Avoid using Public Wi-Fi in South Africa

Hanno Labuschagne

Expert Member
Staff member
Joined
Sep 2, 2019
Messages
1,072
Avoid using Public Wi-Fi in South Africa

If you can avoid using public Wi-Fi, you should. This is the view of ESET Southern Africa CEO and cybersecurity experts Carey van Vlaanderen.

Speaking to ENCA, van Vlaanderen said public Wi-Fi hotspots are notoriously insecure and make it easy for criminals to target unsuspecting users.

“We have a situation where the networks are not authenticated at all, or where you have to authenticate and give your personal information to unknown parties,” she said.
 

Geoff.D

Honorary Master
Joined
Aug 4, 2005
Messages
15,297
Tell me what is the difference between public Wi-Fi and just about every mobile data service operator in SA? Especially the ones that are using the ISM bands for service provision. Which mobile data service is truly secure?
 

Polymathic

Honorary Master
Joined
Mar 22, 2010
Messages
17,686
What I'm hearing from tech YouTubers now is that as long as you are visiting websites with secure connections is perfectly safe to use Public Wi-Fi
 

quovadis

Expert Member
Joined
Sep 10, 2004
Messages
4,349
MITM with everything using TSL/SSL?
If you control the network and reroute the DNS to a third party site using an IDN or similar looking domain name with SSL would you notice? Yes it’s possible and that’s a relatively unsophisticated approach.
 

chrisc

Executive Member
Joined
Aug 14, 2008
Messages
8,536
As long as you don't do banking (banking websites won't let you in anyway) its ok. Mainly for social media applications anyway
 

quovadis

Expert Member
Joined
Sep 10, 2004
Messages
4,349
That is not MITM that is phishing.
Lol. No it's not. If you redirect the end user via a third party site similar-looking domain you can decrypt the traffic while reverse proxy'ing it to the legitimate site viewing or capturing all the traffic which is transported.
 

Geoff.D

Honorary Master
Joined
Aug 4, 2005
Messages
15,297
Call me informed and dumbfounded by all this laziness to write out things. Thanks for the lesson in media speak.
 

system32

Expert Member
Joined
Dec 29, 2009
Messages
3,458
Just use a proper VPN.
The VPN provider can be a a risk.

Pretty straight forward to setup your own VPS + VPN, or run a VPN service at home.

ssh -D 8080 user@myvps works well as a SOCKS5 proxy.


Speedtest.net and cloudfront (1.1.1.1) are both offering free VPN.
 

quovadis

Expert Member
Joined
Sep 10, 2004
Messages
4,349
If the middle relay (attacker) pulls this off, they would only get the public key from the certificate it received from the server, the client's device has the private key in order to decrypt the traffic. Am I wrong?
You're wrong. You don't require the certificate at all. All you need is the ability to respond with a fake DNS response sending the user to another similar looking domain site which reverse proxies to the real site - in that case there's no end-to-end encryption.
 

backstreetboy

Honorary Master
Joined
Jun 15, 2011
Messages
18,071
The VPN provider can be a a risk.

Pretty straight forward to setup your own VPS + VPN, or run a VPN service at home.

ssh -D 8080 user@myvps works well as a SOCKS5 proxy.


Speedtest.net and cloudfront (1.1.1.1) are both offering free VPN.
Sure that's why you go with one where you know who the owner is and can see how they act and what they say online.

Yeah no I don't trust Cloudflare or speedtest.net plus setting up my own won't give me Netflix access in 6 different locations.
 

Daruk

Honorary Master
Joined
Jul 18, 2008
Messages
46,204
I really don't see how, in 2020, people still believe this. Data collection sure, but even the legit hotspots will ask for your info and spam you/sell it - that is how they can provide free service.

MITM with everything using TSL/SSL?
Not sure what you mean. DNS spoofing MITM will fool most of the SA public.
 

Daruk

Honorary Master
Joined
Jul 18, 2008
Messages
46,204
That is not MITM that is phishing.
No. Phishing is when you send the user to a site they didn't intend to visit. Only part of the equasion. DNS spoofing is when you supply another DNS server address to clients and they query their site IPs from your fake DNS server. DNS spoofing is a form of MITM. They are then redirected to an illegitimate site for phishing (for example) when they intended to visit FNB.co.za. They may have used their own bookmark or manually entered the address I to the address bar of a browser, etc.
 
Top