The Travel Series: How To Be Safe On Public Wi-Fi Networks

IMG_0599.PNG

Apple World Today editor Steve Sande is on the way home from a fun vacation trip, but he’ll be providing readers with a few more helpful tips over the next couple of weeks that can help them use their tech gear confidently and safely anywhere.

The previous posts in this series include:

Backing Up Data When You're Away From Home or Office

Voice and Data Around The World

Packing Your Tech

Apps to Load Before You Leave

This Travel Series post is targeted to those who occasionally want to use public Wi-Fi networks to get online while traveling -- even in their home countries. Seeing a "Free Wi-Fi" SSID (Wi-Fi network name) can be awfully tempting, particularly if you're out of the country and received a note from your cellular carrier that your data roaming charges have exceeded $500... Most Wi-Fi hotspots provided by restaurants, bars, and hotels are actually quite safe, but there are ways to ensure that personal information, passwords, and credit card numbers are secure when using a questionable network.

What's The Risk?

I've used public Wi-Fi networks in restaurants, hotels, and coffee shops around the world with no issues. But what can happen if you choose the 'wrong' network and don't use data safety precautions?

The biggest concern is that a person without much training can set up a PC as a fake hotspot, "advertise" it as being available for free, and then harvest a lot of private information. The bad guys can ask for an email address and password in order to gain access. Since many people use the same email address and password for everything from their email account to bank and credit card accounts, criminals can try that same email/password combo on major bank and credit card companies to get access to your account information.

I've personally watched individuals doing this at airports -- using packet sniffing applications on unencrypted Wi-Fi networks to capture credit card numbers, user names and passwords, and other data sent as unencrypted text when unsuspecting users try to take advantage of their "free" Wi-Fi networks.

The risk of using an unfamiliar and unsecured network is huge, and can result in everything from social network or email accounts being compromised to complete identity theft.

IMG_0601.JPG

Know The Network

It's important to know the name (SSID) of the network that you're connecting to. For example, if you're in an airport or at a hotel providing free Wi-Fi, make sure that you get the name and any logon information from facility personnel. Never connect to networks using the SSID "Free Wi-Fi" or that don't use a password to set up an encrypted connection between your device and the Wi-Fi router. On a recent trip to South America I visited a number of restaurants and museums that provided encrypted Wi-Fi networks to customers in exchange for their business. You can tell if a network uses encryption thanks to the "lock icon" next to the SSID (network name) and the necessity of knowing a password to gain access.

Don't Use Public Computers

Hotels and internet cafes often provide public computers for guests. While it's tempting to use those computers so you don't have to carry your own tech gear, public computers are definitely a security risk so it's a much better idea to bring your own gear and use a Wi-Fi network you trust.

Public computers are usually loaded with malware, although hotel IT staff may try to keep the machines clean. While on a business trip in 2008 I ran some malware detection tools on a hotel PC "just for fun". I found 23 separate garden-variety viruses that would mostly likely attach themselves to any file created on the computer and copied to a flash drive, two keystroke capture apps that were running in background, and seven malware apps that were listed by the detection tools as being associated with distributed denial of service (DDOS) attacks and waiting to be triggered.

The reception desk at the hotel that I was staying at wasn't too happy when I presented them with a list of the garbage on their PC, so they had me talk to the IT person who took care of the public machines. Unsurprisingly, he was overworked, underpaid, and took care of public machines at about 50 hotels, all while taking college classes...

If you must use a public computer, don't attach an iOS device or flash drive to it as malware can install itself as a payload to be delivered when you connect to your own home or office PC or Mac.

Macs are fairly immune to malware and usually won't be infected by "bugs" that you may bring home. If you run a virtual Windows machine on your Mac with VMware, Parallels Desktop or a similar environment, it could be infected so be sure to run malware/virus protection apps to detect and remove the infection. Macs running Windows under Boot Camp can definitely be infected -- once again, use malware or virus protection apps.

Use A VPN (Virtual Private Network)

You found the perfect little inn to stay at in Venice for a month, with an attached restaurant in which there is a public Wi-Fi hotspot. They don't require a password to connect, so you know that the network isn't encrypted. You need to keep in touch with your office email and online systems while you're on your assignment, so what do you do?

A VPN (Virtual Private Network) is a perfect solution. VPNs provide end to end encryption between your device and either a corporate network or the Internet at large. Running as software on your device and connecting to fast networks run as major services, VPNs are a good choice for those who wish to travel light but have the most secure network possible.

If you work for any major corporation, you probably already have VPN software on your Mac or PC for connecting to your office network. If that company is letting you use a Mac, iPad or iPhone as your BYOD (bring your own device) solution, then you might be ready to go. If not, here are some VPN solutions to consider:

NordVPN: One of the highest-rated VPNs found during researching this post, NordVPN has over 700 servers located in more than 50 countries, so wherever you are you'll be close to one of the company's servers. The company says they're the only VPN provider that does double encryption of your network traffic, and they also work around governmental requirements for traffic logging and monitoring. If you want to work securely and anonymously online, NordVPN works quite well for as little as US$5.75 per month. It works with both macOS and iOS.

Buffered VPN: Another well-thought-of VPN provider is Buffered. While the company doesn't offer as many server locations in as many countries, it does

offer a 30-day money back guarantee if you're not sure the service is right for you. As with NordVPN, Buffered does not log online activities. Buffered works on macOS and iOS alike.

CyberGhost: CyberGhost is a top pick that offers a free version of its service that isn't as full-powered as the play-for-pay version. The freebie version also requires you to log off after three hours and wait before getting online again. It's a great way to see if you want to pop for the full version, which adds useful features like an ad blocker.

Many VPN solutions are available, so do your homework before signing up for one. Also be sure you know how to use your VPN on all of your devices before traveling; there's nothing worse than not being able to bring up the one tool that can keep you secure at the exact time you need it the most.

IMG_0600.PNG

Use Your Own Wi-Fi Hotspot or Data Connection

If you don't trust any Wi-Fi hotspots the best solution -- although not the least expensive -- is to set up your own hotspot. You'll need to do this with a Mac if you want to stay off of any public hotspot, as Apple -- for some inexplicable reason -- doesn't include a built-in cellular data connection capability in any of the MacBooks.

With a cellular data-equipped iPad or iPhone, you can get a data connection almost anywhere there's a cellular network. Check out my previous post for information on data roaming solutions.

iOS lets you share that data connection through Personal Hotspot, which means that the iPhone or iPad with Wi-Fi and Cellular that you already own is a perfect mobile hotspot for a Mac. Make sure you have a data plan for the device in the country that you are visiting, then launch Settings > Cellular Data > Personal Hotspot and follow the instructions to set up a hotspot that can be shared with up to four other people. Set up a password for your Personal Hotspot so you don't have "freeloaders" trying to use your expensive data roaming plan.

A number of companies also sell or rent mobile hotspots that are equipped with SIMs and pre-paid data plans allowing travel almost anywhere that there's a mobile network. One that I used a few years ago in Europe was Xcom Global -- their service used to be quite expensive but is now available for a flat $7.77 daily fee. Other companies include Tep Wireless, and the US mobile carriers.

If you want a permanent mobile hotspot in your gear bag and just want to top it off with data as you go, the Keepgo is a great solution. For $119 you get to keep the device, or you can get a SIM for your unlocked iPhone to turn it into a hotspot for just $59.

The ultimate Wi-Fi hotspot that will get you onto satellite broadband regardless of your location on the planet -- with the exception of Antarctica, Greenland, Svalbard and the like -- is the GroundControl MCD-4800. It grabs signal from one of three BGAN (Broadband Global Area Network) satellites, sets itself up in just 60 seconds, and lasts for five hours on a charge. The only negatives? You'll be lugging 25 pounds of extra weight and paying through the nose for service, but if you must have internet service at any price, you'll have it.

Conclusion

Wi-Fi hotspots are a great way to keep in touch with friends and family back home, but they can be a security risk. Know what you're getting into, use encrypted networks, and consider using a VPN to keep prying eyes from your data. Setting up your own Wi-Fi network using Personal Hotspot on an iOS device or purchasing/renting an international mobile hotspot is another secure way to keep safe and connected around the world.