Jump to content


Welcome to DBSTalk


Sign In 

Create Account
Welcome to DBSTalk, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be a part of DBSTalk by signing in or creating an account.
  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.
 
Guest Message by DevFuse

Photo

Public Wifi


  • Please log in to reply
3 replies to this topic

#1 OFFLINE   kevinturcotte

kevinturcotte

    Hall Of Fame

  • Registered
  • 3,940 posts
  • LocationOutside Portland, ME
Joined: Dec 19, 2006

Posted 24 June 2013 - 12:09 PM

I'm curious what people think of public Wifi in order to cut down on cell data usage? What apps do you use to automatically find and connect to public wifi networks (Android, Jellybean 4.1.2)? What about security?



...Ads Help To Support This SIte...

#2 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 11,888 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 24 June 2013 - 12:40 PM

I use public wifi if it's one I know. 

 

You do have to be careful about security. For example, it was possible for someone to be on a public wifi, log into Facebook (as an example), and someone else who is connected would be able to post as them. They would not get the account password, but that wasn't needed. The problem stemmed from the fact that the login page was encrypted (https://), but once authenticated, you were redirected to http.

 

More sites started doing SSL all the time in direct response to this, but not everything.

 

I would never connect to a random wifi network, only the one that the location I was at was actively providing. You never know where someone will set up a honeypot.

 

But I admit I'm more paranoid than most, though not enough to wrap my phone in a Faraday cage when I'm not using it.



#3 OFFLINE   kevinturcotte

kevinturcotte

    Hall Of Fame

  • Topic Starter
  • Registered
  • 3,940 posts
  • LocationOutside Portland, ME
Joined: Dec 19, 2006

Posted 24 June 2013 - 12:51 PM

Isn't a honeypot situation possible even at these locations? Is there anything you can do to connect, do what you want, but still protect yourself?

I use public wifi if it's one I know.

You do have to be careful about security. For example, it was possible for someone to be on a public wifi, log into Facebook (as an example), and someone else who is connected would be able to post as them. They would not get the account password, but that wasn't needed. The problem stemmed from the fact that the login page was encrypted (https://), but once authenticated, you were redirected to http.

More sites started doing SSL all the time in direct response to this, but not everything.

I would never connect to a random wifi network, only the one that the location I was at was actively providing. You never know where someone will set up a honeypot.

But I admit I'm more paranoid than most, though not enough to wrap my phone in a Faraday cage when I'm not using it.


Sent from my DROID4 using DBSTalk mobile app



#4 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 11,888 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 24 June 2013 - 01:09 PM

A true honeypot is set up for the sole purpose of getting people to connect to compromise their systems or info. Kind of like a carnivorous pitcher plant.

 

There are a few options.

 

One, anything that you want to do that you want some security is to always use SSL. That is not always an option, and not one you can choose.

 

One step up in terms of Internet use is that you can connect to a home computer using something like Logmein, even the free version.

 

Best option is a VPN. There is a service called proXPN that allows you to set it up directly on a phone, and everything goes through the encrypted tunnel. They have a free version, though it's speed limited to 300kbps (not a big issue for coffee shop web browsing), and you are limited to one exit point in the US. It is only available to computers however. Paid customers don't have the speed cap and can use one of several exit points in the US, or in London Singapore or Amsterdam and can use the iOS or Android client.

 

Something like OpenVPN probably would work, but you'd have to setup your own VPN.






spam firewall