Ars Technica recently posted an article entitled “Why you probably shouldn’t be doing work on that in-flight Wi-Fi.” While we agree wholeheartedly that it’s dangerous to use Wi-Fi that doesn’t involve an encryption scheme, we don’t think the article is worded quite strongly enough. There are more dangers lurking in the Wi-Fi world today!
There’s no probably about it. If you work for a company, you have legal obligations to safeguard the intellectual property you come in contact with. If you have a family or are part of a community of people, you have a moral obligation to safeguard their lives. There’s no “probably” in an obligation.
The article calls to attention the fact that GoGo and Global Eagle (in-flight Wi-Fi providers) are doing questionable and nefarious things on their networks to actively undermine encryption and the privacy of connections. The article also points out that these services use an open Wi-Fi without enabling encryption between devices and the wireless access point (WAP). These two things enable ANYBODY with a laptop to TRIVIALLY run a process to record all of your unencrypted traffic — in fact, Macs come pre-loaded from Apple with a network troubleshooting tool that can do this in a handful of seconds: tcpdump.
Does this mean that you are safe to use Wi-Fi networks which require you to enter a password to connect? Are these Wi-Fi networks secure? Not really. When I go to my favorite local cafe, I connect to their Wi-Fi with their password: “pancakes.” Then, as I surf and do my work while eating my pancakes, am I protected from that strange-looking guy in the back of the room? Maybe, and not necessarily — but it is never definite. There are a variety of Wi-Fi security protocols a network operator can use, each with varying degrees of security. For most people, there’s no way for them to know or even understand how secure any given Wi-Fi network is during the sign-on process of entering “pancakes.” It’s not safe to believe that entering a password means you are secure from eavesdropping. The safest option is to believe the worst about the Wi-Fi Internet you are using and simply, ALWAYS use a VPN. Even if you are paying a fee for access to a Wi-Fi network, you should be wary of what that network operator is doing with your data and who might be snooping on you.
These are the reasons why, when I connect to a Wi-Fi network, my first immediate action is to connect to a VPN. If I cannot connect to a VPN, I typically disable the Wi-Fi on my device and switch to my favorite e-book reader for a nice relaxing time with a good book. These very real dangers are the reasons behind why we started Golden Frog and developed our VyprVPN product. We saw that legislation wasn’t going to protect you, and in some countries legislation was going to actively attack your privacy. We saw that the companies providing Internet access to you at your home, coffee shops, or even on airplanes, were not going to look out for your privacy either. VyprVPN was born because we believe in the protection of privacy.
What Can You Do?
If you’re traveling or just using the local Wi-Fi at your local cafe or coffee shop, you have an obligation to your employer, your family, and your friends, to protect the privacy of your Internet activities. Please, use a VPN. I hope you choose VyprVPN, but if you choose a competitor or your corporate VPN that’s probably fine too; just do your research on privacy policies and understand how the choices an online VPN provider makes affects your ultimate privacy.