Why HTTPS Alone Won’t Keep You Safe On Public WiFi
Long ago when the internet was young, the standard system for sending data was HTTP (HyperText Transfer Protocol). Then we realized that information sent using this protocol was unsecured, and could be stolen by anyone listening in.
The solution was HTTPS, and it was a pretty good one. By encrypting the data you exchange with the internet, it provides pretty good protection against data theft and other forms of cyber attack. That's why it has become the standard protocol for accessing secure websites.
The Problem With HTTPS
There are some problems with HTTPS, though.
The protocol works by making use of another set of security protocols: TLS (Transport Layer Security). TLS is based in public key cryptography, where a combination of a public key and a private key is necessary to decrypt messages. To initiate a connection using HTTPS, your device shares a public key with the site you want to communicate with. After this 'handshake' is complete, a unique private key for your connection is generated, and all of the information you send and receive is encrypted.
The first problem with HTTPS arises in relation to DNS requests. Everytime you type an address into your device, your computer requests the location of this site from a DNS server. This information is not encrypted, and so can be seen by a hacker who has managed to infiltrate your network. The second, related security risk is DNS Spoofing, where an attacker will poison a DNS server and redirect you to a spoof site.
The third problem with HTTPS is that TLS is vulnerable to direct attack. This has been achieved via either punycode redirects, for instance, through which a spoof site can be made to look entirely legitimate. Or an attacker can infiltrate a target machine directly, and downgrade the TLS protocol in use to an older, less secure one.
And this is not even to mention that HTTPS has some vulnerabilities as well.
The best way to stay safe on public WiFi is to use a VPN. A quality VPN like PureVPN will provide you with cutting-edge encryption for ALL your data, including your DNS requests. This limits your exposure to both DNS leaks and DNS Spoofing attacks.
Whilst using a VPN, your public WiFi security is greatly increased, because all of your data is encrypted. Because you can also hide your true location, VPNs also allow you to avoid tracking, and to limit your exposure to targeted cyber attacks.
A high quality VPN like PureVPN will keep you safe from many of the most common types of cyber attack, whether you are using a public WiFi network or your home WiFi.
So take my advice: don't rely on HTTPS alone. Get a VPN, and take responsibility for your own cyber security.
MORE IN ITECHPOST
NUS 'Smart' Textiles Boost Connectivity Between Wearable Sensors by 1,000 Times
Over the past decade, a major trend in electronics has been the development of sensors, displays and smart devices that are seamlessly integrated into the human body.
A New Material for the Battery of the Future, Made in UCLouvain
Renewable sources of energy such as wind or photovoltaic are intermittent. The production peaks do not necessarily follow the demand peaks.
Top 5 Video Games to Play for a Truly Unique First Date
Video games have a way of taking us outside of ourselves and live in a fantasy world. It's even better when you're playing a game with someone special!