World-wide Wi-Fi: Free and easy, but is it safe?

If you’ve ever been involved with deadlines and deliverables in your business, you’re probably familiar with the old saying that “You can have it fast or you can have it cheap, but you can’t have both.”  When it comes to ubiquitous wireless Internet connectivity, I would paraphrase that to “You can have it free or you can have it safe, but you might not be able to have both.”

Consumers have embraced universal connectivity with a passion, and you can ferret out no-cost open networks almost everywhere these days, but money isn’t (or shouldn’t be) the only consideration when you’re about to join your device to a new, unknown network.  Even IT professionals, who should know better, sometimes get caught up in the “gotta get online” frenzy when traveling, as if the security issues that cause us to take numerous precautions back home somehow don’t apply if we’re on vacation.

I travel quite a bit, and one of my favorite modes of international transportation is via cruise ship. Just over the last three years, I’ve seen a big transformation in the attitude of cruise passengers toward use of the Internet while on vacation. In 2013, when I started cruising a lot, on board satellite-based Internet packages were available but they were excruciatingly slow, horrifically unreliable and shockingly expensive.  It didn’t matter much, because I was in the distinct minority for wanting online connectivity at all. The cruise forums and Facebook group discussions indicated that the vast majority of my fellow cruisers saw their vacations as a time to unplug and disconnect from all things electronic. Many even chastised those of us who dared to ask for better connectivity, implying that we were “doing it wrong.”

Today, faster and cheaper technology has made it possible to stay in touch via email, post pictures of your excursions and ship-board experiences in real time and get work done, even video conference from your stateroom if you so wish.  It’s still not as reliable as land-based technology, but new hybrid systems are making Internet at sea much more attractive and quenching the thirst of digital natives who are used to having a continuous stream of digital information flowing in and out of their devices no matter where they are.  The younger the cruise demographic gets, the more important it is for cruise liners to provide this option.

But what about when you get off the ship? A popular topic on the cruise forums is where to find free wi-fi in each of the ports. In most places, there is no shortage of such networks, and many travelers swear by them. I frequently hear, “I don’t buy the ship’s services; I wait until I get to port and connect free.”  Of course, it’s not only cruisers who are desperately seeking connectivity. Other travelers, along with locals, are always on the lookout for a place where they can get online, too.

As in the U.S., many restaurants, hotels and coffee shops provide free wireless connections for their customers. Sometimes these are open networks; other times they’re secured and you’re given a code or password when you purchase something or check in. Bandwidth, after all, is finite and it makes sense to limit connections lest you end up with all of the nearby tourists jumping onto your network and slowing down performance for your real customers.

There are some who don’t want to pay even for a cup of coffee so they go in search of completely open networks instead. There are plenty of ways to find so-called freenets and many resources on the web that keep track of where they’re lurking or tell you how to find them.  However, you have to be careful about where and how you connect. I won’t go so far as to claim TANSTAAFN (“There Ain’t No Such Thing As a Free Network”) because some entities and individuals do indeed share their bandwidth just because they want to offer others something for nothing. But all free networks are not created equal, so do your homework and err on the side of caution, lest you end up with a device full of malware and a credit record full of dings thanks to an enterprising identity thief.

Criminals set up open wi-fi hotspots in public places to lure unsuspecting Internet-hungry victims in, and tourist areas are prime locations for such shenanigans.  Since you can set the SSID (network name) to anything you want when you create a hotspot, scammers will give their networks names that imply they’re “official” hotspots or connected to a reputable business, such as “Nassau Airport Wi-fi” or “Municipal Public Wi-fi.” This tricks people into thinking the network is trustworthy. Be especially wary of networks that proclaim themselves “Free Wi-fi” as they’re often malicious hotspots attempting to leverage our natural propensity to want to get something for nothing.

Of course, legitimate public networks that require a password can be compromised, too.

Now you might expect Aunt Gladys or Uncle Pete to fall into this trap, but surely IT pros and tech savvy power users are immune, right? Well, not always. I’ve heard some horror stories from people who should have known better but who took the chance and connected to a questionable network in a tourist area and lived to regret it.

This reminds me of a few police officers I knew back in my law enforcement days, who were (in my opinion) shamefully irresponsible with their firearms. Because they had used them so much, they grew overly confident and complacent and relaxed their safety standards. Most of the time they were lucky and nothing bad happened, but in a couple of cases, the outcome was tragic – and it wasn’t because they didn’t know proper handling techniques, it was because they thought their “expert” status made them immune to an accident.

IT pros can fall into the same sort of complacency and although the result usually doesn’t put lives at risk, it can certainly threaten your financial well-being or even your job and the ensuing stress might even affect your health. Don’t be that guy (or woman).  Those who work in IT or are heavily reliant on connectivity may be vulnerable because unlike the average tourist who can take it or leave it, they feel a sense of urgency about reconnecting if they’ve been without the Internet for hours or days on a plane or ship.

It’s all too easy for an attacker to intercept data flowing across an open network.  When you visit unencrypted web pages or complete unencrypted online forms, others can capture that information with popular “sniffing” tools. Other computers connected to the network may be infected with malware that can be passed to your computer if you have file sharing turned on.  Even innocuous activities such as checking Facebook or email could expose you to risk if you’re one of the many people who use the same password or a close variant for all of your accounts.

It’s better to pay a few dollars for a more secure connection, but if you must connect to a free network, take the highest precautions. Use a laptop rather than a phone, be sure you have a good host firewall and anti-virus/anti-malware software installed and enabled, turn file sharing off, and even then, don’t do online banking or transactions that require you to enter credit card information, social security numbers and other sensitive data.  Use a VPN connection for accessing your work network over the free wi-fi network.

Sure, you’re an IT pro and you know all of this. But there are several factors that can cause you to let your guard down when you’re traveling, and take chances you wouldn’t think of taking back home. The stress of worrying about lost luggage, delays, changed itineraries and missing the boat (or the plane) can make you careless. On the other hand, if nothing bad happens, the lowered state of alertness that comes with having a good time – relaxing, having a few drinks, focusing on fun activities and new friends – can also make you more vulnerable.

The holiday season is right around the corner now, and many of us will be traveling to visit family or taking our families on winter getaways. ‘Tis the season, also, for scammers and attackers to come out in force anyway, and they’ll be ready and waiting for you to slip up and give them an opportunity.  Statistically, the odds of your computer being compromised are greater than those of your home being burglarized while you’re away, so be proactive and take steps to prevent it from happening to you. It’s especially embarrassing to be victimized by a hacker when all of your friends look up to you as the computer expert.