Is it OK to connect to a foreign, unsecured WiFi network?

Most of us have been there at least once: on the go, needing broadband to send or receive that oh-so-important email, and searching desperately for a connection. We scan for available wireless networks and see “Linksys” or “Default” or “Netgear” with 4-5 bars of strength, unsecured, tempting our otherwise cyber-security-minded selves. Should we connect? Is it dangerous? Even if it’s for just 5 minutes?

Let’s talk about a few general guidelines.

First off, in several states it is technically illegal to use an open WiFi access point (please see the Electronic Communications Privacy Act or Computer Fraud and Abuse Act for more details on specific states). The reality is that while these laws may be in place on the books, we have yet to see anything enforced.

In terms of your personal or corporate exposure, fundamentally, if you are connecting to an open, unsecured, foreign WiFi network (or any network for that matter), any and all data packets you send are subject to legal interception by the network administrator. It is certainly illegal for anyone that were to capture sensitive, personal information to use this information in a fraudulent way, but nevertheless, the data itself is completely exposed. Additionally, if you have any folders designated as shared, a semi-sophisticated hacker (who may not be the network administrator but also a freeloader) would be able to get into these folders, and then possibly into the rest of your hard drive. These are, of course, the worst case scenarios but important to be aware of.

The reality is that it is highly unlikely that anyone that was not wise enough to secure their WiFi network in the first place, let alone change the SSID from the default setting, would have the first clue of how to intercept packets. While this may be the case, however unlikely, it is also possible that you are walking into a trap. It is more likely that a hacker is on the network with you and targeting any of the freeloaders. However, the most likely scenario is that this is, for all intents and purposes, “safe.”

My general guidelines would be that if you simply “have to” jump on a foreign, unsecured, WiFi network, make sure you are not sharing any folders on your hard drive and limit your Internet activity to web browsing and non-confidential emailing. I do not suggest online banking, gambling, stock trading, or anything that has to do with money or highly sensitive information or passwords; It’s just not worth it. Keep your Internet activity short and sweet and then disconnect. If you have a VPN, use it, although be forewarned that this is not bulletproof either, as it is possible to implement a hacking technique called “man-in-the-middle” on VPNs through WiFi access points.

Wherever and whenever possible, you want to connect to a WiFi network that you are familiar with: either at your own home or office and through commercially available services, like Skywave Broadband or T-Mobile.