Recently, two friends encountered hacking problems in their accounts. One had his Gmail account disabled after an apparent logon by someone else residing in Greece. Then another had his Facebook account lose all admin access to Facebook Pages. How it happened was a mystery, since they rarely go to internet shops to access the Web. But they were certain that at one time or another, they accessed freely-available Wi-Fi on airports and malls.
I will admit I had been gullible to free Wi-Fi networks as well. What’s nicer than being able to access your FB or Gmail accounts while in the mall without any charge? Unfortunately, only recently was I able to realize how dangerous it was to do so.
Does this sound familiar?
Information sent over this network may be visible to others.
This might have been shown by your browser at least once, and you probably just clicked OK just so you can proceed to the site you’re browsing. That would basically be it. If you logged in a website without encrption (say, Multiply), anything you submit to the page can be viewed by someone else over the network. Gmail, for one, used to only implement encryption about a month ago. There is an option to set Gmail logins with encryption, but of course, not all users are that aware of the risks or they don’t know about this feature, found in the Advanced settings. Since then, all users, by default, will always access Gmail via HTTPS (meaning with encryption, the data sent on the free Wi-Fi network may still be accessible by someone else, but at least that information is encrypted). Try it, and see that even after logging in and viewing emails already, notice that you’re still on HTTPS (see the icon on the left of the address bar in your browser).
This is different, however, from Facebook’s implementation — try logging in. It may be HTTPS, but once you’re in, it reverts to HTTP. The login information you sent may be encrypted, but anything you post in there can be seen in plain view by someone else — that person reading a coffee in front of you inside Starbucks might just be doing that.
So much for paranoia, but would you be comfortable with the thought that someone else can get all your information just because of a lack of awareness in the dangers of free Wi-Fi? I remember I’ve been told before, the weakest link in any “secure” system is the user. Take steps and be aware.
Hey, nice article, thanks.