SEARCH

The How-To Geek Forums Have Migrated to Discourse

How-To Geek Forums / Geek Stuff

Banking on Free Wifi

(20 posts)
  • Started 1 year ago by ReadandShare
  • Latest reply from warlock
  • Topic Viewed 362 times

ReadandShare
Posts: 127

Has anyone come across ACTUAL reports on mishaps when using one's own laptop/tablet to connect with banking or other HTTPS sites using free Wifi? I am thinking this is actually quite safe -- so long as user is satisfied that there is no keylogger (hardware or software) implanted in his or her laptop / tablet.

Posted 1 year ago
Top
 
zrzhu11
Posts: 7

You should use VPN on your laptop while using free public wifi, especially for banking.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

I know one can always add layers of safety... my question is whether there are any objective reports of actual mishaps with accessing https type websites using free WiFi. My suspicion is "no" -- but that's the reason for posting this question.

Posted 1 year ago
Top
 
LadyFitzgerald
Posts: 2232

I've never had a problem. However, I also was certain of the safety of the WiFi. Often unscrupulous people will set up their own network at public locations, such as airports, disguised as a legitimate location. If you log onto one of those, the lowlife will have full access to every keystroke you make on your computer. In those situations, even HTTPS won't protect you (I've heard of it happening and saw a demo on TV news to show how it can happen). The safest free WiFi locations are ones where one has to have a password to access it, such as many libraries, motel/hotels, etc.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

Say I fall prey to an unscrupulous network -- which then gets a full record of my communication. Will any such network be able to receive my naked keystrokes -- or just encrypted jibberish? I thought only the owner of the particular https site I visit will have the key to decode?

I have read about "man in the middle" attacks / hijacks. But doesn't that require a keylogger -- be it hardware or software -- to intercept data -- after each keystroke, but before browser encryption?

Posted 1 year ago
Top
 
raphoenix
raphoenix
Posts: 14920

I would discuss the situation with my bank and find out what liabilities I would incur if something should go wrong.

If the bank's policy is SOL, then I would bank with another bank that would protect me against unintended losses.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

raphoenix:

NO bank will ever say "sure, https is breakable, go online anytime and anywhere you like". The bank customer rep will simply repeat "best practices".

I am trying to tease out the hype from the reality. One way to do this is by searching out reports of actual mishaps.

Posted 1 year ago
Top
 
StringJunky
StringJunky
Posts: 2454

http://www.computeractive.co.u.....i-networks

Posted 1 year ago
Top
 
Xhi
Xhi
Posts: 6298

Story of a Hacker who did it. Is It Safe To Bank On Public Wi-Fi? How Not To Get Hacked! Read down to "How did he hack my connection?" where it tells of him actually doing it.

It's not the HTTPS that gets busted, it's the fact that with an unsecured connection a hacker an get into your computer and place a keylogger or similar device. Then read your un-encrypted keys.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

Xhi:

Thanks for the link.... I just read it and would like to develop it further. Per the article:

1. The author gave her friend an "OK" to conduct a Wifi snooping experiment.
2. The author then connects to the public Wifi and logs onto her bank via https.
3. The friend captures her log in ID and password!

WOW!!! But...

A. The friend actually set up a "rogue" Wifi network beforehand.
B. The friend also set up a "look alike" bank page beforehand.

I am thinking that in a realistic situation...

1. A "rogue" Wifi network can indeed be set up, but
2. It would be hard to fool me with a fake bank page because mine has an individualized picture. Most banking sites have two different webpages for users to log through -- with second one individualized.

But the article is invaluable -- as it goes to show that people (me) can indeed fall for, say, a lookalike Google or Facebook sign-in page, not suspecting anything different -- and expose their ID's and passwords -- because these sites don't have individualized password pages!

Posted 1 year ago
Top
 
raphoenix
raphoenix
Posts: 14920

@RD

My Bank does protect me so don't advise me since you don't know what you're speaking about.

It appears from your postings that you are always "spoiling for a fight" or trying to do "one ups man ship".

I'll stay off Your Topics if You Stay off of mine.

Thanks,

Rick P.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

raphoenix:

Wow, what brought all this up? Read my response to Xhi. Is it any kind of one-upmanship? No, it's called developing the topic further.

Posted 1 year ago
Top
 
LadyFitzgerald
Posts: 2232

It's not data being transmitted via HTTPS that's in danger of being intercepted. Logging onto a bogus network gives the person who set up the network the opportunity to see all your keystrokes, sometimes by keylogger but more often by viewing directly. They can even invade your computer and either access all your data or install spyware.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

LF (and others):

Thanks. I ask the question because I travel for 2 to 4 months out of the year each year. And sometimes, it's necessary to access a bank site in that long of a time frame.

Probably no one single "fail safe" way -- but how can users distinguish between genuine versus rogue Wifi hotspots?

Posted 1 year ago
Top
 
warlock
warlock
Posts: 4100

When you ask for actual reports, are you looking for those that have been compromised? If they have most won't tell I think they don't want it to happen again. Anything can be hacked have a read here. http://www.bbc.co.uk/news/technology-12901041

If worried about using free Wifi for important projects just don't do it. No one can guarantee complete safety. It's only safe till someone hacks it.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

warlock:

Compare and contrast reports of systems and websites break in's -- versus banking mishaps from Wifi use. Seems like the former is 'daily' while the latter -- dare I say, close to nonexistent? Of course, there are risks... but even Xhi's linked article was a staged one for warning purpose.

NOT that I would do it again (or recommend anyone to do it) -- but in a 7-month trip back in 2009 -- before iPads and all -- I used computers in internet cafes all through Belarus, Ukraine, Russia and China. And my bank accounts didn't get drained. I didn't even notice any uptick on spam. Now that I have my own tablet (vs. relying on public computers) -- it should be quantum leaps safer -- but is that enough??? Subjective and impossible to answer -- thus, the request for actual reports.

Posted 1 year ago
Top
 
warlock
warlock
Posts: 4100

There are no guarantees. Like I said actual reports,
how do you know they are? If you were hacked would you tell everyone? I wouldn't. Common sense is your friend.

Posted 1 year ago
Top
 
LadyFitzgerald
Posts: 2232

@ ReadandShare. Go back and reread my post where I said I saw a demo of it actually being done. Xhi's link is the demo I saw on TV.

Also, check the results of this Google search. There are plenty of references saying it has happened.

Frankly, I agree somewhat with Rick. You are starting to come off like a troll.

Posted 1 year ago
Top
 
ReadandShare
Posts: 127

LR:

Thanks for the link, and I will ignore the last sentence in your post.

I'd like to develop this more... is it safe to use public WIFi if I connect via VPN using my own Android tablet? We'll assume my tablet is free of keylogging software.

Posted 1 year ago
Top
 
warlock
warlock
Posts: 4100

I think we have had enough discussion on this topic. It is now closed

Posted 1 year ago
Top
 



Topic Closed

This topic has been closed to new replies.

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!