch5 and Galaxy Watch5 Pro
Posted 11-Aug-2022 01:00


Google Bringing First Cloud Region to Aotearoa New Zealand
Posted 10-Aug-2022 08:51


ANZ To Move to FIS Modern Banking Platform
Posted 10-Aug-2022 08:28


GoPro Hero10 Black Review
Posted 8-Aug-2022 17:41


Amazon to Acquire iRobot
Posted 6-Aug-2022 11:41


Samsung x LIFE Picture Collection Brings Iconic Moments in History to The Frame
Posted 4-Aug-2022 17:04


Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media
Posted 4-Aug-2022 16:50


Microsoft Announces New Solutions for Threat Intelligence and Attack Surface Management
Posted 3-Aug-2022 21:54


Seagate Addresses Hyperscale Workloads with Enterprise-Class Nytro SSDs
Posted 3-Aug-2022 21:50


Visa Launching Eco-friendly Payment Solutions in New Zealand
Posted 3-Aug-2022 21:48


NCR Delivers Services to Run Bank of New Zealand ATM Network
Posted 30-Jul-2022 11:06


New HP Portfolio Supports New Era of Hybrid Work
Posted 28-Jul-2022 17:14


Harman Kardon Launches Citation MultiBeam 1100 Soundbar
Posted 28-Jul-2022 17:10









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup