GalaxyBoy
Thinks s/he gets paid by the post
I will avoid hotel wifi for sensitive data like bank accounts, but I'll log on via my cellular connection. Since there's no choice for that option, I didn't vote.
Can't vote as I only use cellular date to do mobil baking when away from home. Would never use a hotel wifi for banking.
Well, in risk management the first thing you do is to identify the event's impact and its probability. High/low in this case IMO. The next thing you look at is cost to mitigate. Zero, in my case.Why base such a decision on advertising? That seems silly. How about basing it on the tech specs and security analysis?
1 - VPN's will tunnel you securely through any malicious or insecure WiFi
2 - Just use your cell phone connection. Also secure. Also can use a VPN if you are paranoid.
Without getting into technical details, if you are using a browser, the connection between your device and the server is encrypted from end-to-end. The perceived security of the hotel wifi should not factor into this decision.
....
Can't vote as I only use cellular data to do mobile banking when away from home. Would never use a hotel wifi for banking.
Well, in risk management the first thing you do is to identify the event's impact and its probability. High/low in this case IMO. The next thing you look at is cost to mitigate. Zero, in my case.
I really have no reason to put any financial stuff on my phone. The most we are out of the country is about three weeks twice a year. During that time all my autopays and autodeposits at Schwab take care of things. I am a long term investor so I have zero need to access investment accounts. In the near-zero probability event of an emergency I can call my Schwab guy on the phone for help or to give instructions.
Re "security analysis" really that is a joke. First, what do those words even mean when we're talking about tens or hundreds of thousands of lines of code? Presumably Microsoft does "security analysis" and still we get an overwhelming stream of patches from them. And ... who watches the watchers?
It's kind of like religion. If your faith in this stuff makes you happy, I am happy for you. But that doesn't make me a believer.
Can't vote as I only use cellular date to do mobil baking when away from home. Would never use a hotel wifi for banking.
As you like. I have no interest in discussing with someone who has to have the last word. So have it.... This isn't about blind faith or religion, it's just common sense and keeping up with technology as it changes.
As you like. I have no interest in discussing with someone who has to have the last word. So have it.
Didn't vote.
I NEVER EVER use public WIFI for anything. Not since my email was hacked 7 years ago while using the public WIFI at a cancer treatment center while under going chemo. Embarrassing emails were sent to all my personal and business contacts. No financial impact but it sure made an impression on me.
I try to only use our secured WIFI at home. If access away from home is needed, I use my phone directly or as a hotspot.
I can't cite references but I have always understood that HTTPS creates an encrypted tunnel such that no one sniffing the network (a very real danger on a public network) can see any of the data packets which includes passwords. There are still a couple of gotchas. Some https sites only use https for the logon and then http for the rest of the session. In those cases the data transferred during the unlocked portion could be sniffed. Looking up at the URL bar now I see this portion of my ER Forums session is not secure so that appears to be the case here. This is extremely unlikely with a financial institution but you can check from home to see if the lock remains on. The other danger that I have heard about is that you might get redirected at the initial public network sign on portion to a malicious site that could trick you into opening an executable that could monitor your screen actions (e.g. a keylogger). This could capture your log on credentials before they transition to the encrypted tunnel. Most stuff I have read suggests this as a pretty remote risk but... I always get nervous at hotels that take you through a proxy server.Can someone post some facts with sources, rather than opinions or just a "this is what I do" example?
What I'd like to know is, are the passwords I use to access a financial site secure, even on a public wi-fi? It was my understanding that the "htpps" in the url does that for me. Am I wrong?
Maybe there are other good reasons to avoid public wi-fi, but if they can't see my passwords, I'm not sure what the concern is. With htpps, can they see anything?
-ERD50
Been there many times (6 or 7 times I think) when I was working. There is nothing like attending a week+ long security conference (Blackhat/Defcon) in Las Vegas with all expenses paid (well almost all ) Thousands of security "professionals, hackers, and government agencies" from around the world attend Blackhat/Defcon in Vegas. It's the biggest and most intense IT security conference/training I've ever attended. The only other IT security conference that comes close is RSA, which is held in San Fransisco each year.There's a big annual infosec conference held in Vegas - Defcon.
Can someone post some facts with sources, rather than opinions or just a "this is what I do" example?
+1 IT person cautioned never use outside wifi for anything financial. I always lock my Lastpass outside of my wifi. I do what I"m toldI try to only use our secured WIFI at home. If access away from home is needed, I use my phone directly or as a hotspot.