Separate names with a comma.
Discussion in 'Community Discussion' started by hajime, May 24, 2016.
Is it safe to do online banking by connecting the Mac to the internet via wifi in the hotel?
It's not safe to do anything on public wifi. You always run a risk doing that. I always use a VPN when I'm using public wifi.
Thanks. How about doing it when connected to the internet via mobile carrier?
As for home network, I suppose there is nothing that we can do and hope that our ISP does not do bad things. Am I right?
It's not so much about the ISP or mobile carrier but about others who might be on same local network that might intercept or monitor something. It doesn't really apply to your home network (unless you have some unknown/compromised people/devices connected to it) or to the mobile carrier as they manage and secure their network kind of like the ISP you have.
Most sites are encrypted if private info is being exchanged. But non financial sites may not encrypt everything, even logins. That's where VPN comes in handy. That and you don't want people seeing where you are going or setting up a man in the middle attack.
You are a little safer at home on encrypted wifi or on mobile network. It gets harder to have the necessary access to collect your traffic. But it can happen just the same. Public hot spots are just a much higher risk.
Thanks. Do the above suggestions apply to cases that the bank provides a hardware keypad which generates a unique code each time it is used?
So, if I want to do online banking while on vacation, it is safer to do it using my own laptop computer while connected to the Internet via a trusted friend's home network?
Best to use your cell phone. If not, at least make sure your friend's wifi is encrypted.
The unique key does nothing except prevent password guessing.
I am on a prepaid sim card from a mobile carrier. It is very very slow and connections are not stable. I better get a better one then.
Why it is best to use cell phone?
Not true. The unique key means that the username and password are useless on their own as you cannot login or do transactions without access to the key generator. Even if someone was able to obtain the username and password by hacking the hotel WiFi, they couldn't do any harm without having physical access to the key generator.
In other words, OP, you're safe because your bank requires a unique key in each login, so just use the hotel WiFi.
The username and password would not be had by sniffing the hotel wifi anyway. The banking session would be SSL encrypted. As i mentioned, banking is a lesser issue, but I would still rather an attacker not know where my accounts are held or be able to attempt a man in the middle attack and steal info that way. With MITM, all bets are off as far as data theft. Stolen info may include routing and account numbers, in which case a username and password are irrelevant. Just depends on what is being done at the time. VPN is a much safer way to go on open wifi.
On the other hand, it would seem that anyone who ever wrote a check has already been giving away their account and routing numbers every single time.
Specifically, cell network. Only because it becomes very difficult for someone to target you. Also, an attacker will no longer be some low life sitting in a hotel lobby or parking lot with a laptop.
--- Post Merged, May 25, 2016 ---
Absolutely! I hate checks and haven't used them in years. But that's the risk you take handing that info to a merchant. Same with credit cards. I'd consider them slightly more trusted than a parasite sitting on open wifi looking for a mark. It's all about relative risk. The OP asked and I provided an opinion. OP's risk acceptance is a personal decision. At least the pros / cons have been provided to help make an intelligent choice.
--- Post Merged, May 25, 2016 ---
You should always use vpn or Tor wherever you are.
I always bank on mobile now ...just due to convenience of opening an app, instead of a browser. Of course we now know the SS7 used in for cell phones can be hacked now anyway...
At least for me, my bank and credit card online sites are already encrypted before you even log in. And such sites should be encrypted that way right from the start.
I wouldn't do my banking from a hotel or any other public network.
Absolutely not. Either use your phone or tether to your computer.
Mine is on pretty much 24/7.
VPN on you Mac or device would be ok.
i treat security kind of a lucky dip.. Pick the right number and u get owned.
A friend mentioned that if I use those small security device from the bank, I don't need to worry even I use the wifi in the hotel. The reason is that the device changes numbers every second or so. He said that if something goes wrong, the bank will take full responsibility because it is they who offered the security device and online banking service. What do you think?
Here's my thoughts...
When I go to hotels, there are always a bunch of "Hotel Free Wifi" connections/logins. How do you know which one is or isn't legit?
If I was a criminal, I'd hang outside a posh hotel, set up my computer with a "Posh Hotel Free Wifi" name, and see who connected. I'd then be looking at/logging every keystroke they sent, webpage they visited, and oh yeah, I'd be trying to inject malware on their computers also.
Or maybe the hotel IT guy is bored, and wants to monitor what you are doing.
In any event, your little security device most likely encrypts your password or adds an extra layer of security for your bank log in, but unless you are using a VPN or something else, I don't believe it would keep anybody from seeing anything else that is going on.
When I travel, I always use my cell phone. I only use a public network in extreme, dire emergencies, and I don't do any financial transactions.
Not Tor! And not a free VPN. One of the best and fasted VPNs you can use is PIA.
Why not Tor?
And what's so special about PIA.
or something like this :- http://www.tinyhardwarefirewall.com/
It's a VPN. That's what's special about PIA. Depends how secure u wanna be based on performance.