Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


43 posts

Geek


Topic # 190697 9-Jan-2016 10:55
Send private message

I've been trying to find out if the Spark Free WiFi Zones are secure to use, or whether you have to be very wary. Seems to me that as long as someone can connect they can also then see all the traffic on that WiFi transmitter. (But, I don't really know this subject that well, so I am guessing)

Do you need to be careful, or are they safe?

Create new topic
730 posts

Ultimate Geek
+1 received by user: 234

Trusted
Subscriber

  Reply # 1466477 9-Jan-2016 12:24
One person supports this post
Send private message

Personally, I'd be very careful about what I used ANY form of "Free" WiFi for.

Basically, if you didn't need to type a password to connect to the WiFi hotspot in the first place, then the transmissions over the air are unencrypted and can be snooped by any theoretical "bad people".  Having to use a passphrase/password to even connect in the first place means there is some security on the over-the-air component, but your session can still be snooped by the people who run the WiFi point should they so choose.  Of course, the ISP could (theoretically) snoop the data regardless...

If you're then running an HTTPS session over the top of any connection, then there is more encryption at that layer, so that individual data transfer is somewhat safer.  "Somewhat", because there are a number of ways of bypassing that, too.

I guess you need to assess the risk for yourself. I wouldn't be using my Internet Banking over "free" WiFi under any circumstances; Facebook over an HTTPS session on a phone-app / browser that was already signed in (so using a cookie to authenticate rather than a password) would probably be more acceptable (to me).



43 posts

Geek


  Reply # 1466480 9-Jan-2016 12:30
Send private message

Thank you! That pretty much confirms my suspicion. I will take care

Cheers
Brett

459 posts

Ultimate Geek
+1 received by user: 83


  Reply # 1466853 10-Jan-2016 07:45
2 people support this post
Send private message

I always use tor or VPN when connecting to wifi hotspots these days. It's trivial to snoop on traffic, even https traffic (sslstrip etc)

606 posts

Ultimate Geek
+1 received by user: 28


  Reply # 1467240 10-Jan-2016 20:48
3 people support this post
Send private message

Why can't they just switch to using Hotspot 2.0 authentication, its a standard defined by the wifi alliance back in 2011 and is designed to address all these problems of connecting to open wifi.  At the very least I think spark should be broadcasting a second ssid requiring eap-tls with client isolation, and you simply login with your spark account.

'That VDSL Cat'
8103 posts

Uber Geek
+1 received by user: 1693

Trusted
Spark
Subscriber

  Reply # 1467259 10-Jan-2016 21:41
Send private message

any public wifi be it secured or open, im always mindful of.

majority of the time i will straight out use my mobile data over it, and when i am in the situation where i do actually end up using, ill generally be tunnelling my traffic - im just a little paranoid like that, like to know at least to the endpoint of my choosing, my data is untouched. 




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


17 posts

Geek


  Reply # 1467701 11-Jan-2016 15:46
Send private message

use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.

'That VDSL Cat'
8103 posts

Uber Geek
+1 received by user: 1693

Trusted
Spark
Subscriber

  Reply # 1467720 11-Jan-2016 15:54
Send private message

Shakingaj: use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.


now if only wifi had singles like train tracks to tell you when your being snooped on!




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


What does this tag do
955 posts

Ultimate Geek
+1 received by user: 194

Subscriber

  Reply # 1467758 11-Jan-2016 16:28
Send private message

Any sites using SSL you should generally be OK (people could see the domains of the sites you are accessing but that should be all)

The biggest thing to be careful about is not logging into any websites that aren't HTTPS, and making sure your device isn't checking IMAP or POP email without encryption (how many people have it set up)

EDIT: On any sites of value I always check the padlock to view the certificate path to make sure the certificate was issued by a trusted CA and isn't being spoofed by a dodgy root or intermediate CA

12606 posts

Uber Geek
+1 received by user: 5916

Trusted

  Reply # 1467761 11-Jan-2016 16:31
One person supports this post
Send private message

I never use public WiFi for anything outside of basic browsing




Mike
Retired IT Manager. 
The views stated in my posts are my personal views and not that of any other organisation.

 

 It's our only home, lets clean it up then...

 

Take My Advice, Pull Down Your Pants And Slide On The Ice!

 

 


Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Hawaiki Transpacific cable ready-for-service
Posted 20-Jul-2018 11:29


Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.