Feeling insecure while browsing on public WiFi? This blog is for you.
Whenever someone connects to public wifi networks, i.e. the WiFi Access points provided by hotels, libraries, colleges, restaurants, cafes, airports, or any other open wifi networks, there is a risk that the admin of these networks can secretly intercept their data (like browsing history, URLs visited), or a hacker can gain access to the admin’s computer and analyze the data or perform Man-in-the-Middle attacks (javascript injection, read personal data like usernames, passwords, websites visited, etc.). By default all the data will flow through the admin’s computer, so he will be able to see this data.
To know more about Man-in-the-Middle Attacks, refer to the blog below :
The solution is simple — Encrypt your traffic. Once the traffic is encrypted, we don’t really care if anyone intercepts it because the traffic will be jibberish and of no use to the person intercepting it. There are a number of ways to encrypt data. The simplest and most efficient way is the combination of :
HTTPS Everywhere plugin developed by EFF(Electronic Frontier Foundation), will prevent the attacker/man-in-the-middle to downgrade your HTTPS connection to the un-secure HTTP connection, thereby preventing data interception and man in the middle attacks. You can google search for it or download it from the link below :
Browsers like Edge, Brave, Opera, Tor are also supported. You can download the extension for these browsers from here https://www.eff.org/https-everywhere.
Note: This plugin is really good for websites that support HTTPS but data of websites using HTTP can still be intercepted.
HTTPS everywhere plugin is also not 100 percent secure because it still can’t prevent attacks like DNS spoofing, where the attacker can see which URLs(not the data since it is encrypted) the connected computer is visiting.
If you want to take your security to the next level and completely encrypt everything you browse on the network, then you should consider using a private VPN.
Enabling VPN will create an encrypted tunnel between your computer and the VPN server you are connecting to, and all the data will flow through this encrypted tunnel. VPN is useful for a lot of reasons, some of them are:
One needs to be careful while selecting a VPN server because the admin of the VPN server can intercept the data if he wants. Things to look out for while selecting a VPN:
Note: Using
Https Everywhere
plugin removes the possibility of the VPN server provider of intercepting your data
Method | Pros | Cons |
---|---|---|
Https Everywhere Plugin | Free | -Visited websites are still visible, Covers only HTTPS websites |
VPN | Sends data through an encrypted channel | Not free , VPN provider can intercept data |
Https Everywhere Plugin + VPN | Double Layer of Encryption , Protects against VPN Provider intercepting data | Not Free |
Hence we can conclude that HTTPS Everywhere Plugin and a private VPN is very good combination if we want to securely browse any public WiFI.
Safe Browsing everyone!