1. Safety Center: Security

Using Public Networks

It's incredibly convenient to be able to use the Internet when you're out and about, but there are some precautions you should take any time you use a network that can also be used by people you don't know and trust. This includes not only wireless networks but also public wired networks (like the ones in hotels, for instance). Cellular networks, even though they're wireless, are encrypted and reasonably private.

Assume that any information you send across a public network connection can be read. If you are looking at information from a website, and you are not getting to it via an encrypted connection (for example, "https"), everybody else on the network may be able to read that information. If you are sending information to a website that is not encrypted, everybody else may be able to read that information. In some cases, anybody on the network may be able to take actions as you if you log in to a website.

public cafe
There are three main approaches you can take to protecting yourself:

  • Do only public things on public networks — nothing that requires you to be logged in. You can surf the Web, look up maps, movies, news, pictures of kittens, reviews of the restaurant next door. Just don't log in or use an account that is already logged in. Use your home network or a cellular connection to do anything for which you need privacy.
  • Do private things only on sites you know are secure, sites where you have an encrypted connection. You are generally protected if you are using a website over SSL. SSL-protected sites start with "https" instead of "http" and show an icon of a lock or a solid key. If you log in over SSL and then take other actions which are not over SSL, you are probably not protected. Somebody else won't be able to log in as you, but the person can still "read over your shoulder" and may be able to take actions as you. Some sites do have extra protections that you can't see; you'll need to look for information on how they secure your information, and decide whether or not you trust it if you want to use those sites.
  • If you want to be able to do private things on a public network and you're willing to do some technical stuff (and maybe buy a service), you can use a virtual private network (VPN) to make your privacy on public networks equivalent to your privacy on other networks.

Regardless of what you're doing on the network, there are some precautions you should take:

  • Make sure you have a firewall on. Recent versions of most operating systems automatically have firewalls enabled, but for your convenience, here are instructions for verifying that the firewalls are enabled in some popular operating systems.

Instructions for Microsoft Windows 8 Firewall

Instructions for Mac OS X v10.9 (Mavericks) Firewall

  • Consider what services you are using to share things and whether you want them enabled for the public. It is usually not safe to have file sharing on, so if you have turned it on, you will want to disable it while using public networks. Other forms of sharing (for instance, sharing media via iTunes or other programs) may be safer, but you should still consider whether you really want to make your library publicly accessible. Most newer operating systems and programs turn public sharing off by default, but you should check settings if you have shared things in the past, or you are using programs intended for public sharing, or you have a system more than a few years old.

On wireless networks:

  • Use only legitimate, advertised networks. In particular, watch for situations where there are multiple networks that require you to pay and are different prices. In general, the lower-priced network is a scam, collecting your credit card information. Ask the venue which networks are legitimate. 
  • Do not join networks advertised by individual computers ("ad hoc" networks). It's possible to set up a computer to offer network services; this is almost never legitimate in a public place. Some PCs will treat these as equivalent to networks advertised by access points, and you should disable this. Disable this feature on Windows by turning off options to automatically join unknown networks.  
  • Consider turning off options to automatically join known networks. "Known" networks are identified by name, so you'll automatically join networks that have the right name. Nasty people can make networks that have the right name but aren't as nice as the network you were expecting to join, and they can steal information from you. This is called an "evil twin attack."

Virtual Private Networks:

Virtual private networks, or VPNs, use encryption to allow you to be more private on a public network. Many companies use VPNs to let employees remotely access the company network, but you can also get personal VPN services, or, if you're a computer do-it-yourself type, build your own VPN to let you connect to your home network. These let you use a public network with approximately the same security you would have on your home network, but there are some things to remember:

  • When you use a VPN service, you are trusting the service operator. The service gets all your data, and is able to decrypt it. 
  • Using a VPN will require installing software and reconfiguring your computer. It may interfere with some network services, and it may slow down your connections.