Secure Public WiFi: Wireless Security Tips
San Jose will be launching a free WiFi service to its residents starting in the summer of 2012. The free, unsecured municipal WiFi in San Jose will be free to the public and secured for the government. As the public facing free WiFi service is unsecured, it is up to the user to enable wireless privacy and municipal WiFi security.
Here are suggestions on how to secure your WiFi:
Use a VPN Service
As this is our core business, of course it is obligatory to recommend a VPN service. With that said, a VPN tunnel is the ideal solution to enable a secure public wifi connection. With a VPN, your data is sent through an encrypted tunnel, turning your public wifi connection into a private wifi tunnel. Additionally, VPN services run transparently to your applications at the OS level. This means that it is unnecessary to manually configure any of your software. It’s easy to see why a VPN tunnel is the optimal choice for public wifi security.
Pros: Secures all applications, available on all operating systems and mobile devices.
Use an SSH Tunnel
For those who have *NIX shell accounts, an ssh tunnel through a *nix shell can be a viable solution when connected to public WiFi. Simply connect to your shell as follows in *nix or Mac OS X (you can also enable this in PuTTy for Windows):
ssh -D <port> (<user>@)<server>
This will essentially create a SOCKS5 proxy through a remote server. You can then manually configure your software to proxy through on an application by application basis.
Pros: For developers who already have *nix shells, this can be a viable solution to secure web traffic.
Cons: Manual setup, very limited support (requires SOCKS5 and a supported SSH client), generally not recommended due to bandwidth overuse.
Use HTTPS Everywhere
This plugin essentially defaults every website you visit to HTTPS if it is available. You should install this whether you are using insecure municipal WiFi or using the internet at your own home. This, of course, will not secure your other applications or non-HTTPS enabled websites. However, it is still highly recommended.
Pros: Free drop-in, plugin solution.
Cons: Many sites do not offer HTTPS. Additionally, other software applications will remain unsecured. Limited device support (requires Chrome or FireFox)
If you have any other suggestions on securing your WiFi when using public wireless networks, please leave your recommendations in the comments.