'Those who unquestioningly jump onto open wifi points are the lowest-hanging fruit of all'
'Those who unquestioningly jump onto open wifi points are the lowest-hanging fruit of all'

Using a hotel's free wifi hotspot? It could end up costing you a fortune

You may be gently lobbing completely unencrypted information into someone else's hands, says Rhodri Marsden

Rhodri Marsden
Thursday 03 March 2016 00:30
Comments

A disgruntled hotel guest made his feelings clear on social media when his internet connection kept dropping. "Dear hotels all around the world," read the succinctly worded tweet, "sort your f**king wifi out." It's a complaint that many of us can identify with, but it's a bit like moaning about drab décor after wandering into the lions' enclosure at the zoo.

"Never, ever use hotel wifi," came a reply from another Twitter user, who admitted that this was the "boring security response". But he was right. For years we've been logging on to open wifi hotspots in hotels, airports and cafés in the hope of grabbing some delicious free data, happily inputting our details into some kind of login screen (a "captive portal") and enjoying the temporary internet access we've been granted. But if you haven't entered a password to connect to the access point in the first place, you may be gently lobbing completely unencrypted information into someone else's hands. Establishing that initial wifi connection can turn us into sitting ducks – and if you're in a posh hotel, the more sumptuous a potential target you are for hackers. Worse still, you'd probably never know that your information is being siphoned off.

A timely reminder of the dangers of open wifi points came this week, when a journalist from USA Today, Steven Petrow, recounted the story of how he was stopped by a fellow traveller after an American Airlines flight and told that he was one of many passengers who'd unwittingly revealed personal information by using the onboard wifi. The guy then proceeded to read to Petrow the contents of some of his personal emails. "That's why this story is so important to everyone," he said, before disappearing out of sight. "It's about everyone's privacy."

The vice-president of the company that provided the wifi service for that flight, Gogo Wireless, later acknowledged to Petrow that its hotspots were the same as any other open wifi hotspots, and cautioned "against accessing sensitive materials" during the flight.

But caution is not the predominant emotion when people are looking for a way to access the internet. Impatience and anticipation ride roughshod over caution, and hackers know it. On a flight, said hackers then have endless hours to calmly explore the vulnerabilities of hundreds of devices from a comfortable airline seat. Well, comfortable-ish.

Issues of online privacy tend to sit awkwardly in a grey area between personal safety and paranoia, but while each of us has very different attitudes towards risk, the total lack of security in place across your average open wifi hotspot is so obvious that you wonder why operating systems don't replace their cute little fan symbols with skulls and crossbones – or at the very least a warning sign.

While you're never completely safe in a digital world, you don't have to be the low-hanging fruit, and those who unquestioningly jump onto open wifi points are the lowest-hanging fruit of all. If you're going to use them, tighten your firewalls, lock down your sharing settings and, if possible, use a VPN (virtual private network) service – decent ones cost as little as £3 a month. If you have the option to use your mobile phone as a wifi hotspot, and you've got the data allowance, use that instead. That option won't be open to you on a flight, of course, but hey, you're on an aeroplane. Marvel at the wonder of modern air travel, give your brain a rest and resist the lure of the internet. Just for a few hours.

twitter.com/rhodri

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in