Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




40 posts

Geek


Topic # 190697 9-Jan-2016 10:55
Send private message

I've been trying to find out if the Spark Free WiFi Zones are secure to use, or whether you have to be very wary. Seems to me that as long as someone can connect they can also then see all the traffic on that WiFi transmitter. (But, I don't really know this subject that well, so I am guessing)

Do you need to be careful, or are they safe?

Create new topic
633 posts

Ultimate Geek
+1 received by user: 177

Trusted
Subscriber

  Reply # 1466477 9-Jan-2016 12:24
One person supports this post
Send private message

Personally, I'd be very careful about what I used ANY form of "Free" WiFi for.

Basically, if you didn't need to type a password to connect to the WiFi hotspot in the first place, then the transmissions over the air are unencrypted and can be snooped by any theoretical "bad people".  Having to use a passphrase/password to even connect in the first place means there is some security on the over-the-air component, but your session can still be snooped by the people who run the WiFi point should they so choose.  Of course, the ISP could (theoretically) snoop the data regardless...

If you're then running an HTTPS session over the top of any connection, then there is more encryption at that layer, so that individual data transfer is somewhat safer.  "Somewhat", because there are a number of ways of bypassing that, too.

I guess you need to assess the risk for yourself. I wouldn't be using my Internet Banking over "free" WiFi under any circumstances; Facebook over an HTTPS session on a phone-app / browser that was already signed in (so using a cookie to authenticate rather than a password) would probably be more acceptable (to me).



40 posts

Geek


  Reply # 1466480 9-Jan-2016 12:30
Send private message

Thank you! That pretty much confirms my suspicion. I will take care

Cheers
Brett

 
 
 
 


457 posts

Ultimate Geek
+1 received by user: 83


  Reply # 1466853 10-Jan-2016 07:45
2 people support this post
Send private message

I always use tor or VPN when connecting to wifi hotspots these days. It's trivial to snoop on traffic, even https traffic (sslstrip etc)

596 posts

Ultimate Geek
+1 received by user: 25


  Reply # 1467240 10-Jan-2016 20:48
3 people support this post
Send private message

Why can't they just switch to using Hotspot 2.0 authentication, its a standard defined by the wifi alliance back in 2011 and is designed to address all these problems of connecting to open wifi.  At the very least I think spark should be broadcasting a second ssid requiring eap-tls with client isolation, and you simply login with your spark account.

'That VDSL Cat'
6781 posts

Uber Geek
+1 received by user: 1288

Trusted
Spark
Subscriber

  Reply # 1467259 10-Jan-2016 21:41
Send private message

any public wifi be it secured or open, im always mindful of.

majority of the time i will straight out use my mobile data over it, and when i am in the situation where i do actually end up using, ill generally be tunnelling my traffic - im just a little paranoid like that, like to know at least to the endpoint of my choosing, my data is untouched. 




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


17 posts

Geek


  Reply # 1467701 11-Jan-2016 15:46
Send private message

use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.

'That VDSL Cat'
6781 posts

Uber Geek
+1 received by user: 1288

Trusted
Spark
Subscriber

  Reply # 1467720 11-Jan-2016 15:54
Send private message

Shakingaj: use a vpn for any banking or social media. WhatsApp is encrypted (so I gather) so you can send messages without a VPN but anything else I wouldn't do.

I am not sure how prevalent wifi snooping is here. But theoretical or not why take a chance. It's like crossing rail tracks without checking if a train is speeding your way.


now if only wifi had singles like train tracks to tell you when your being snooped on!




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


What does this tag do
865 posts

Ultimate Geek
+1 received by user: 164

Subscriber

  Reply # 1467758 11-Jan-2016 16:28
Send private message

Any sites using SSL you should generally be OK (people could see the domains of the sites you are accessing but that should be all)

The biggest thing to be careful about is not logging into any websites that aren't HTTPS, and making sure your device isn't checking IMAP or POP email without encryption (how many people have it set up)

EDIT: On any sites of value I always check the padlock to view the certificate path to make sure the certificate was issued by a trusted CA and isn't being spoofed by a dodgy root or intermediate CA

Onward
11429 posts

Uber Geek
+1 received by user: 5143

Trusted
Subscriber

  Reply # 1467761 11-Jan-2016 16:31
One person supports this post
Send private message

I never use public WiFi for anything outside of basic browsing




Mike
Retired IT Manager. 
The views stated in my posts are my personal views and not that of any other organisation.

 

 It's our only home, lets clean it up then...

 

Take My Advice, Pull Down Your Pants And Slide On The Ice!

 

 


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Mobile market competition issues ComCom should watch
Posted 18-Dec-2017 10:52


New Zealand government to create digital advisory group
Posted 16-Dec-2017 08:47


Australia datum changes means whole country moving 1.8 metres north-east
Posted 16-Dec-2017 08:39


UAV Traffic Management Trial launching today in New Zealand
Posted 12-Dec-2017 16:06


UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55


2018 Cyber Security Predictions
Posted 7-Dec-2017 14:55


Global Govtech Accelerator to drive public sector innovation in Wellington
Posted 7-Dec-2017 11:21


Stuff Pix media strategy a new direction
Posted 7-Dec-2017 09:37


Digital transformation is dead
Posted 7-Dec-2017 09:31


Fake news and cyber security
Posted 7-Dec-2017 09:27


Dimension Data New Zealand strengthens cybersecurity practice
Posted 5-Dec-2017 20:27


Epson NZ launches new Expression Premium Photo range
Posted 5-Dec-2017 20:26


Eventbrite and Twickets launch integration partnership in Australia and New Zealand
Posted 5-Dec-2017 20:23



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.