Topic: How to stay safe when browsing on hotspots or public wifi (Read 652 times)

My little opinion for everyone is don't to any type of Banking transaction are internet banking while you are in unknown Wi-Fi or hotspot Vikas the accessing are easily available for the Wi-Fi so the possibility for them to hack Activa account is very easy.

Secured level was very low when you are using some other unknown network or Wi-Fi because it will definitely giving the access for them to use and see what is happening in your smartphone Sa laptop so my opinion is if you are doing the transaction are doing your private things don't use the private network or Wi-Fi

Protect your Data and stay safe in public wifi's by using NORDVPN
use Code:Yesiam6 for 0% off for a 3 day subscription.

/Sarcasm off 

Indeed. If that transaction can wait, then let it.It's better to be safe than to be compromised. If possible, don't connect to it at all.

Yeah vpn is king

Almost everybody that I know is now a vpn user which is good they are all safe when using internet whether they are in private wifi or public wifi. VPN also makes us safe when someone is tracking us.

I recommend using this configuration:

8.8.8.8
8.8.4.4

is the google, and if it protects, but if you want more security better install hotspotshield and what you should do is activate it when you take the network in wifi.

I have not planned to check your suggested sites for too soon. The main reason is I have only one laptop to use and store my crypto asset for noww, so I don't want to take risks with strange sites, but I might do a test when I buy a new laptop (then using the old one for testing).
It took me more than one year to move from Junior Member to Full Member, but after that it took around 3 more months to move from Full Member to Senior Member. So, please don't pay all your attention on the pace you earn merits. The point is when you are familiar with forum structures, and topics (that I suggest you to note helpful topics, or even posts down in your list for later use), you might easily to help others. That, in turn will help you to earn merits as rewards for your help faster.

Nice try 

EVERY VPN keeps logs. They would be more than just stupid to not keep logs.
Never trust VPN's who advertise them by stating they do not keep any logs.

Why should they give you the ability to exploit their network for 10$ per month ?
They won't go into jail for you for 10$..


Also the argument that it is harder to trace ones activity if more people use a particular VPN provider, is nonsense.


Obvious advertising campaign..


VPN's are a good way to stay secured at a public Wifi against the risks which occur with a public wifi.
For anything else, there are probably better alternatives: https://gist.github.com/joepie91/5a9909939e6ce7d09e29

Hi OP, duckduckgo has a good article on this as well, see link.

And they recommend TorGuard. If privacy-focused nuts make a recommendation on something, you can bet it works well

Regardless of which VPN you choose, always find a way to check that they really are a "no logs" provider. Interesting article on this (link). Had to link to archive as main site appears down.

To avoid any complicated solutions and methods to be safe why don't you just use your own hotspot that you get from your phone or if you are going to connect to wifi using your phone then you better buy pocket wifi I think it's worth buying than risking yourself by connecting to public wifi. Just spare a little money for the cost of data whenever you are going out of town. 

Unfortunately there is no such thing. Windows is much much harder to "secure", and even if you go out of your way and spend countless hours "securing it", it will remain unsafe next to an average Linux install. Of course you could also harden Linux, use openbsd, etc.

But think how much effort a typical user needs to use to boot a live iso rather than trying to secure windows. Next is installing Linux, which is still easier and faster.

I mean, on one side you have your typical windows user which, in a desperate attempt to make its windows "secure", all he/she has to do is follow this (long) list of steps, involving several config changes, including messing with the registry, install/remove programs, configure them, has an army of any malware, firewalls, browser with their add ons, etc. On the other hand, put that usb stick and reboot from it.

Which is the most user friendly and faster way to be safe? It is also about honesty. Tell people up front: use windows and your battle is already lost.

It is the most correct answer to "How to stay safe when browsing on hotspots or public wifi":

Just boot Tails, or, spend countless hours in an uphill battle trying to secure the most insecure OS on earth.

Microsoft has 30+ years of malware-prone history, and they haven't changed their malpractices (some say intentional). It is the ethical thing to warn people about it.

If you really really really want to stay safe, start with the easiest part: Use a secure OS. You don't even need to install it, just carry it with you in your usb thumb-drive and boot from only when the situation calls for it.


BTW: In most Linux distros you just install Tor and it will already be loaded every-time you boot. At most you should modify /etc/tor/torrc but it will most likely be there up and running. One reason where you would need to modify torrc, is for example when you need to use obfs4 bridges, which is a must in some countries or else it doesn't work at all.

Tor is not a VPN, but its better than one. A VPN has a completely different reason to exist, but it wasn't privacy focused like Tor.

Lol you can also just boot up any Linux pretty much and install tor on Linux and set up tor as your VPN provider and add it to startup or just write the startup command every time you reboot, but yeah tails can be pretty conveniant

but i wrote this thread with the security of the average pc user which is windows.

but now i am thinking about writing another thread that will focus on heavier security

If you are truly paranoid you shouldn't be using Windows in the first place. And after you pick a secure OS (such as Linux) use Tor instead of rogue VPNs. But hey, there is already a live distro that comes pre-configured for tor use, its called Tails.

And if you carry an usb thumb with it installed, you could even boot it from public computers without worries. Of course you could install it in your laptop, and you should...

But to each their own. Many public wi-fis have captive portals. What stops those from being infected or the owner to add malicious code so you get infected even before you start doing anything?

If you just use a VPN, you are just putting yourself in the hands of that VPN provider. Tor is a whole different league, have it already pre-configured with obfs4 bridges, even if they don't seem to be needed where you are at this moment...

Those are called Access points, not servers.

The problem with those free wifi spots is, that an malicious actor can create his own network with the same name and a better connection quality.
Then, trough sending Disassociation messages  (or trough 'switch channel'-messages) the client WILL connect with the AP of the malicious actor.

Therefore no single 'security mechanism' of the open Wifi spot work anymore. Open Wifis ARE dangerous, no matter what.




They can't do anything against a MITM.
The server thinks he is talking with the client. And the client thinks he is taking with the server.

But in fact an malicious actor is exactly in-between them (Man in the middle).


If you want to handle sensitive information on an open Wifi network, you NEED to use a VPN. Preferably connecting to the vpn server hosted at your own home network.

As I notice today, most of the Public Wifi's Servers are heavily secured today. Meaning if someone on the network attempts to do sh*t on the same network, it will not goes through an easy process to the point that, it's not worth the effort.

Plus the fact, that most sites we visited today that requires login credentials also have their own security to deal on any cases. No way they will not learned that it's risky to access on a public wifi therefore they already prepared on that.

---

Go for popular ones with good reviews.

Take a look at Opera VPN Review to get a general idea. It shows pretty bad in the review, and gives it more of a proxy status than a vpn one. The report states that it hides your IP, but does not encrypt the data since it does not really tunnel your information.

How in your opinion Opera's VPN is realiable service in such cases?

It does.
You encrypt your WHOLE traffic and tunnel it to the VPN server.

If you are connecting to your own VPN server at home.. you are browsing as you would from your home network.
If you are connected to a VPN provider, you have to trust them as you would trust your ISP when at home.




No, the VPN itself doesn't protect you from anything if you are in a trusted network (e.g. your home network).

You only need a VPN if you connect from an insecure Wifi or you need to access some resource from an internal network (e.g. companies internal resources).

I suggest looking at this thread.

Nowadays, people tend to depends so much on Internet and mobile devices (smartphones, tablets). They felt like their lives will be destroyed and their quality of life will be damaged if they don't have access to Internet within minutes, or hours.
In contrast, their quality of life might become much better, and much healthier if they less connect to Internet and overuse electric devices.

Tryninja, i dont use a vpn for my regular windows 10 computer which i do everything crypto related on.  I also only connect my wifi only and sometimes my phones hotspot when tethering.  I do not connect it to public wifi outside ever.


I use my chromebook to web browse and thus sites that might be virus, i dont mind because i have nothing important on my chromebook.  I use a free vpn from the play store for it just fine. 


But you say if i use my win 10 laptop outside using public wifi, get a paid vpn and use it... but that will protect me when doing transactions related to crypto?  The reason i never use it outside is b/c i do not want to connect it to public wifi so i rarely have it outside.  If i do, i tether from phone but of course uses lot of data.

Why not use the paid VPN all the time? If you already got one, just choose it over the free VPN. There are no vantages on using the free basic one.

Just curious but i use a chromebook for my web browsing.  Thus if i visit sites im not sure of i use it instead of my main windows computer.


But if you are not doing any transactions with crypto or loggin into bank account or email, using a basic vpn is fine already then right if using it in public wifi?


So if i use my main laptop outside, unless i know its the coffee shop wifi for sure, then always use a paid vpn to make certain of this?

If you have bank accounts or anything that has a value for you on your phone/laptop and you don't want to be very technical, it's better not to connect on public WiFi at all. However if you really need it, just use other browser wherein you don't have your account signed in and don't log in using any of your account; just browse anonymously.

Then you must be extremely careful with it. If you are not paying for the product, then you are the product. Keep in mind that the VPN you use may see and log what you are doing or even do worst things. That's why you must somehow trust your VPN provider, and there are not many free ones you can trust.

I don't recommend using a free VPN (especially a random one). The only one that has a free plan and that I (personally) would trust is ProtonVPN.

What if you are using a free vpn? 

I don't think you are always "100% safe no matter what" with anything, but there is a huge difference between using a VPN and not using it while in public wifi. You should definitely use one if you can. Without it, you are vulnerability to MITM attacks and people seeing what you are accessing.

So if you use vpn, then your are safe when using public wifi no matter what?

But once you have tested the tools in that site I was hoping that you could share your results after you have used the site. I am planning to compare the results the image you have use the tools in that site and I'll use the same tools of the same image you have download but before I can do that, I also need the source where you downloaded the image. Some cloud storage change the file size when uploaded in a cloud storage. File Size: 1.2MB and uploaded to the cloud storage then downloaded but the file size is now 1mb or less.

Thank you for the sweet message. I did read your post about your achievement on becoming senior member which came into my mind that anyone can achieve full member rank as long as you tried your best. I'm even surprise when I open my account the next day and saw my account having what I have right now.

Guys, you know you easily bind malicious software to images using a file binder after the virus or exploit has been encrypted to be undetectable it is usually bound together with a normal program or installs or an image file or doc file and then when it is run there is no trace of it.

What you can do if you want to check the image file is you can reverse engineer the image by using some tools like ida and check if you find some abnormalities in the code that you reverse engineer.

I used to do a fair share of malware research back in the day as well so if you find the jump point in the code that shows where the software itself starts or the image therefor and you find a jump point inside the code after you reverse engineer it that says something about running software or downloading something then you have found the virus.

but you would have to actually download the image and run it to get infected

I thank you for those sites, but I won't try using it now.
Some reasons:
- I don't actually have demand to use it for now (don't have need to download animated images at the moment).
- I will wait to get opinions or confirmations of others on those sites.

---

By the way, I felt happy to see you (one of my challenge's winners) moved nearly half of your pathway to Full Member.

I don't know if this is working 100% because I haven't tried checking images that may/had contained hidden codes that will be activated once the animated images loaded. You can try this one to check if an image contains a threat that can harm/take vital information that you stored on your device.

Take Note: Test their tools in another device which is not yours or in an internet cafe before using it on your own devices for safety purposes.

Here are the links:
Tools:
https://metadefender.opswat.com/#!/
https://www.opswat.com/free-tools

Explanation:
https://www.opswat.com/blog/hacking-pictures-stegosploit-and-how-stop-it

I don't think using VPN can make you safe in browsing using hotspot of public wifi since you are connected to it and you are being surveillance by the owner of that wifi you are connected to.

My computers always installed internet security and updated database. Maybe you raised a good point here about the hidden threats from animated images, and their operational mechanism to spread threats. However, as you said, and as I wanted, I would like to get solutions to check potential threats inside animated images.
I have rarely download animated images, despite of I sometimes like them. If there are ways to check threats in animated images, I might download safe ones after checking.

It is very risky to use VPN which required an access to your device(mobile device)/application(computer browsers) before you can use it. Avoid data sharing and more program that will ask permission to access your data that can be shared without you noticing.

Well, animated images can be combined with link that may have program that can take information or files after you got redirected to somewhere else that only bring harm in your device like viruses, malwares and more. What I meant about that is an animated images on internet. Some animated images like GIF will take you to a site that will automatic downloading a file that you haven't downloaded. I don't know any solution to this but make sure you update your anti-virus up to date most of the time and avoid clicking any images especially if it is given by a person on real time. It is the same in an animated button that will help you navigate which some will use it in hacking.

Just don't connect your device to public WI-FI networks unless you have to do so.

If you are connected to a public WI-FI make sure to access only HTTPS websites and never transmit any sensitive data.
Also make sure to turn off "file sharing" on your device.
 
A hacker on the same network will try to exploit old vulnerabilities, hence, a good practice is to always update all your softwares to patch security flaws.   

This. VPN provider can read and modify and save all traffic.


The best way to stay safe when being connected to an open wifi is to connect to your own vpn server at home.

Simply get a raspberry pi if you don't want to have your PC running when your not at home, and install OpenVPN.
You will be able to route the whole traffic through your home-network.

When only rarely being in an open wifi, this seems to be overkill. But if you regularly use open wifi's it might be worth to get a raspberry pi to host a vpn server.

You can disable most all scripts in firefox using NoScript addon and more
turn off js and all the others so that the images don't autoload

or just download tor browser it's fairly safe

Hey mate, unfortunately don't have a good answer to this. However, getting viruses from opening pictures (static or animated) is hard in general. Your best prevention in such scenarios is simply not opening photos from suspicious sources. Would update you if there is a better way to deal with this. Thanks for highlighting it.

use your own VPN server if you know how-to setup maybe thats will be better safe i think.
much more cheap server and support for TUN/Tap Tunning like OpenVPN, etc.

I second this. Usually I see antivirus software as a clog to my finely-working system, and I could live without them knowing that I only use my computer to just browse this forum and do some work-related stuff. The other aspects of my internet life I use a different machine for that, especially for gaming, downloading things and streaming movies online. In no way would I ever install Kaspersky or any other antivirus on my PC since Windows Defender had been pretty much a good company for my machine for the past 3 years.

You give me great tips to secure my life when connect to Internet. By the way, I would like to ask you and others that how to secure and stay safely from animated images? I read somewhere else that such animated images have higher security risks on static images. Does it right? If yes, how to stay safe from animated images when my friend send them to me?

I really don't recommend people to connect in public wifi or hotspots that are not trusted. Since, I saw a video on youtube that every transaction people made on that while connected can be viewed by the person with authority. For example, somebody moved his money to his savings account. As much as possible don't connect to public wifi or hotspots. Scammers are everywhere. And what if you are connected to a person that is an IT or a computer engineer and hacks you.

Binance has a good article on this: https://www.binance.vision/security/why-public-wifi-is-insecure

Some of the recommendations they listed:

I could be wrong, but I don't think your DNS actually matters if you're using a VPN service with built-in DNS leak protection, since you'll always be using the VPN-provided DNS.

I'm still very iffy about suggesting Kaspersky (or any other third party antivirus for that matter) because common sense + Windows Defender should be enough to protect you in normal day-to-day activities. To each his own though.

So you wouldn’t trust a random wi-fi, but you would trust just any old malicious VPN you happened to find on ‘underground forums’. That’s bad advice.

Only connect to wi-fi networks you have reason to trust. I avoid open ones, but I often use password-protected networks operated by some bona fide entity.

Similarly, if you decide to use a VPN, make sure it’s trustworthy. After all, whoever controls the VPN will be able to read and change all your plain-text traffic. Even when you’re using encrypted applications, the VPN owner will know where you connect and how much information you send and receive.

F-Secure Freedome is a widely used VPN with good reputation, but of course past performance doesn’t predict future results. With huge userbases comes huge responsibility, and as we’ve seen with Facebook and others, sometimes the temptation can grow too big. Remember those are all companies that seek to make a profit. ‘If you’re not the paying customer, you’re the product.’

I don't recommend a public DNS from google because I heard that google monitor's your activity through Google DNS.
You can try comodo DNS if you want to protect your self from phishing websites.

DNS SERVER of COMODO:8.26.56.26
DNS SERVER of COMODO:8.20.247.20

I got this DNS from here https://bitcointalksearch.org/topic/how-to-automatically-block-phishing-sites-and-any-unwanted-web-attack-3395101 you can use google translator if you want to follow his guide.

And I think you can protect your browsing activity from public wifi if you use some 3rd party apps or software to encrypt your internet like using a VPN(recommended one is IPvanish) and antivirus(Kaspersky is recommended. Just make sure for android user's you are not rooted because I already tested that if you are rooted with antivirus it can't prevent some viruses/apps to modify your system files.

Hi there, Kristinn Spence here with a new short tutorial for you guys

How to stay safer when using hotspots or public wifi that other people have access to as well
because now a day attacks such as arp poisoning and others are pretty common and as well as honey pot attacks that hackers utilize
to steal cryptocurrencies from people and also of course standard viruses and trojans.

But how to make yourself pretty much immune to Man-In-The-Middle MITM attacks and ARP poisoning and Honeypots
is basically best to run through a VPN and change your DNS servers for basic protection

Now a VPN is a virtual private network that routes all your internet traffic through a secure server out in the world so that all your traffic is handled by that server before you even go to a website or do anything on the internet it goes directly to that server before anything else.

But of course it will not 100% make you safe but it will increase the safety a lot and decrease the chances that you will be hacked.
you can get any VPN server on the internet like express VPN, tunnelbear, hotspot shield or others a simple google search will do the trick or you can find cheap ones on underground forums.

then after you do that right click on your connection and you are going to change your dns servers so that your ISP is not handling your DNS
also sometimes your internet connection becomes faster
here are details on how to change it
https://developers.google.com/speed/public-dns/docs/using

now, these are fairly simple and the most basic protection measures that you can take for your internet connection and I highly recommend doing at least this to protect your traffic because apart from this hackers can sniff your internet as well using tools like Wireshark and others but it is impossible to sniff encrypted traffic.