Why HTTPS Alone Won’t Keep You Safe On Public WiFi
Long ago when the internet was young, the standard system for sending data was HTTP (HyperText Transfer Protocol). Then we realized that information sent using this protocol was unsecured, and could be stolen by anyone listening in.
The solution was HTTPS, and it was a pretty good one. By encrypting the data you exchange with the internet, it provides pretty good protection against data theft and other forms of cyber attack. That's why it has become the standard protocol for accessing secure websites.
The Problem With HTTPS
There are some problems with HTTPS, though.
The protocol works by making use of another set of security protocols: TLS (Transport Layer Security). TLS is based in public key cryptography, where a combination of a public key and a private key is necessary to decrypt messages. To initiate a connection using HTTPS, your device shares a public key with the site you want to communicate with. After this 'handshake' is complete, a unique private key for your connection is generated, and all of the information you send and receive is encrypted.
The first problem with HTTPS arises in relation to DNS requests. Everytime you type an address into your device, your computer requests the location of this site from a DNS server. This information is not encrypted, and so can be seen by a hacker who has managed to infiltrate your network. The second, related security risk is DNS Spoofing, where an attacker will poison a DNS server and redirect you to a spoof site.
The third problem with HTTPS is that TLS is vulnerable to direct attack. This has been achieved via either punycode redirects, for instance, through which a spoof site can be made to look entirely legitimate. Or an attacker can infiltrate a target machine directly, and downgrade the TLS protocol in use to an older, less secure one.
And this is not even to mention that HTTPS has some vulnerabilities as well.
The best way to stay safe on public WiFi is to use a VPN. A quality VPN like PureVPN will provide you with cutting-edge encryption for ALL your data, including your DNS requests. This limits your exposure to both DNS leaks and DNS Spoofing attacks.
Whilst using a VPN, your public WiFi security is greatly increased, because all of your data is encrypted. Because you can also hide your true location, VPNs also allow you to avoid tracking, and to limit your exposure to targeted cyber attacks.
A high quality VPN like PureVPN will keep you safe from many of the most common types of cyber attack, whether you are using a public WiFi network or your home WiFi.
So take my advice: don't rely on HTTPS alone. Get a VPN, and take responsibility for your own cyber security.
MORE IN ITECHPOST
Does a Faster IT Network Mean Better Customer Service?
For most companies, there's a notion that the people they employ are the difference between poor customer service and a fantastic customer experience.
How Do Personal Emergency Response Systems Work?
Personal emergency response systems, known as PERS for short, are systems that help people to raise the alarm and get immediate help when a medical or personal emergency occurs. They are ideal for older people and anyone with a mobility issue or an injury or illness that can cause falls.
Game Developers’ Different Roles in the Studio
Learn about the different professionals involved in developing video games. Becoming a game developer is one of the coolest jobs around and your 14-year-old self, perched on the edge of your bed as you play PlayStation, will thank you for making such an awesome career move.