How to stay safe when browsing on hotspots or public wifi

[jerry0]

So if you use vpn, then your are safe when using public wifi no matter what?

[1714847317]

1714847317

[1714847317]

1714847317

[TryNinja]

So if you use vpn, then your are safe when using public wifi no matter what?

I don't think you are always "100% safe no matter what" with anything, but there is a huge difference between using a VPN and not using it while in public wifi. You should definitely use one if you can. Without it, you are vulnerability to MITM attacks and people seeing what you are accessing.

[jerry0]

So if you use vpn, then your are safe when using public wifi no matter what?

I don't think you are always "100% safe no matter what" with anything, but there is a huge difference between using a VPN and not using it while in public wifi. You should definitely use one if you can. Without it, you are vulnerability to MITM attacks and people seeing what you are accessing.

What if you are using a free vpn? 

[TryNinja]

What if you are using a free vpn?  

Then you must be extremely careful with it. If you are not paying for the product, then you are the product. Keep in mind that the VPN you use may see and log what you are doing or even do worst things. That's why you must somehow trust your VPN provider, and there are not many free ones you can trust.

I don't recommend using a free VPN (especially a random one). The only one that has a free plan and that I (personally) would trust is ProtonVPN.

[Wintersoldier]

If you have bank accounts or anything that has a value for you on your phone/laptop and you don't want to be very technical, it's better not to connect on public WiFi at all. However if you really need it, just use other browser wherein you don't have your account signed in and don't log in using any of your account; just browse anonymously.

[jerry0]

What if you are using a free vpn?  

Then you must be extremely careful with it. If you are not paying for the product, then you are the product. Keep in mind that the VPN you use may see and log what you are doing or even do worst things. That's why you must somehow trust your VPN provider, and there are not many free ones you can trust.

I don't recommend using a free VPN (especially a random one). The only one that has a free plan and that I (personally) would trust is ProtonVPN.

Just curious but i use a chromebook for my web browsing.  Thus if i visit sites im not sure of i use it instead of my main windows computer.


But if you are not doing any transactions with crypto or loggin into bank account or email, using a basic vpn is fine already then right if using it in public wifi?


So if i use my main laptop outside, unless i know its the coffee shop wifi for sure, then always use a paid vpn to make certain of this?

[TryNinja]

Just curious but i use a chromebook for my web browsing.  Thus if i visit sites im not sure of i use it instead of my main windows computer.

But if you are not doing any transactions with crypto or loggin into bank account or email, using a basic vpn is fine already then right if using it in public wifi?

So if i use my main laptop outside, unless i know its the coffee shop wifi for sure, then always use a paid vpn to make certain of this?

Why not use the paid VPN all the time? If you already got one, just choose it over the free VPN. There are no vantages on using the free basic one.

[jerry0]

Tryninja, i dont use a vpn for my regular windows 10 computer which i do everything crypto related on.  I also only connect my wifi only and sometimes my phones hotspot when tethering.  I do not connect it to public wifi outside ever.


I use my chromebook to web browse and thus sites that might be virus, i dont mind because i have nothing important on my chromebook.  I use a free vpn from the play store for it just fine. 


But you say if i use my win 10 laptop outside using public wifi, get a paid vpn and use it... but that will protect me when doing transactions related to crypto?  The reason i never use it outside is b/c i do not want to connect it to public wifi so i rarely have it outside.  If i do, i tether from phone but of course uses lot of data.

[tranthidung]

If you have bank accounts or anything that has a value for you on your phone/laptop and you don't want to be very technical, it's better not to connect on public WiFi at all. However if you really need it, just use other browser wherein you don't have your account signed in and don't log in using any of your account; just browse anonymously.

Nowadays, people tend to depends so much on Internet and mobile devices (smartphones, tablets). They felt like their lives will be destroyed and their quality of life will be damaged if they don't have access to Internet within minutes, or hours.
In contrast, their quality of life might become much better, and much healthier if they less connect to Internet and overuse electric devices.

[bob123]

I don't think using VPN can make you safe in browsing using hotspot of public wifi since you are connected to it and you are being surveillance by the owner of that wifi you are connected to.

It does.
You encrypt your WHOLE traffic and tunnel it to the VPN server.

If you are connecting to your own VPN server at home.. you are browsing as you would from your home network.
If you are connected to a VPN provider, you have to trust them as you would trust your ISP when at home.

But you say if i use my win 10 laptop outside using public wifi, get a paid vpn and use it... but that will protect me when doing transactions related to crypto?  The reason i never use it outside is b/c i do not want to connect it to public wifi so i rarely have it outside.  If i do, i tether from phone but of course uses lot of data.

No, the VPN itself doesn't protect you from anything if you are in a trusted network (e.g. your home network).

You only need a VPN if you connect from an insecure Wifi or you need to access some resource from an internal network (e.g. companies internal resources).

I suggest looking at this thread.

[charcoal23]

How in your opinion Opera's VPN is realiable service in such cases?

[DdmrDdmr]

How in your opinion Opera's VPN is realiable service in such cases?

Take a look at Opera VPN Review to get a general idea. It shows pretty bad in the review, and gives it more of a proxy status than a vpn one. The report states that it hides your IP, but does not encrypt the data since it does not really tunnel your information.

[harizen]

As I notice today, most of the Public Wifi's Servers are heavily secured today. Meaning if someone on the network attempts to do sh*t on the same network, it will not goes through an easy process to the point that, it's not worth the effort.

Plus the fact, that most sites we visited today that requires login credentials also have their own security to deal on any cases. No way they will not learned that it's risky to access on a public wifi therefore they already prepared on that.

How in your opinion Opera's VPN is realiable service in such cases?

Go for popular ones with good reviews.

[bob123]

As I notice today, most of the Public Wifi's Servers are heavily secured today. Meaning if someone on the network attempts to do sh*t on the same network, it will not goes through an easy process to the point that, it's not worth the effort.

Those are called Access points, not servers.

The problem with those free wifi spots is, that an malicious actor can create his own network with the same name and a better connection quality.
Then, trough sending Disassociation messages  (or trough 'switch channel'-messages) the client WILL connect with the AP of the malicious actor.

Therefore no single 'security mechanism' of the open Wifi spot work anymore. Open Wifis ARE dangerous, no matter what.

Plus the fact, that most sites we visited today that requires login credentials also have their own security to deal on any cases. No way they will not learned that it's risky to access on a public wifi therefore they already prepared on that.

They can't do anything against a MITM.
The server thinks he is talking with the client. And the client thinks he is taking with the server.

But in fact an malicious actor is exactly in-between them (Man in the middle).


If you want to handle sensitive information on an open Wifi network, you NEED to use a VPN. Preferably connecting to the vpn server hosted at your own home network.

[Artemis3]

If you are truly paranoid you shouldn't be using Windows in the first place. And after you pick a secure OS (such as Linux) use Tor instead of rogue VPNs. But hey, there is already a live distro that comes pre-configured for tor use, its called Tails.

And if you carry an usb thumb with it installed, you could even boot it from public computers without worries. Of course you could install it in your laptop, and you should...

But to each their own. Many public wi-fis have captive portals. What stops those from being infected or the owner to add malicious code so you get infected even before you start doing anything?

If you just use a VPN, you are just putting yourself in the hands of that VPN provider. Tor is a whole different league, have it already pre-configured with obfs4 bridges, even if they don't seem to be needed where you are at this moment...

[Kristinnspence]

If you are truly paranoid you shouldn't be using Windows in the first place. And after you pick a secure OS (such as Linux) use Tor instead of rogue VPNs. But hey, there is already a live distro that comes pre-configured for tor use, its called Tails.

And if you carry an usb thumb with it installed, you could even boot it from public computers without worries. Of course you could install it in your laptop, and you should...

But to each their own. Many public wi-fis have captive portals. What stops those from being infected or the owner to add malicious code so you get infected even before you start doing anything?

If you just use a VPN, you are just putting yourself in the hands of that VPN provider. Tor is a whole different league, have it already pre-configured with obfs4 bridges, even if they don't seem to be needed where you are at this moment...

Lol you can also just boot up any Linux pretty much and install tor on Linux and set up tor as your VPN provider and add it to startup or just write the startup command every time you reboot, but yeah tails can be pretty conveniant

but i wrote this thread with the security of the average pc user which is windows.

but now i am thinking about writing another thread that will focus on heavier security

[Artemis3]

If you are truly paranoid you shouldn't be using Windows in the first place. And after you pick a secure OS (such as Linux) use Tor instead of rogue VPNs. But hey, there is already a live distro that comes pre-configured for tor use, its called Tails.

And if you carry an usb thumb with it installed, you could even boot it from public computers without worries. Of course you could install it in your laptop, and you should...

But to each their own. Many public wi-fis have captive portals. What stops those from being infected or the owner to add malicious code so you get infected even before you start doing anything?

If you just use a VPN, you are just putting yourself in the hands of that VPN provider. Tor is a whole different league, have it already pre-configured with obfs4 bridges, even if they don't seem to be needed where you are at this moment...

Lol you can also just boot up any Linux pretty much and install tor on Linux and set up tor as your VPN provider and add it to startup or just write the startup command every time you reboot, but yeah tails can be pretty conveniant

but i wrote this thread with the security of the average pc user which is windows.

but now i am thinking about writing another thread that will focus on heavier security

Unfortunately there is no such thing. Windows is much much harder to "secure", and even if you go out of your way and spend countless hours "securing it", it will remain unsafe next to an average Linux install. Of course you could also harden Linux, use openbsd, etc.

But think how much effort a typical user needs to use to boot a live iso rather than trying to secure windows. Next is installing Linux, which is still easier and faster.

I mean, on one side you have your typical windows user which, in a desperate attempt to make its windows "secure", all he/she has to do is follow this (long) list of steps, involving several config changes, including messing with the registry, install/remove programs, configure them, has an army of any malware, firewalls, browser with their add ons, etc. On the other hand, put that usb stick and reboot from it.

Which is the most user friendly and faster way to be safe? It is also about honesty. Tell people up front: use windows and your battle is already lost.

It is the most correct answer to "How to stay safe when browsing on hotspots or public wifi":

Just boot Tails, or, spend countless hours in an uphill battle trying to secure the most insecure OS on earth.

Microsoft has 30+ years of malware-prone history, and they haven't changed their malpractices (some say intentional). It is the ethical thing to warn people about it.

If you really really really want to stay safe, start with the easiest part: Use a secure OS. You don't even need to install it, just carry it with you in your usb thumb-drive and boot from only when the situation calls for it.


BTW: In most Linux distros you just install Tor and it will already be loaded every-time you boot. At most you should modify /etc/tor/torrc but it will most likely be there up and running. One reason where you would need to modify torrc, is for example when you need to use obfs4 bridges, which is a must in some countries or else it doesn't work at all.

Tor is not a VPN, but its better than one. A VPN has a completely different reason to exist, but it wasn't privacy focused like Tor.

[efrenbilantok]

To avoid any complicated solutions and methods to be safe why don't you just use your own hotspot that you get from your phone or if you are going to connect to wifi using your phone then you better buy pocket wifi I think it's worth buying than risking yourself by connecting to public wifi. Just spare a little money for the cost of data whenever you are going out of town. 

[whotookmycrypto]

Hi OP, duckduckgo has a good article on this as well, see link.

And they recommend TorGuard. If privacy-focused nuts make a recommendation on something, you can bet it works well

Regardless of which VPN you choose, always find a way to check that they really are a "no logs" provider. Interesting article on this (link). Had to link to archive as main site appears down.

[bob123]

The more people using a particular VPN service, the harder it will be to single out one person’s activity.No-Logs VPN is https://temproxy.com

Nice try 

EVERY VPN keeps logs. They would be more than just stupid to not keep logs.
Never trust VPN's who advertise them by stating they do not keep any logs.

Why should they give you the ability to exploit their network for 10$ per month ?
They won't go into jail for you for 10$..


Also the argument that it is harder to trace ones activity if more people use a particular VPN provider, is nonsense.


Obvious advertising campaign..


VPN's are a good way to stay secured at a public Wifi against the risks which occur with a public wifi.
For anything else, there are probably better alternatives: https://gist.github.com/joepie91/5a9909939e6ce7d09e29