There should be a law

CatchinBluegill wrote:

No, it isn't, and for reasons beyond sniffing traffic. Networking and security are my profession, and I don't connect my computer, or even my phone, to public wifi. Ever.

That said, if you really want to use the campground's public wifi, the safest way to do that is to have a wireless router capable of bridging wireless networks (that is, it's uplink will be the CG's wireless, and it broadcasts its own, secure SSID for your wireless network). I don't, off the top of my head, know of any consumer-grade wireless router that does this. I reflashed mine with DD-WRT for that particular purpose.

Using a mifi-type setup is more expensive, but it's easier (for most people) and safer than setting up a router to do wireless-wireless bridging. It's likely to be safer, and may well be faster. As many have reported, speeds on camp ground wifi are often awful (I'll comment on that in another post).

If you're going to use public wifi anyway, the best thing to do then is:

- Always make sure your computer is up to date on patches (especially security patches)
- Make sure your software firewall doesn't allow any external computers to initiate connections. You computer should not appear to be listening on any TCP or UDP ports. You can google this (it'll be specific to the OS you're using; Windows is different than Mac is different than Linux)
- Subscribe to a paid VPN service (don't use a free one; they have to make money somewhere, and they're probably making it by selling ads, selling your information, or in some cases, selling access to your bandwidth and routing other people's traffic out through your computer. That can be pretty dodgy traffic, too. Connect to the VPN as soon as you're on the CG Wifi and send all your traffic out through the VPN.

Agreed with a few caveats. There are several companies that offer wireless routers that are used for SSID creation and allow multiple connections that are hidden behind that SSID; I use Jefatech for my wireless connections at any park.

I concur, that a paid VPN service is a nice addition, however, for most folks it is overkill for the few transactions that need to be done. Most of us (I do use a VPN - Hotspot Sheild) are not connected for long periods of time doing MBs of business that needs to be that secure. As long as your connection is initiated to a trusted HTTPS portal; i.e., you go directly to HTTPS://www.mybank.com to log in and not to http://www.mybank.com, do your business and get off that site as soon as said business is done, you are about as secure as you can get. SSL connections are very secure and provided your firewall is up to snuff you shouldn't be any more "exposed" on a public wifi as on your home wifi.

Prudence and common sense play a large role in your security. Don't disable your firewall (no matter whether it is the OS version or part of a paid antivirus package, do limit your connection time (most secure sites will actually kick you off after a period of inactivity to limit your exposure), try to rotate free public wifi sites (if you use McDonald's today, try and use a library next time; don't establish a pattern that someone can detect), use a VPN service (paid) if you are in one spot for a long time (more than a week or so) to mask your physical location and if you can afford it, use a Jeffa Tech (or other brand) wireless wifi repeater so that you can hide behind an SSID that uses passwords (and make it a good one) as one more layer of protection.