Answer the question
In order to leave comments, you need to log in
How to protect yourself in someone else's wi-fi network?
Hello. Moved from home office to coworking space. But the inner paranoid is afraid to use the Wi-Fi network in a coworking space "for the whole" - you never know what they stuffed there. I know very little about security, but since childhood I have fears when the admin in the club with the help of a keylogger finds out your password from the Linea or Vova account. Are my fears justified? If so, what is the best way to protect yourself when working on someone else's network?
Answer the question
In order to leave comments, you need to log in
By itself, an open grid is fraught with dangers only for websites that are not opened using the https protocol, plus the network owner can monitor visited resources via dns and ip addresses of sites if they work without cdn-like layers (I emphasize - it will be clear which sites and how much data you download there and from there, no more, it is possible, when using address analysis by timings and data sizes, to determine for some sites which pages you are approximately on, and then at the level of probabilities).
In a browser, for example, you can generally prohibit the use of the http protocol (firefox - settings - privacy - https only mode), and make sure that the certificate on the sites does not give warnings (it's hard to miss a message about this).
ps classic attack vector, you go to a local ftp file exchanger, download a seemingly reliable thing, but the evil administrator / provider automatically injects a trojan into every exe file downloaded from there.
By the way, a Trojan can also be placed in some seemingly harmless avi file, if the user was so stupid that he uses a standard windows player (there used to be an option to automatically download the codec at the address in the video file, xs how things are now, it is unlikely that it was removed)
In general, there are many attack vectors through unencrypted channels, so the rule is only https protocols in unreliable networks (and these are now all Russian providers, for example).
Well, for backfilling, who knows that some kind of drweb cureit / kaspersky cleaner / (substitute any software manufacturer that can be administratively pressured) is slipped onto the machines of Russian clients, i.e. the attack is not a provider but through a developer.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question