Tech

VPN, DoH and Mobile Internet: Your Defense Against Public Wi-Fi

The public or shared networks they have become very popular. It is very convenient to get to a hotel, a restaurant or an airport and connect to the Wi-Fi that they make available, but in these networks there are people connected of all kinds, many of them have equipment that is not up-to-date in the matter security or do not take the necessary precautions. In these circumstances, the presence of malicious actors willing to steal data and attack computers is no surprise.

In fact, the consolidation of the digital world has ended up generating a paradox, since people tend to take precautions when it comes to protecting the physical part of their lives, closing the door to prevent the entry of intruders or always waiting to carry the keys with me, but When jumping into the digital world, many end up relaxing that guard, thus leaving the ground clear for malicious actors..

Although some public or shared Wi-Fi are protected, that does not change the situation because the password is usually provided, not to mention that malicious actors have at their disposal the necessary knowledge to sneak and intercept traffic with ease, if Well this depends on the skill of each one.

Other things that one is exposed to when connecting to a Wi-Fi made available to customers

If public or shared networks are already a threat to the security and privacy of users, the situation can become a little more dangerous when we move to a hotel.

In hotels one can meet guests who have brought their own access point visible from computers located in other rooms. The fact that these networks are visible is something that should put us on our guard, since there is possibly a malicious actor behind them waiting for their opportunity to attack or obtain data.

Even if the failure is not derived from bad intentions, that does not prevent a malicious actor from sneaking in to do their thing, so in the end any network over which you do not have total control ends up being a risk. So, if you need it, it is always better to make sure you connect to the correct network or what amounts to the same, the official hotel network, but not without taking precautions.

VPN: A way to protect yourself on public and shared networks

For years one of the main recommendations if you connect to a public or shared Wi-Fi is to use a Virtual Private Network, better known as VPN for being the acronym in English for Virtual Private Network.

A VPN is responsible for extending a private network through a public one to allow users send and receive data as if their devices were directly connected to a private network, thus achieving significant benefits in functionality, security and privacy. VPNs provide access to resources that are not accessible from the public network and are widely used by telecommuters. Although they usually offer encryption, this feature is not an inherent part.

Moving what is exposed to the situation of a common user, a VPN helps you to encrypt the connection from your computer devices (it does not have to be a PC, but also a smartphone in case you do not have a large amount of data contracted) to the web services and servers it accesses, obfuscating the IP and location in the process by channeling traffic through a proxy server and preventing third parties from snooping on user activities.

However, despite the fact that they are generally easy to use, not all VPNs are secure, especially the free ones. When you don’t pay for what you are using, the user is likely the product, so the door may be open to their tracking and possible data leakage. It is preferable to use a paid, known and reliable VPN network, but that’s not a guarantee of anything either. EpressVPN, NordVPN, and Proton VPN are three well-known solutions that tend to get high marks in the specialized media.

DNS over HTTPS, a complement to consider when using a VPN

Security and privacy, which despite being confused are not the same, are two sections for which any precaution taken is little. While a VPN should offer sufficient protection for most activities that end up over a public or shared network, it never hurts to enforce DNS over HTTPS (DoH).

DoH is a protocol that carries out remote DNS (Domain Name System) resolution via HTTPS in order to prevent the interception and manipulation of DNS data through an attack of the type man-in-the-middle (middle-man attack). In other simpler words, with DoH it is possible to improve the privacy and security of the user’s web traffic by hiding, to put it simply, the websites accessed.

Firefox, Chrome (at the browser level) and Windows 10 (at the system level) are examples of software that support DNS over HTTPS. Although it is advisable to activate it in any case if one is very concerned about privacy and security, its use becomes more necessary when connected to a public or shared network.

The mobile Internet, the other way to avoid malicious actors

The purpose of mentioning VPNs and DNS over HTTPS in this article is to teach you how to avoid malicious actors. In these times, almost everyone carries a smartphone with an Internet connection through the mobile network, so it is possible that this device ends up being a more effective and simple method to avoid these malicious people.

Using the mobile Internet makes the user the only one who is connected to their own local network, without it being, at least initially, shared with other users. In other words, the mobile can be configured to perform the function of a router, allowing a computer to access the Internet.

The use of the mobile provides more security as the user is using their own personal connection, but it also has its drawbacks. To begin with, you have to be careful with the amount of data in the contracted rate. In case of having to use the computer intensively, it would be important to hire a large number of gigabytes to avoid inconveniences, which can result in a drastic reduction in connection speed or in the charge of the additional amount of data.

Another important point is have the mobile operating system (and all software) updated before leaving home. Outdated software is one of the most common security flaws, especially in applications that often go unattended. Updating the mobile operating system provides the latest security patches, so performing this process is always critical even though 100% security is impossible to achieve.

Finally, In case of using the mobile Internet, the connection must always be shared by cable and never by enabling the Wi-Fi access point or Bluetooth. Enabling the Wi-Fi or Bluetooth access point leaves the door open for a malicious actor to sneak into the local network created by the user with his mobile. In order to expose the correct configuration, we are going to show a screenshot taken from a Xiaomi Android Mi.

How to Share the Mobile Internet Safely

And despite everything, do not think that you are (totally) safe at home

Did we mention the importance of updates? Keeping everything up to date is important if you want to be as safe as possible from malware and malicious actors. This covers not only the applications and operating systems used by the computers that you own, but also the firmware of the motherboard of the PC and that of the router that one has at home for broadband Internet.

The router is a point that is often neglected and therefore tends to be a target for malicious actors. Failure to update the firmware of said device means that it is dragging the vulnerabilities and security flaws that have been discovered (and that have ended up in the hands of the manufacturer, because those that continue to be in the hands of malicious actors and security agencies can continue being exploited).

If your router’s firmware hasn’t been updated in a long time, it’s time to check whether or not it is up to date. In addition to that, the user can carry out other actions such as hiding the SSID, setting a strong password for Wi-Fi, disabling remote access to administration, managing MAC addresses, and setting a strong password to access the administration panel. of the router.

conclusion

Today (or rather, forever) perfect cybersecurity is something unattainable, so even taking all the precautions one does not end up being 100% safe and free from the threats that are out there.

Another conclusion that can be drawn is that blunt barriers are better than hot packs, or what comes to the same thing, it is always better to opt for the option with less risk to the user’s safety.

Images: Pixabay

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *