Using Public Networks

It’s incredibly convenient to be able to use the Internet when you’re out and about, but there are some precautions you should take any time you use a network that can be used by people you don't know and trust. This includes not only wireless networks, but also public wired networks (like the ones in hotels, for instance). Cellular networks, even though they're wireless, are encrypted and reasonably private.

Assume that any information you send across a public network connection can be read. If you are looking at information from a website, and you are not getting to it via an encrypted connection, everybody else on the network may be able to read that information. If you are sending information to a website that is not encrypted, everybody else may be able to read that information. In some cases, anybody on the network may be able to take actions as you if you log into a website.

There are three main approaches you can take to protecting yourself:

  1. You can do only public things on public networks — nothing that requires you to be logged in. You can still surf the web, look up maps, movies, news, pictures of kittens, reviews of the restaurant next door. Just don't log in, or use an account that is already logged in. Use your home network or a cellular connection to do anything where you need privacy.

  2. You can choose to do private things only on sites you know are secure, sites where you have an encrypted connection.

    You are generally protected if you are using a website over SSL. SSL-protected sites start with "https" instead of "http" and show an icon of a lock or a solid key.

    If you log in over SSL and then take other actions which are not over SSL, you are probably not protected. Somebody else won't be able to log in as you, but they can still "read over your shoulder" and may be able to take actions as you. Some sites do have extra protections that you can't see; you'll need to look for information on how they secure your information and decide whether or not you trust it if you want to use those sites.

  3. If you want to be able to do private things on a public network, and you're willing to do some technical stuff (and maybe buy a service) you can use a Virtual Private Network (VPN) to make your privacy on public networks equivalent to your privacy on other networks.

Regardless of what you're doing on the network, there are some precautions you should take:

  • Make sure you have a firewall on. Recent versions of most operating systems automatically have firewalls enabled, but for your convenience here are some instructions for verifying that the firewalls are enabled in some popular operating systems.
  • Consider what services you are using to share things, and whether you want them enabled for the public. It is usually not safe to have file sharing on, so if you have turned it on, you will want to disable it while using public networks. Other forms of sharing (sharing media via iTunes or other programs for instance) may be safer, but you should still consider whether you really want to make your library publicly accessible. Most newer operating systems and programs turn public sharing off by default, but if you have shared things in the past, or you are using programs intended for public sharing, or you have a system more than a few years old, you should check settings.

On wireless networks:

  • Use only legitimate, advertised networks. In particular, watch out for situations where there are multiple networks which require you to pay, and they are different prices. In general, the lower-priced network is a scam, collecting your credit card information. Ask the venue what networks are legitimate.
  • Do not join networks advertised by individual computers (’ad hoc’ networks). It’s possible to set up a computer to offer network services; this is almost never legitimate in a public place. Some Windows machines will treat these as equivalent to networks advertised by access points, and you should disable this. How to disable this feature on Windows.
  • Turn off options to automatically join unknown networks.
  • Consider turning off options to automatically join known networks. “Known” networks are identified by name, so you’ll automatically join networks that have the right name. Nasty people can make networks that have the right name, but aren't as nice as the network you were expecting to join, and steal information from you. (This is called an "evil twin attack".)

Virtual Private Networks

Virtual private networks, or VPNs, use encryption to allow you to be more private on a public network. Many companies use VPNs to allow employees to remotely access the company network, but you can also get personal VPN services or, if you're a computer do-it-yourself type, build your own VPN to let you connect to your home network. These let you use a public network with approximately the same security you would have on your home network, but there are some things to keep in mind:

  • When you use a VPN service, you are trusting the service operator. They get all your data, and they are able to decrypt it.
  • Using a VPN will require installing software and reconfiguring your computer. It may interfere with some network services, and it will probably slow down your connections.