Skip to main content
X

Send us a Topic or Tip

Have a suggestion for the blog? Perhaps a topic you'd like us to write about? If so, we'd love to hear from you! Fancy yourself a writer and have a tech tip, handy computer trick, or "how to" to share? Let us know what you'd like to contribute!

Thanks for reaching out!

Tips for Travelers: Staying Safe On Public Wi-Fi Networks

Wi-Fi LogoRocket Yard Contributor Steve Sande is out of the country on a great adventure, so he’ll be providing readers with a lot of helpful tips over the next month that can help them use their tech gear confidently and safely anywhere.

Current location: The meeting of the Amazon River and Atlantic Ocean

Today’s Tips for Travelers post is targeted to anyone who occasionally wants to use a public Wi-Fi network to get online. Seeing that “Free Wi-Fi” SSID (Wi-Fi network name) can be awfully tempting, especially when you’re out of the country and have just received a note from your cellular carrier that your roaming charges have exceeded $500… A lot of Wi-Fi hotspots are actually quite safe, but there are ways to make sure that your personal information, passwords, and credit card numbers are secure when you are on a questionable network.

What’s The Risk?
I’ve used public Wi-Fi networks in restaurants, hotels, and coffee shops with no issues in a number of countries. But what can happen if you choose the wrong network and don’t use precautions to keep your data safe?

The biggest concern is that a person without much training can set up a PC as a hotspot, “advertise” it as being available for free, and then harvest a lot of information. First, the bad guys can ask you to set up an email address and password in order to gain access. Since many people use the same email address and password for everything from their email account to bank and credit card accounts, it’s then possible for the criminal types to try that email/password combo on major bank and credit card companies to get access to your account information.

Next — and I’ve personally caught individuals doing this at airports — people can set up packet sniffing applications on unencrypted Wi-Fi networks and actually capture credit card numbers, user names and passwords, and other data sent as unencrypted text when unsuspecting users try to take advantage of their “free” Wi-Fi networks.

The risk of using an unsecured network that you’re unfamiliar with is huge, and can result in everything from social network or email accounts being compromised to complete identity theft.

Tip #1: Know Your Network
dlkdir817lwd_gall3It’s important to know the network that you’re connecting to. For example, if you’re in an airport and that facility is providing free Wi-Fi, make sure that you get the name and any login information from airport personnel. Never connect to networks that use the name “Free Wi-Fi” or that don’t use a password to set up an encrypted connection between your device and the Wi-Fi router. On this trip to South America I’ve seen a number of restaurants and museums that provide encrypted Wi-Fi networks to customers in exchange for your business. You can tell that the network uses encryption thanks to the “lock icon” next to the SSID (network name).

Tip #2: Don’t Use Public Computers
Hotels and internet cafes often have public computers available for guest usage. While it’s tempting to use those computers in order to do away with the need to carry your own tech gear, public computers are definitely a security risk so it’s a much better idea to bring your own gear and use a Wi-Fi network you trust.

Public computers usually loaded with malware, even though many hotels try to keep the machines clean. While on a business trip a few years ago, I ran some malware detection tools on a seemingly innocuous hotel PC. I found some scary things: 23 separate garden-variety viruses that would mostly likely attach themselves to any file created on the computer, two keystroke capture apps that were running in background, and seven malware apps that were listed by the detection tools as being being associated with distributed denial of service (DDOS) attacks and just sitting in wait to be triggered.

The hotel that I was staying at wasn’t too happy when I presented the front desk with a list of the garbage on their PC, and actually had me talk to the IT person who took care of their public machines. Unsurprisingly, he was overworked, underpaid, and took care of public machines at about 50 hotels, all while taking college classes…

If you must use a public computer, don’t attach an iOS device or even a flash drive to it as malware can install itself on your device as a payload to be delivered when you connect to your own home PC or Mac.

Fortunately, Macs are fairly immune to malware and won’t be infected by “bugs” that you may bring home. If you run a virtual Windows machine on your Mac with VMware, Parallels Desktop or a similar environment, it could be infected so be sure to run malware/virus protection apps to detect and remove the infection.

Tip #3: Use A Virtual Private Network
You found the perfect little pension to stay at in Paris for a month, with a tiny attached restaurant in which there is a public Wi-Fi hotspot. They don’t require a password to connect, so you know that the network isn’t encrypted. You need to keep in touch with your office email and online systems while you’re on your assignment, so what do you do?

A Virtual Private Network (VPN) is a perfect solution. VPNs provide end to end encryption between your device and either a corporate network or the Internet at large. Think of a VPN as a highly secure tunnel for your data that keeps it hidden from view. Running as software on your device and connected to fast networks run as major services, VPNs are a good choice for those who wish to travel light but have the most secure network possible.

If you work for any major corporation, you probably already have VPN software on your Mac or PC for connecting to the work network. If that company is letting you use a Mac, iPad or iPhone as your BYOD (bring your own device) solution, then you might be ready to go. If not, here are some VPN solutions to consider:

NordVPN: One of the highest-rated VPNs found during researching this article, NordVPN has over 700 servers located in over 50 countries, so wherever you may be you’ll be close to one of the company’s servers. The company boasts that they’re the only VPN firm that does double encryption of your network traffic, and they also work around governmental requirements for traffic logging and monitoring. If you want to work securely and anonymously online, NordVPN works quite well for as little as US$5.75 per month. It’s perfect with both macOS and iOS.

Buffered VPN: Another well-thought-of VPN provider is Buffered. While the company doesn’t offer as many server locations in as many countries, it does offer a 30-day money back guarantee if you’re not sure the service is right for you. As with NordVPN, Buffered does not log online activities. Buffered works on macOS and iOS alike.

CyberGhost: CyberGhost is a top pick that offers a free version of its service that isn’t as full-powered as the play-for-pay version. The freebie version also requires you to log off after three hours and wait before getting online again. But that’s a great way to see if you want to pop for the full version, which also adds such useful features as an ad blocker.

Other VPN solutions are available, so be sure to do your homework before signing up for one. Also be sure you know how to use your VPN on all of your devices before traveling; there’s nothing worse than not being able to bring up the one tool that can keep you secure at the exact time you need it the most.

Tip #4: Use Your Own Wi-Fi Hotspot or Data Connection
img_5003What do you do if you don’t trust any Wi-Fi hotspots? The best solution — although not the least expensive — is to set up your own hotspot. You’ll need to do this with a Mac if you want to stay off of any public hotspot, as Apple — for some inexplicable reason — doesn’t include a built-in cellular data connection capability in any of the MacBooks.

With the iPad and iPhone, you can get a data connection almost anywhere in the world as long as you’re in a major population area. Check out my previous post for information on data roaming solutions. 

iOS also lets you share that data connection through Personal Hotspot, which means that the iPhone or iPad with Wi-Fi and Cellular that you already own can be a perfect mobile hotspot for a Mac. You’ll need to have a data plan for the device in the country that you are visiting. Then launch Settings > Cellular Data > Personal Hotspot and follow the instructions to set up a hotspot that can be shared with up to four other people. It’s a good idea to set up a password for your Personal Hotspot so you don’t have “freeloaders” using your expensive data roaming plan.

A number of companies also sell or rent mobile hotspots that are equipped with SIMs and pre-paid data plans so that you can travel almost anywhere that there’s a mobile network and have your own private Wi-Fi network. One that I used a few years ago in Europe was Xcom Global — that service used to be quite expensive but is now available for a flat $7.77 daily fee. Other companies include Tep Wireless, and the US mobile carriers.

If you want a permanent mobile hotspot in your gear bag and just want to top it off with data as you go, the Keepgo is a great solution. For $119 you get to keep the device, or you can get a SIM for your unlocked iPhone to turn it into a hotspot for just $59.

The ultimate Wi-Fi hotspot that will get you onto satellite broadband regardless of your location on the planet — with the exception of Antarctica, Greenland, Svalbard and the like — is the GroundControl MCD-4800. It grabs signal from one of three BGAN (Broadband Global Area Network) satellites, sets itself up in just 60 seconds, and lasts for five hours on a charge. The only negatives? You’ll be lugging 25 pounds of extra weight and paying through the nose for service, but if you must have internet service at any price, you’ll have it.

Conclusion
While Wi-Fi hotspots are a great way to keep in touch with friends and family back home, they can be a security risk. Know what you’re getting into, use encrypted networks, and consider using a virtual private network to keep prying eyes from your data. Setting up your own Wi-Fi network using Personal Hotspot on your iOS device or purchasing/renting an international mobile hotspot can be another secure way to keep up to date around the world.

Steve Sande
the authorSteve Sande
Contributing Author
Steve has been writing about Apple products since 1986, starting on a bulletin board system, creating the first of his many Apple-related websites in 1994, joining the staff of The Unofficial Apple Weblog in 2008, and founding Apple World Today in 2015. He’s semi-retired, loves to camp and take photos, and is an FAA-licensed drone pilot.
Be Sociable, Share This Post!

Leave a Reply

12 Comments

  • You can set up a VPN server at home using pfSense (good firewall among other things) using OpenVPN and Tunnelblick. You need to be a bit tech savvy to set it up, but works nicely. Then you use your home Internet connection when you’re on public Internet.

    pfSense also has IPSec capability too.

  • Unless Keepgo has changed their policy, their data SIM doesn’t support internet tethering (i.e. hotspot) …unless it actually works but they’d sooner sell you the mobile hotspot.

  • The article does not explain why using an unencrypted WiFi network is a problem if you connect to a secure (HTTPS) web site or download email via an encrypted connection.

    Most major email providers provide an encrypted connection for receiving or sending email (Earthink is a glaring exception).

    The HTTPS Everywhere browser extension, which works with Firefox, Chrome, Opera, and Android (but not Safari, sadly) causes web pages to load in HTTPS (encrypted) form if available.
    https://www.eff.org/https-everywhere

    Why is unsecured WiFi a problem IF you are connecting to an secure web page or downloading email on an encrypted connection?

    I do recognize that some web sites only have partial implementation of HTTPS.

    One other VPN to consider: TunnelBear
    https://www.tunnelbear.com

  • The TinyHardwareFirewall people have a new product called

    http://BlackHoleCloud.com

    Same hardware but you get your own VPN server(s) and your own private Tor bridge. You can even hide your OpenVPN connection in Stunnel. So cool, I am a fan.

  • Another personal hotspot option is the Karma Go. It offers a prepaid plan that never expires, or monthly plan if you need more data. For occasional use, I find the prepaid plan is prefect. Up to 8 users can connect with their own account. Yes, it does say “free” when you connect, and sharing does require users to set up an account with an initial dose of free data. However each user is secure and cannot view others connections. Once connected you are secured with https. Use this link to learn more and get a discount: https://yourkarma.com/invite/pete297426
    Disclaimer – I’m a users, not a shill, but if you purchase a Karma Go I do earn some free data on my plan. Thanks.

  • Also, Keepgo seems pretty expensive. Here is a quote I just got from a chat rep:

    Refills prices are:
    100MB – $10
    500MB – $25
    1GB – $45
    3GB – $99
    5GB – $159
    10GB – $299

  • You didn’t mention NetShade either. It seems to be highly regarded among Mac users.