Public Wi-Fi Hotspots Need Better Network Protection

By Sam Cook

Some say that public Wi-Fi could be locked down with a little WPA2 and a known password, but that approach isn't the complete answer.

Free Wi-Fi hotspots are a modern convenience, but from a security perspective they’re also weak point. The average coffee shop in the U.S. runs a completely open, unencrypted network, meaning that it’s possible for someone to connect and sniff packets from nearby clients—not only possible, in fact, but easy, now that Firefox extension Firesheep grabs login credentials automatically. So how do we secure all those Wi-Fi networks? One proposed solution is for hotspots to be locked down with WPA2 and a publicly-known password. Despite the password itself being freely available, the unique encryption keys WPA2 creates with each client would keep people protected from any Firesheep on the network.



problem with this public password approach is that it relies on a “handshake” transaction to generate the encryption keys. Future Firesheep-like plug-ins could be ready to sniff the handshake itself, even force connected clients to go through the transaction again. And once the encryption keys are captured, the security is meaningless.



But until that day comes, public Wi-Fi is still going to be a security issue. So do you think more public networks should incorporate WPA2 passwords? At face value, it seems like bad security is better than no security at all. However, you could make the argument that bad security does its own kind of harm, giving users the false sense of protection, so they let their guard down. Tell us what you think, and how you keep yourself protected on open Wi-Fi.