75% Of People Think Public Wi-Fi Is Safe–WRONG!

I just read a couple of articles about wireless networking that ought to be concerning to you – if you are one of the 75% who think unsecured public Wi-Fi systems are safe to use for any purpose.  Because, if you think so, you are wrong!


In a survey that was reported on Sophos recently, the following results were shown:

  • 77% of people thought public wireless was completely safe.
  • 75% were not concerned about what kinds of transactions they did while using public wireless.
  • 72% thought that public wireless was as secure as their home or office wireless.
  • 67% of them were actually right because they don’t use security on their home wireless either.

Public Wi-Fi is everywhere these days, in coffee shops, restaurants, stores, hotels, libraries, public and private schools, and even in our own homes.  The kind of wireless networks we are warning about today are the kind that do not require a password or passphrase to connect.  Two examples of unsecured or “open” wireless networks appear at the right next to the yellow arrows.

The “portthru” network is an unsecured wireless network that is automatically created by certain HP laptops, Samsung wireless printers, and other devices.  These are designed to help you set up “ad-hoc” or direct computer to computer connections.  You definitely never want to connect to one of these. 

The xfinitywifi network is a new brainchild of Comcast.  If you get xFinity internet service, your cable modem will provide you with two wireless networks, one for you to use in your home or business, and the other, the xfinitywifi, is an open public network.  I am not crazy about sharing my wireless connection with strangers, but the times I have tried to connect I at least had to provide my Comcast credentials.  But the connection is not secure and encrypted.

In both these instances, you can see the gold shield that indicates that this connection is NOT SECURED.  What this means is that someone else, someone like me, could be reading your traffic in plain English right off the air, using nothing more than a wireless laptop and a bit of free software.  This unsecured, readable connections is what you get in most coffee shops and other public locations.

Things you never want to do over open Wi-Fi are:

  • using any web site that requires a user name and password, because you just gave it to me, too.
  • streaming or downloading videos or music because these services require a login.
  • play games online – ditto.
  • shopping online
  • banking online – really?
  • Skyping
  • Facebook, LinkedIn, Pinterest, Twitter
  • Email

What I would like to see, and gratefully, I am beginning to see, is these public services use WPA2 encryption, and provide a password to guests.  It makes no difference if they post it on the menu, a sign board, or on a billboard outside.  Publishing the password is not insecure, because the password provides the encryption, which is secure.  And if you have not secured your home or business wireless networks, do so today.

On a related subject, Sophos also published a more humorous piece entitled War Kitteh hunts out your unsecured Wi-Fi.  In three hours a Siamese cat named Coco, fitted out with a special Wi-Fi mapping collar, captured network statistics on 23 neighborhood wireless networks, and one mouse. Four of those networks were using WEP encryption, which is no longer secure, and four were completely open. This is a more humorous look at the same issue.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.