Public Wi-Fi is convenient, fast, and free. In addition, you can usually login without user credentials; you may just have to acknowledge the acceptable use policy statement before connecting.
Can you be tracked on public Wi-Fi? The short answer is yes you can! There are several ways a user can be tracked on public Wifi; through cookies, device information, and traffic analysis. There are several things that a user should be aware of when using public Wi-Fi.
Ways a user is tracked
Cookies are little bits of data that track a user’s browsing habits, sends that data to other sites and aids in the process of sending targeted ads to the user. Cookies are used for several purposes, one being session cookies which are created upon initiating a session after logging into an account.
“Cookies allow a Web site to store information on a user’s machine and later retrieve it. The pieces of information are stored as name-value pairs.
- If you type the URL of a Website into your browser, your browser sends a request to the Web site. For example, if you type the URL http://www.amazon.com into your browser, your browser will contact Amazon’s server and request its home page.
- When the browser does this, it will look on your machine for a cookie file that Amazon has set. If it finds an Amazon cookie file, your browser will send all of the name-value pairs in the file to Amazon’s server along with the URL. If it finds no cookie file, it will send no cookie data.
- Amazon’s Web server receives the cookie data and the request for a page. If name-value pairs are received, Amazon can use them.
- If no name-value pairs are received, Amazon knows that you have not visited before. The server creates a new ID for you in Amazon’s database and then sends name-value pairs to your machine in the header for the Web page it sends. Your machine stores the name-value pairs on your hard disk.”
Device location services should be turned off unless actively using it for a service such as navigation. Location services will give off your device physical location which can be retrieved by apps that have location data permissions.
Traffic analysis is performed by using a packet capture tool such as Wireshark. The purpose of packet capture is to see all network traffic through a network in real-time. Even if the traffic is encrypted, it is still able to be captured with traffic analysis.
Unfortunately, public Wi-Fi spots are watering holes for attackers as there many victims available. An attacker can deploy a packet capture tool, grab as many packets as possible, and then analyze the packets at a later time. From here, session cookies can be stolen, IP/MAC addresses analyzed, and account hijacked.
VPN’s help with public Wi-Fi security concerns
How safe is public Wifi?
Although the cost is usually free, public Wi-Fi isn’t historically isn’t safe. There is a trade off with free WiFi; mainly being that your traffic isn’t encrypted and is vulnerable to “sniffing” or packet capturing by a malicious third party.
Many people who aren’t tech savvy, opt for auto-reconnect, save passwords, and ‘remember me’ selections. I love convenience but there is a time and a place; and public wifi is not that place. There are just too many risks.
Additional threats in a public Wi-Fi environment are:
- Rogue access points
- Bluetooth attacks
- Man-in-the-middle attacks (MITM)
- Packet sniffing with Wireshark
- Risk of accounts, credit card information, social security numbers being compromised
Public Wi-fi and mobile device threats to be aware of
Rogue access points are “…devices not sanctioned by an administrator, but are operating on the network anyway. This could be an access point set up by either an employee or by an intruder. The access point could also belong to a nearby company.”
Rogue access points may look like a Wi-Fi signal on your device that you can connect to. It may have the same name as the legitimate Wi-Fi network as well. If an innocent user were to connect to the malicious network, sensitive information could be captured.
Many people get caught up in their lives that they forget to turn off their Bluetooth service.
Bluetooth attacks involve Bluejacking, Bluesnarfing, and Bluebugging. These attacks are common on mobile devices:
- Bluejacking involves sending unsolicited SMS messages to Bluetooth enabled devices. These could appear like a phishing attempt
- Bluesnarfing attacks are meant to provide unauthorized access to the devices internal data like texts, widget information, calendar, and contacts to name a few
- Bluebugging attacks are intended to provide root access and gain control over the device. There is a lot an attacker can do such as turn the microphone on, taking camera shots, sending texts, and many other tasks.
Bluetooth attacks are common in areas with high foot traffic like a Wi-Fi café, bus station, or airport. In addition, near field communication or NFC is a simple technology used widely in touchless payment applications. It is similar to RFID technology and it is easy to intercept by attackers. The most common types of data that can be stolen in transit is credit card information.
For example, when someone is paying for their bar tab at a high end club, they might be using a touchless payment option like Google or Apple pay. These signals can and do get captured. The data is then analyzed for payment information and used illegally.
Things that you can do to prevent Bluetooth/NFC attacks and interception are:
- Turn the Bluetooth function off on your device when not in immediate use
- Don’t use the Bluetooth function in public places
- Ensure all apps don’t require the Bluetooth permission before installing, and if they do then deny that permission if you decide to install it
- Opt for non-touchless payment options like cash and credit cards
- Disable NFC, RFID, and Bluetooth settings on all devices especially in public places
Man-in-the-middle attacks (MITM) are attacks in which the malicious user “…makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.” 
Packet sniffing with Wireshark enables an attacker to capture network traffic packets going through a specified network interface. Information that can be captured is IP/MAC addresses, cookies, and other device information. Wireshark can dissect each packet thoroughly as well.
Risk of personal information increases when a user doesn’t use any security controls, if their public firewall is disabled, weak passwords used, or cookies are always allowed. In addition, using payment portals, checking email or sensitive accounts, or lack of anti-virus controls will leave you vulnerable in an unprotected wi-fi environment.
Tips on using public wifi
What follows is a list of effective techniques to use when accessing a public wi-fi network. We all know it’s important to protect our data in public. But how do we do that? Through a set of basic security best practices that we use in whatever digital environment we are in.
There are several things a user can do to protect their systems from threats in a public wi-fi setting. The most effective tool is user awareness. If the user is educated then they have a much higher chance of protecting their data and systems.
If using public wi-fi can be avoided, then it should be. There are just too many risks involved. There are alternatives like utilizing your mobile devices’ hotspot to connect your tablet or laptop.
Here are some great tips for cautiously using public wi-fi:
Don’t conduct business of a sensitive or personal nature on public wi-fi unless you:
- Are using a virtual private network (VPN)
- Disable auto-connect feature on public networks
- Don’t visit any pirating, free media/software content, or any other website that isn’t legitimate
- Masking your machine from network scanners or other detection software
- Are absolutely positive that the network you connected to ISN’T a rogue access point, otherwise your VPN traffic won’t mean anything
To learn what a VPN is and how to choose one go here
- Have anti-malware tools and scanners ready to deploy if needed
- Are familiar with cyber security best practices
- Only connect to a website that uses the HTTPS protocol NOT http. (The ‘S’ means that the website is using the http protocol with secure sockets layer or SSL. This makes the website connection secure)
- Unless the public wi-fi is using an encryption of at least WPA2, you should not connect to it. (WPA2 is more secure than WEP. You can see what encryption the wi-fi access point is using by looking at the details, see figure 1)
Hopefully, this article has been informative, helpful, and a little scary for you. The threats are real and they are very scary. It is important that we all use cyber security best practice in order to protect out data, systems, and livelihood.
Once user awareness has played its part, we will be informed and well equipped to take on the threats that exist.