Working and using Internet at a Coffee shop - secure?

Discussion in 'MacBook Air' started by biosci, Feb 13, 2014.

  1. biosci macrumors 6502a

    Joined:
    Apr 16, 2010
    Location:
    Chicagoland, IL
    #1
    Well whenever I go to a Starbucks or other coffee shop with my MBA, I always look for any available WiFi hotspots. When connected, do you guys just browse as is or do you subscribe to any VPN service for secure connections? It doesn't seem like something hard to do at all but didn't know if browsing without a VPN was 'dangerous' or makes you truly susceptible to people snooping in on your business.

    Any opinions?

    Mike
     
  2. robvas macrumors 68020

    Joined:
    Mar 29, 2009
    Location:
    USA
    #2
    What are you securing yourself from? If you are using HTTPS sites you should be okay, if you really want to be secure you should be using a VPN of some sort.
     
  3. biosci thread starter macrumors 6502a

    Joined:
    Apr 16, 2010
    Location:
    Chicagoland, IL
    #3
    Just not sure if there was a threat out there or some sort of software that could pick up usernames and passwords if browsing forums, sending off emails, or logging into sites when you're on a public wifi network. Ie: if I open pages that syncs via icloud, update Dropbox, etc is that info secure? Just wondering.

    Also, do you have a firewall turned on when on public wifi?
     
  4. jtara macrumors 65816

    Joined:
    Mar 23, 2009
    #4
    Of course it is not secure unless you are using a VPN.

    You do not need a "VPN service" if you have an always-on machine or router at home (or somewhere - many of us have a dedicated or VPS server at a data center - i.e. if you are hosting websites) that you can install a VPN on.

    I have a VPN installed on my OpenWrt router, but so far have only figured out how to get it to work for iPhone and iPad. Haven't worked-out the details for OSX.

    You should be OK for https: and for email if you use a secure email connection. (make sure you use a secure connection both inbound and outbound!)

    That said, somebody would have to "tap" the data, and that's not really that easy.

    - unsecured wifi (never connect to an unsecured wifi connection!)

    - somebody's got a cable in the back room at Starbucks, AND Starbucks has a switch with a tap feature. In the "old days" of hubs, every device on a local network saw all traffic, but those days are long gone. (I have such a switch at home that I use for debugging apps. You have to set-up the switch to copy traffic from a specific port or ports to a "tap" port) So, you can't just quickly plug a cable into a switch. It has to be the right switch, and it has to be configured.

    - somebody at some ISP along the way has done the same. I think I would trust major ISPs and backbone providers.

    - somebody at the destination has a tap. This should not be a problem in major data centers. But who knows about Podunk Data Center.

    - Of course, the NSA gets it no matter what

    - I don't trust Apple services to be secure, due to recent findings of some services not using a secure protocol. I beleive they've been fixed, but who knows what else is lurking?

    - I would not trust iOS apps or desktop apps that talk to some server to use a secure protocol
     
  5. scaredpoet macrumors 604

    scaredpoet

    Joined:
    Apr 6, 2007
    #5
    Discussion forums (this one included) are typically not running over an encrypted connection so no, not secure.

    Email depends on the provider. Most of the big ones (Google, Outlook.com, Yahoo) use https encryption through their webmail interface. Most also show you how to set up SSL/TLS encrypted connections if you're using a client like Mail, but it's still possible to set up an unencrypted connection in many cases.

    To be safe, you should definitely be using VPN when on public Wifi. It's the only way to be sure.
     
  6. robvas macrumors 68020

    Joined:
    Mar 29, 2009
    Location:
    USA
    #6
    Most starbucks use 'wireless isolation' which helps but to be 100% sure you need to be on a VPN connection
     
  7. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #7
    A few years ago my Gmail account was hacked, all my friends got a short email from "me" with nothing but a link in the text, I suspect if you click on the link you'd infect yourself with a Windows worm that would just propagate itself and do the same thing.

    I have no idea how it happened:

    - I don't log into my Gmail account using Windows machines -- I run all Macs at home.
    - At the time the email was sent, I was on vacation, so I hadn't even been on a computer at all in days.
    - I had, however, used the public WiFi at the local Starbucks a few hours before the timestamp of the email.

    I don't have any evidence, and I have no idea what mechanism, if any, would have allowed my Gmail login to be sniffed over the WiFi at Starbucks. But that's the closest thing I have to a theory about how it happened.

    I have since changed my password, enabled two-factor authentication on all Google services, and avoid checking email in public WiFi spots.
     
  8. Mac.User macrumors 6502

    Joined:
    Aug 25, 2013
    #8
    Running a Mac doesn't help when they are packet sniffing. Networking protocols are all the same. OS doesn't matter.
     
  9. robvas macrumors 68020

    Joined:
    Mar 29, 2009
    Location:
    USA
    #9
    How complex was your password? Did you use it anywhere else?

    The myth of uberhackers hanging out at coffee shops collecting Dick and Jane's password is pretty popular
     
  10. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #10
    I mentioned running a Mac to eliminate the possibility that my own computer was somehow infected by a worm that caused it to send out the rogue emails directly.

    Right, so I was reluctant to believe in the theory that someone was packet sniffing and stealing passwords.

    Still... a breach happened, and I don't know how.

    The password was a dictionary word with numeric characters, and it was used elsewhere. So, granted, there are any number of ways my password could have been compromised. Perhaps it was simply coincidence that the emails were sent out hours after I used a Starbucks WiFi access point.
     
  11. biosci thread starter macrumors 6502a

    Joined:
    Apr 16, 2010
    Location:
    Chicagoland, IL
    #11
    Thanks everyone for chiming in. Now, does everyone use a VPN service for their wifi access? Or do you set one up at home?
     
  12. robvas macrumors 68020

    Joined:
    Mar 29, 2009
    Location:
    USA
    #12
    If you have a fast internet connection (Both upload and download) you could use one at home. You will have a little lag since you have to hit your house and back.

    Depending on how fast of a wifi connection you usually use, it might not be a big deal. But a service is faster and more reliable and they are pretty cheap - $5 a month. You could also just use an ssh tunnel if you access to a linux server already (https://calomel.org/firefox_ssh_proxy.html)
    Remember this very site was hacked not to long ago...
     
  13. glitch44 macrumors 65816

    Joined:
    Feb 28, 2006
    #13
    You should enable 2FA (Two Factor Authentication) on your google account.
     
  14. alphaod macrumors Core

    alphaod

    Joined:
    Feb 9, 2008
    Location:
    NYC
    #14
    No it's not secure, but really I don't think anyone really goes around sniffing my info.
     
  15. Mr. Retrofire macrumors 601

    Mr. Retrofire

    Joined:
    Mar 2, 2010
    Location:
    www.emiliana.cl/en
    #15
    *sniff*
    Are you sure?
    *sniff*

    ;)
     
  16. Steve121178 macrumors 68040

    Steve121178

    Joined:
    Apr 13, 2010
    Location:
    Bedfordshire, UK
    #17
    If you are using the internet, VPN or not, then you can never be 100% secure.

    As said above, HTTPS is good enough if you are logging in to your bank for example.
     
  17. Dweez macrumors 65816

    Dweez

    Joined:
    Jun 13, 2011
    Location:
    Down by the river
    #19
    Honestly, not much is truly secure these days. Packet sniffing/snooping can reveal quite a bit about what's happening on any give wireless network. The only thing I do while on any given public wireless network is surf various lame websites.

    Just use common sense when on an unknown public network. IE, keep your online banking for you secure network @ home. ;)
     
  18. Orr macrumors 6502

    Orr

    Joined:
    Oct 8, 2013
    #20
    Nothing has ever been secure online. Especially nowadays. The government has virtually unfettered access to anything and everything you do. A VPN does not change this. Not signing into any accounts/using passwords on an open wifi network is just basic computing sense.
     
  19. rwilliams macrumors 68040

    rwilliams

    Joined:
    Apr 8, 2009
    Location:
    Durham, NC

Share This Page