Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: How to know if public WiFi is secure?
6 points by shaunregenbaum on June 21, 2021 | hide | past | favorite | 8 comments
Is there an easy application or web-app to determine if a public wifi hotspot is predatory or legitimate?



What is your threat model? If you’re worried about some rando capturing the airwaves and snooping on your traffic, then you’re secure as long as you’re connected to a WPA2 or WPA3 encrypted network, which pretty much every hotspot supports. If you’re worried about whether you can trust the hotspot itself, then no - trust is a social problem, not a tech problem.


Doesn't the issue of sniffing persist if someone else is connected to the same network? Just power up wireshark and you're good to go?


No, each session is encrypted separately. Your connection to the wifi router is encrypted with a different session key than someone else’s connection to the same wifi network.


Can't this trivially be worked around by sending deauthentication packets to kick the victim off the network and then capturing the 4-way handshake when they try to reconnect, which you can decrypt without bruteforce because you already know the network's PSK?


There is a deauthentication attack which can really annoy people, and I think WPA2 can be broken pretty quickly, but I don’t know enough of the details to answer that question.


Best assume it's not and use a VPN.


You know it's secure if your trusted and secure VPN can connect through it.

Otherwise, there's really no way to know what they are doing behind the scenes.


What's your threat model? The vast majority of websites and services use HTTPS or some other protocol over TLS so the data will be encrypted & authenticated regardless of the security of the network itself.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: