Dangers of using unknown WiFi networks

Most consumers and professional use public networks to communicate in an ever mobile and traveling world. According to a survey of 1,025 people conducted by Symantec in May 2016, of the 60% of American consumers who believe that their information is safe when using public Wi-Fi, only 50% believe that they bear any personal responsibility for ensuring that their data is secure. 17% of those surveyed believe that individual websites are responsible for making sure that visitor data is secure, while the same percentage think that this duty falls to the Wi-Fi network provider.

In and of itself, a wireless access point (WAP) or wireless network connection isn’t inherently dangerous. It becomes so if it’s unsecured – allowing the movement of data without any form of encryption or security protection.

Before you use unknown WiFi networks or Public networks, ask yourself the following questions:

  • What’s the exact name of the network?
  • What’s the procedure for logging in?
  • Anything else that visitors should know about?

Otherwise, you run the risk of being victimized by cyber-criminals who may have set up a fake wireless access point, or Wi-Fi “honeypot” to trap unsuspecting visitors at that location.

The fake hotspot may look just like what you’d expect – down to the name and logo of the establishment. But the Wi-Fi network is one owned and operated by hackers or cyber-criminals. And logging into it through a lack of due diligence could expose you to any number of dangers they might impose. The same features that make free Wi-Fi hotspots desirable for consumers make them desirable for hackers; namely, that it requires no authentication to establish a network connection. This creates an amazing opportunity for the hacker to get unfettered access to unsecured devices on the same network. Hackers can also use an unsecured Wi-Fi connection to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer.

As mobile Wi-Fi becomes increasingly common, you can expect Internet security issues and public Wi-Fi risks to grow over time. But this doesn’t mean you have to stay away from free Wi-Fi and tether yourself to a desk again. The vast majority of hackers are simply going after easy targets, and taking a few precautions should keep your information safe.

Solution: A Virtual Private Network (VPN) service or app is the centerpiece of your defenses against unsecured Wi-Fi. A VPN imposes strong encryption on all data moving to and from your device during each session – so even if a hacker were to intercept your connection, they’d be hard pressed to decrypt any data they find, and much more likely to discard it in favor of easier pickings from unprotected users. Also having a well-configured firewall (corporate or personal) filtering transmissions to and from the network, and an up to date suite of security software (anti-malware, anti-keylogger, etc.) still holds as well as monitoring devices on your network are essential ways of reducing risk to the network.

Keep an eye on further updates by subscribing to our mailing list.

How to regain control over the secret life of your most important app

TL;DR: Pretty much every website uses third-party code that could track or be malicious. You could stop that in most part, without giving up the website functionality installing a browser extension described below and adjusting it properly to your browsing habits. At the end of the article you’ll find a way to download a configuration file that speeds the process up.

Modern web browsers have grown into creatures resembling, to a large extent, the very operating systems they run on. Yes, I’m looking at you, Chrome/ium. I haven’t found any research on it, but I’d wager that almost all the people using desktops or laptops have a browser open in the background at any given time. As a consequence of their nature and footprint, browsers attack surface is much bigger than any other regular application. Yet when you look at what they are driven by, it’s mostly content outside your control! Unless you’re submitting forms all day, the vast majority of requests initiated by your browser will be in response to external stimuli, which are likely to modify the Document Object Model (DOM).

Of course designers and programmers go to great lengths to mitigate those dangers, but paranoid security conscious type individuals (& organizations) never like to bestow safety so easily into the hands of others. Back in the days of using Windows as my primary operating system, I loved the feature of ZoneAlarm firewall which displayed a notification any time any process tried to access the Internet along with buttons to grant or deny the request. For a very long time it’s been bugging me that I couldn’t conveniently see and influence where my browser sends data. Thus, I was excited to discover that a similar concept had been implemented for Chrome and Firefox.

Enter the (u)Matrix

I stumbled upon uMatrix a couple of months ago. Unsurprisingly, it has been occupying the first place in my personal ranking of Firefox extensions ever since.

It has evolved from http-switchboard, which split into uBlock Origin and uMatrix itself. While uBlock focuses on pre-defined list of requests to block, its cousin acts like a configurable firewall, preventing the browser from making certain types of requests in various contexts – visited domains. Let’s say you visit your favourite blog, which loads some JavaScript off facebook.com. With uMatrix you can block exactly those requests without affecting content fetched from other domains when visiting that blog.

By default, there are no restrictions on loading anything from the domain you’re visiting and its subdomains. All the other domains, however, are restricted to only serve images and CSS. The extension comes with several lists of known malicious and tracking domains, where nothing is fetched from. It goes without saying that everything is configurable and in fact pretty soon after uMatrix is first enabled you discover that it breaks the Internet.

With great power comes great responsibility

Isn’t it empowering to finally know all the places your browser is calling when you visit your favourites? Frankly, I never knew many of the blocked tracking domains existed. Some of them pop up in the dashboard regularly. That said, before you jump straight in and install uMatrix in every browser under your management, let’s take a look at the immediate repercussions of doing so.

Most places on the Web these days are better described by the word *application* than *website*. Media-rich content and large quantities of JavaScript abound. Unfortunately, that means that the experience of browsing those sites is going to be severely affected with default settings of uMatrix. The effects range from disappearing or misaligned menus to completely broken apps like Google Docs to you being greeted with a blank page. Yep, there are sites out there that just won’t load at all without 3rd party JavaScript. Graceful degradation, anyone?

Usually once you’ve loaded a page and glanced at the dashboard it’s obvious what needs to be allowed to load. More often than not, however, loading one script causes a request to yet another (sub-)domain, so it may take up to six “allow-reload” cycles until you get the page fully working. In most cases, once the main page is okay you need to allow a couple more cells until the login area/form is functional, if the site has one.

Bending the rules

Naturally, the initial ‘learning’ phase depends on how many websites you visit most often. For me, after a week of regular browsing and adjusting the matrix I was able to come back to previous level of comfort. That is, with the added peace of mind that all the AdWords and Facebook tracking code is no longer following me everywhere I go.

I realise that a week of clicking around and mashing F5 (refresh) just to browse might seem to be too much. Therefore I want to share with you my curated rules file that you can import straight into uMatrix. It contains a minimal set of rules necessary for the following web apps sans tracking at the time of writing:

  • airbnb.com
  • amazon.com
  • atlassian.com
  • bitbucket.org
  • booking.com
  • currencyfair.com
  • disqus.com
  • docsend.com
  • easyjet.com
  • facebook.com
  • fast.com
  • github.com
  • google.com
  • klm.com
  • linkedin.com
  • mailchimp.com
  • mailgun.com
  • meetup.com
  • mouser.com
  • nationalexpress.com
  • nationalrail.co.uk
  • noip.com
  • opennic.org
  • openstreetmap.org
  • paypal.com
  • protonvpn.com
  • ryanair.com
  • skype.com
  • slack.com
  • toggl.com
  • trello.com
  • twitter.com
  • vimeo.com
  • whatsapp.com
  • youtube.com
  • zoho.com
  • zoho.eu

Fetching scripts from code.jquery.com and ajax.googleapis.com is allowed for all domains.

Furthermore, it enables referrer spoofing and User-agent spoofing for every domain. It makes it harder to fingerprint your browser and doesn’t break any of the sites I visit on a regular basis.

Sign up to our newsletter to receive the configuration file along with the installation instructions! You’ve now got a foundation to build upon.

I hope this helps making your online identity less exposed, even if just by a tad. I’m waiting to hear about your experience of uMatrix!