0

What exactly is it that make public wifi so insecure? Is it because about anyone can connect to the network and that my device will be visible to people just as it is visible to other devices in my home network? And what is it that's supposed to make 3g/4g connections more secure?

Anders
  • 64,406
  • 24
  • 178
  • 215
Jobo
  • 3
  • 1

2 Answers2

1
  • Many public access points have no security at all. This means anyone within range (and with the right antennas and amplifiers that can be several hundred meters) can read all traffic.
  • Many of those that do use WPA2. Anyone with the password can decrypt all traffic.
  • Even if your traffic was safe from other users do you trust the owner of [random cafe] not to read or mess with your traffic?
  • With a device like a WiFi Pineapple you might not even be connected to the network you think you are.

3G/4G wise data traffic is encrypted with a per user key. Although it has its own problems - see my answer here.

With any network you do not fully control you should use a good secure channel over the top - for web access either HTTPS/SSL (remote server identity verification and hides content but not who you are talking to) or a VPN.

Hector
  • 10,893
  • 3
  • 41
  • 44
1

Public WiFi is just a open network. Becouse anyone in a network can manipulate traffic inside that network (see is there any security threat with open wifi connection) You are basically trusting all other clients in the network, not just all wifi clients but all network clients. like:

  • Wired clients.
  • Access Points.
  • Routers.
  • Switches.
  • Modems.

all of these could be used to record or manipulate the data you send and receive. Since you do not have any legal contract with the other parties you can not file a legal claim against any of them if there is any serious misuse (the main reason 3G/4G differs, aside from the per channel encryption as @hector already describes).

So Basically WiFi is as secure as its components are, since in a public / shared WiFi connection you have no control over the components and the components can be added by any party, it has an intrinsic hostile network state (you can not trust anything about the network or what you send / receive on it).

the primary way to safegeurd yourself from manipulation of your actions is employing a VPN connection to a known secure endpoint. This does not close the door for directed attacks to your device though and (if applicable) you should employ firewalls and other techniques to safeguard yourself.

3G/4G does not have the same threat as the network normally does not have a way to transmit data to a device without the device initiating a connection first. (this is a setting done by the Mobile company though not a given network property).

TL;DR Public wifi is bad for security because there is no known secured part, and any part not known safe is considered insecure. 3G/4G is safer than Wifi because the way they are normally setup is in such a way to protect customers (and carriers).

LvB
  • 8,217
  • 1
  • 26
  • 43