This is why you should be cautious using public Wi-Fi

The ubiquity of public Wi-Fi makes it easy for smartphone users to lighten their data usage, get some work done on the go or keep in contact while travelling but it also opens the doorway to nefarious hackers gunning for your personal information.

Paul Van Oorschot, professor and Canada Research Chair in authentication and computer security at Carleton University, says that while you can expect decent connectivity and security from major Internet service providers like Shaw or Rogers, public Wi-Fi where you’re not paying for the service can be “more worrisome.”

“Most of them are not malicious or anything but their networks can get compromised and they might not even be aware,” says Van Oorschot.

He points out that Internet users typically want a connection from their device – laptop, smartphone, etc… – directly to a website with the “https://” in the address bar to signify a secure “end-to-end” connection.

“The danger with public Wi-Fi is you’re going from your client machine to an access point and from the wireless access point they are then connecting to the website,” he says adding that it opens them up to hackers stealing their information.

A recent study of 1,000 Canadians by anti-virus maker Norton and parent company Symantec found that while 89 per cent of Canadians use public Wi-Fi, 29 per cent say they can’t tell the difference between secured and un-secured Wi-Fi. Further to that, more than one quarter don’t know how to protect their information when using public Wi-Fi.

“‘Secure Wi-Fi’ is kind of a misnomer and creates a false sense of security,” David Lee, Norton product manager for mobile told Yahoo Canada Finance. He points out that while secure Wi-Fi typically refers to a password protected Wi-Fi point, it’s only as good as the password itself. “If you’re at a local coffee shop and everyone else has that password, then is it really ‘secure?’ ”

He points out that some wireless networks use older or more archaic standards for encryption, a big no-no in a sphere where cyber threats are rapidly evolving to stay one step ahead of security measures.

“One of the first types of encryption for wireless networking – Wireless Encryption Protocol (WEP) – was found to be weak and easily susceptible to hackers,” he explains. “Wi-Fi Protected Access (WPA) was intended to replace WEP as the standard for wireless networking devices, but it also was found to have weaknesses – given their flaws, users are especially at risk when connected to a wireless network that uses these encryption protocols.”

To augment these deficiencies, the IT security-focused brand has released Norton WiFi Privacy, a subscription-based app that encrypts your data sent over public Wi-Fi network be it logging into social media or Internet banking. The app costs US$29.99 annually.

The app is just one of many virtual private networks (VPN) out there for consumers to use.

“One of the best ways to protect yourself on unsecured Wi-Fi networks is to use a personal VPN,” says Lee. “Using a VPN is an easy way to protect your data as it’s transmitted – almost like a secured code that only you and your VPN share.”

If you don’t have a VPN, Van Oorschot recommends avoiding sending any sensitive information over public Wi-Fi.

“You either cross your fingers or choose not to use it,” he says.