Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




56 posts

Master Geek


#190697 9-Jan-2016 10:55
Send private message

I've been trying to find out if the Spark Free WiFi Zones are secure to use, or whether you have to be very wary. Seems to me that as long as someone can connect they can also then see all the traffic on that WiFi transmitter. (But, I don't really know this subject that well, so I am guessing)

Do you need to be careful, or are they safe?

Create new topic
985 posts

Ultimate Geek

Trusted
Lifetime subscriber

  #1466477 9-Jan-2016 12:24
Send private message

Personally, I'd be very careful about what I used ANY form of "Free" WiFi for.

Basically, if you didn't need to type a password to connect to the WiFi hotspot in the first place, then the transmissions over the air are unencrypted and can be snooped by any theoretical "bad people".  Having to use a passphrase/password to even connect in the first place means there is some security on the over-the-air component, but your session can still be snooped by the people who run the WiFi point should they so choose.  Of course, the ISP could (theoretically) snoop the data regardless...

If you're then running an HTTPS session over the top of any connection, then there is more encryption at that layer, so that individual data transfer is somewhat safer.  "Somewhat", because there are a number of ways of bypassing that, too.

I guess you need to assess the risk for yourself. I wouldn't be using my Internet Banking over "free" WiFi under any circumstances; Facebook over an HTTPS session on a phone-app / browser that was already signed in (so using a cookie to authenticate rather than a password) would probably be more acceptable (to me).



56 posts

Master Geek


  #1466480 9-Jan-2016 12:30
Send private message

Thank you! That pretty much confirms my suspicion. I will take care

Cheers
Brett

 
 
 
 


481 posts

Ultimate Geek


  #1466853 10-Jan-2016 07:45
Send private message

I always use tor or VPN when connecting to wifi hotspots these days. It's trivial to snoop on traffic, even https traffic (sslstrip etc)

643 posts

Ultimate Geek


  #1467240 10-Jan-2016 20:48
Send private message

Why can't they just switch to using Hotspot 2.0 authentication, its a standard defined by the wifi alliance back in 2011 and is designed to address all these problems of connecting to open wifi.  At the very least I think spark should be broadcasting a second ssid requiring eap-tls with client isolation, and you simply login with your spark account.

'That VDSL Cat'
12315 posts

Uber Geek

Trusted
Spark
Subscriber

  #1467259 10-Jan-2016 21:41
Send private message

any public wifi be it secured or open, im always mindful of.

majority of the time i will straight out use my mobile data over it, and when i am in the situation where i do actually end up using, ill generally be tunnelling my traffic - im just a little paranoid like that, like to know at least to the endpoint of my choosing, my data is untouched. 




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 


17 posts

Geek


  #1467701 11-Jan-2016 15:46
Send private message

use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.

'That VDSL Cat'
12315 posts

Uber Geek

Trusted
Spark
Subscriber

  #1467720 11-Jan-2016 15:54
Send private message

Shakingaj: use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.


now if only wifi had singles like train tracks to tell you when your being snooped on!




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 


 
 
 
 


What does this tag do
1026 posts

Uber Geek

Subscriber

  #1467758 11-Jan-2016 16:28
Send private message

Any sites using SSL you should generally be OK (people could see the domains of the sites you are accessing but that should be all)

The biggest thing to be careful about is not logging into any websites that aren't HTTPS, and making sure your device isn't checking IMAP or POP email without encryption (how many people have it set up)

EDIT: On any sites of value I always check the padlock to view the certificate path to make sure the certificate was issued by a trusted CA and isn't being spoofed by a dodgy root or intermediate CA

15203 posts

Uber Geek

Trusted
Subscriber

  #1467761 11-Jan-2016 16:31
Send private message

I never use public WiFi for anything outside of basic browsing




Mike
Change Management Consultant
The views stated in my posts are my personal views and not that of any other organisation.

 

He waka eke noa


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Menulog change colours as parent company merges with Dutch food delivery service
Posted 2-Jul-2020 07:53


Techweek2020 goes digital to make it easier for Kiwis to connect and learn
Posted 2-Jul-2020 07:48


Catalyst Cloud launches new Solutions Hub to support their kiwi Partners and Customers
Posted 2-Jul-2020 07:44


Microsoft to help New Zealand job seekers acquire new digital skills needed for the COVID-19 economy
Posted 2-Jul-2020 07:41


Hewlett Packard Enterprise introduces new HPE GreenLake cloud services
Posted 24-Jun-2020 08:07


New cloud data protection services from Hewlett Packard Enterprise
Posted 24-Jun-2020 07:58


Hewlett Packard Enterprise unveils HPE Ezmeral, new software portfolio and brand
Posted 24-Jun-2020 07:10


Apple reveals new developer technologies to foster the next generation of apps
Posted 23-Jun-2020 15:30


Poly introduces solutions for Microsoft Teams Rooms
Posted 23-Jun-2020 15:14


Lenovo launches new ThinkPad P Series mobile workstations
Posted 23-Jun-2020 09:17


Lenovo brings Linux certification to ThinkPad and ThinkStation Workstation portfolio
Posted 23-Jun-2020 08:56


Apple introduces new features for iPhone iOS14 and iPadOS 14
Posted 23-Jun-2020 08:28


Apple announces Mac transition to Apple silicon
Posted 23-Jun-2020 08:18


OPPO A72 a top mid-tier smartphone
Posted 19-Jun-2020 18:02


D-Link A/NZ launches new smart AX1500 Wi-Fi 6 Router
Posted 19-Jun-2020 15:03



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.