topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 18, 2018, 04:54 PM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Public WiFi  (Read 2187 times)

kalos

  • Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 1,691
    • View Profile
    • Donate to Member
Public WiFi
« on: April 25, 2018, 08:56 AM »
Hello!

At work the company offers public wifi after registration with your email. My question is, is it possible and easy for them to monitor, not the webpages visited (that's easy), but the text typed and submitted in webpages like dating websites and/or mobile apps, like Whisper, Chat apps, Dating apps, etc?

Thanks!

skwire

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 5,032
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #1 on: April 25, 2018, 09:41 AM »
My question is, is it possible and easy for them to monitor, not the webpages visited (that's easy), but the text typed and submitted in webpages like dating websites and/or mobile apps, like Whisper, Chat apps, Dating apps, etc?

Absolutely, it is possible.  Whether they do, or care, is another question.

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,568
    • View Profile
    • Miles Ahead Software
    • Donate to Member
Re: Public WiFi
« Reply #2 on: April 25, 2018, 10:40 AM »
My question is, is it possible and easy for them to monitor, not the webpages visited (that's easy), but the text typed and submitted in webpages like dating websites and/or mobile apps, like Whisper, Chat apps, Dating apps, etc?

Absolutely, it is possible.  Whether they do, or care, is another question.


I think if you are typing over an https connection via a browser you may have some protection.  It must be better than nothing since so many sites provide https nowadays.  It would be interesting to find out more but afaik stuff between your computer and the WiFi modem is "in the clear" unless what you are typing into encrypts it.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 9,895
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #3 on: April 25, 2018, 12:34 PM »
I think if you are typing over an https connection via a browser you may have some protection

Nope.

https://privatebrowsingmyths.com/

https protects the information that is being transmitted.  not the nature of the transmission.  And that data is still not secure, especially if they use a proxy.  Best practice?  Pretend that it's all open, and don't do anything that you don't want anyone to see.

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 8,597
    • View Profile
    • The Blog of Deozaan
    • Donate to Member
Re: Public WiFi
« Reply #4 on: April 25, 2018, 12:43 PM »
I think if you are typing over an https connection via a browser you may have some protection

Nope.

https://privatebrowsingmyths.com/

https protects the information that is being transmitted.  not the nature of the transmission.  And that data is still not secure, especially if they use a proxy.  Best practice?  Pretend that it's all open, and don't do anything that you don't want anyone to see.

Aren't we talking about information that is being transmitted here? OP isn't asking about whether or not the website he visits can be tracked, but whether or not the information he types while on the website can be trackrf. If it's being transmitted over HTTPS then the data he types and submits to a site should be encrypted and untrackable. That is, assuming he doesn't have a keylogger on his PC. . . :-\
« Last Edit: April 25, 2018, 01:41 PM by Deozaan »

skwire

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 5,032
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #5 on: April 25, 2018, 01:13 PM »
Best practice?  Pretend that it's all open, and don't do anything that you don't want anyone to see.

Exactly.  With the right equipment and setup, it's exceedingly easy to MitM attack an HTTPS stream.

Disclaimer: I'm a systems engineer with Fortinet, one of the world's largest cybersecurity hardware vendors.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,483
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #6 on: April 25, 2018, 01:52 PM »
Best practice?  Pretend that it's all open, and don't do anything that you don't want anyone to see.

Exactly.  With the right equipment and setup, it's exceedingly easy to MitM attack an HTTPS stream.

Disclaimer: I'm a systems engineer with Fortinet, one of the world's largest cybersecurity hardware vendors.


I'm with these guys - There is no such thing as privacy in public. Or on the internet period depending on which part of the food chain is want to eyeball your knickers...

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,046
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #7 on: April 25, 2018, 05:49 PM »
He also mentioned mobile chat apps, ones that implement end-to-end encryption should be fine ... provided they are open source and thus subject to review, (eg. Signal).

However, I suspect the number of dating apps that fall under that umbrella would probably be approaching zero.

Could always use a VPN to obscure data from the employer.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 9,895
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #8 on: April 25, 2018, 11:10 PM »
Could always use a VPN to obscure data from the employer.

I wouldn't.  In many jobs they view using an unregistered VPN as you are doing something wrong.  Even if the policies don't say that, it can get a side-eye.

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,046
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #9 on: April 26, 2018, 04:42 AM »
Could always use a VPN to obscure data from the employer.

I wouldn't.  In many jobs they view using an unregistered VPN as you are doing something wrong.  Even if the policies don't say that, it can get a side-eye.

Pretty sure that's not going to apply in this case.

At work the company offers public wifi after registration with your email.

It's a publicly accessible WiFi, all they could really do is make it a condition of use when you connect to it that you won't use a VPN.

The only way they could enforce it is through traffic analysis I would think.

Doesn't really matter what kind of strange look they give you, they're the ones that provided the free public access.  Unless there's something specifically barring employee use and VPNs, they really have no comeback.

Besides, can they really complain when an employee shows good security protocol by using a VPN to access a public WiFi network?

Personally, I've yet to access a public WiFi where I couldn't use a disposable email address and then use a VPN, most T&C are limited to don't engage in actions which are detrimental to anyone else and trying to score a one night stand doesn't really come under that heading.
« Last Edit: April 26, 2018, 04:56 AM by 4wd, Reason: GFU »

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 9,895
    • View Profile
    • Donate to Member
Re: Public WiFi
« Reply #10 on: April 26, 2018, 06:24 AM »
You might be totally correct.  I just wouldn't jeopardize my job over something so insignificant, personally.