Like Tree4Likes

is using public wifi on my own laptop safe?

Closed Thread
Page 1 of 2 1 2 LastLast
  1. #1

    Join Date
    Aug 2013
    Posts
    29

    is using public wifi on my own laptop safe?

    was going to take my laptop to the wifi in Hong Kong public libraries. l heard that some wifi is unsafe, any information?
    saw http://news.yahoo.com/blogs/upgrade-...182159934.html and am even more paranoid
    perhaps just taking my smart phone to use the wifi?

    Last edited by lennox73; 09-09-2013 at 02:28 AM.

  2. #2

    Join Date
    Mar 2012
    Posts
    4,821

    Do you ever connect your phone to your laptop (maybe to backup your phone data)? If so then using your phone instead of your laptop won't stop nasty things happening.

    What exactly is it that you are afraid of?


  3. #3

    Join Date
    Sep 2008
    Posts
    3,677

    Generally public Wifi networks are not safe and you should not transmit any personal information across it. This includes any usernames and passwords, in particular any on-line banking information but also email or even forums like this here unless HTTPS is used for the entire session or you have a VPN. Public networks with WPA2 encryption are somewhat safe since the sessions are isolated.

    Last edited by Raccon; 09-09-2013 at 11:29 AM.
    huja likes this.

  4. #4

    Join Date
    Aug 2013
    Posts
    29
    Quote Originally Posted by Raccon:
    Generally public Wifi networks are not safe and you should not transmit any personal information across it. This includes any usernames and passwords, in particular any on-line banking information but also email or even forums like this here unless HTTPS is used for the entire session or you have a VPN. Public networks with WPA2 encryption are somewhat safe since the sessions are isolated.
    do local Hong Kong libraries have wpa2? l am just bit paranoid someone getting access to my computer via wifi, with my emails always logged on, and they have lots of passwords, though written in a way no one would understand except myself. eg 20516V+1
    no one would understand, even those close to me. but nonetheless.

  5. #5

    Join Date
    Aug 2006
    Posts
    11,884

    I do not believe that libraries do not run encryption (WPA2), if they did you'd need a password to log in. Though they might just print out the password and paste it to desks.

    It is incredibly hard to explain security concepts over a web forum, and concepts are already getting into a mess in this one. If you want to understand this properly, you are going to have to develop an understanding of certain aspects of IT by reading/studying/talking to someone for an hour who can explain this in person, or just go for a prescriptive approach and follow a bunch of instructions. This list is a reasonable set: http://blog.laptopmag.com/9-tips-to-...n-public-wi-fi

    If you want to be more paranoid, Grunt's suggestion of running your phone as a mobile hotspot is a sensible one as you are staying on your own network.

    Overall, I'd be much less worried about using public wifi than making sure you had decent security for other services- e.g. running 2 factor authentication for mail and banking, and using decently long and complex passwords (the password example that you post, is, imo, a bit too short to be considered secure, but at least it's not vulnerable to a dictionary attack).

    Think about it this way: On wifi, your potential attackers are the pool of people within about twenty meters. On the wider internet, your potential attackers are anywhere in the word. Which is the bigger group of people with more skill and incentive?

    Last edited by jgl; 11-09-2013 at 10:11 AM.
    vijucat likes this.

  6. #6

    Join Date
    Mar 2007
    Location
    Gold Coast Marina
    Posts
    17,934

    You can also get run over crossing the road, if you really want to be paranoid.....

    auss likes this.

  7. #7

    Join Date
    Aug 2006
    Posts
    11,884

    Nah, crossing the road in Hong Kong is safe. The drivers are all skilled and careful of pedestrians.

    Except, of course, for those taxi drivers who do the weird on-off accelerator thing.


  8. #8

    Join Date
    Aug 2013
    Location
    Hong Kong
    Posts
    386
    Quote Originally Posted by lennox73:
    was going to take my laptop to the wifi in Hong Kong public libraries. l heard that some wifi is unsafe, any information?
    saw http://news.yahoo.com/blogs/upgrade-...182159934.html and am even more paranoid
    perhaps just taking my smart phone to use the wifi?
    If you're really concerned about it, get a portable wireless router. A tiny one that fits in the palm of your hand. Also can add a third-party software firewall for your laptop. And if you are extra worried, then also get a VPN service with strong encryption.

  9. #9

    Join Date
    Aug 2013
    Posts
    29

    l like the sound of tip no 4 the https everywhere on http://blog.laptopmag.com/9-tips-to-...n-public-wi-fi
    would that mean when l use firefox or chrome with this https, the input data and what is being browsed remains private or undetectable to keylogging software or snoopers, for eg snowden colleagues?

    Quote Originally Posted by jgl:
    I do not believe that libraries do not run encryption (WPA2), if they did you'd need a password to log in. Though they might just print out the password and paste it to desks.

    It is incredibly hard to explain security concepts over a web forum, and concepts are already getting into a mess in this one. If you want to understand this properly, you are going to have to develop an understanding of certain aspects of IT by reading/studying/talking to someone for an hour who can explain this in person, or just go for a prescriptive approach and follow a bunch of instructions. This list is a reasonable set: http://blog.laptopmag.com/9-tips-to-...n-public-wi-fi

    If you want to be more paranoid, Grunt's suggestion of running your phone as a mobile hotspot is a sensible one as you are staying on your own network.

    Overall, I'd be much less worried about using public wifi than making sure you had decent security for other services- e.g. running 2 factor authentication for mail and banking, and using decently long and complex passwords (the password example that you post, is, imo, a bit too short to be considered secure, but at least it's not vulnerable to a dictionary attack).

    Think about it this way: On wifi, your potential attackers are the pool of people within about twenty meters. On the wider internet, your potential attackers are anywhere in the word. Which is the bigger group of people with more skill and incentive?

  10. #10

    Join Date
    Aug 2006
    Posts
    11,884

    Uhh... NO. Not at all. Basically you have a whole bunch of computing/security concepts completely mixed up here. It's like saying that a car has wheels and so does a train, so therefore airbags make bus travel safer.

    Firstly, just about any vaguely sensitive site (email, anything you enter credit card info in) uses HTTPS.

    Secondly the whole NSA/PRISM thing is that they can access these systems via the companies that run these systems (e.g. Google or Yahoo mail or whoever). So it doesn't matter that you're running a secured session as your mail provider is already bending over and dropping his pants for the guys in trenchcoats.

    And lastly, a keylogger is a bit of malware that has infected your computer and sends everything you type to listener, so they can get your login names and passwords. It has nothing to do with HTTPS and is more about whether you have antivirus software on your machine.

    If you really want to understand this stuff, I suggest that you buy an IT friend a bloody nice dinner and get him to spend an hour drawing this stuff out on a tablecloth.

    Last edited by jgl; 13-09-2013 at 04:19 PM.
    vijucat likes this.

Closed Thread
Page 1 of 2 1 2 LastLast