Best practices for using an iPhone on a public Wi-Fi network?
September 29, 2016 11:58 AM   Subscribe

I'm looking for best practices for using our iPhones and iPads on public Wi-Fi networks. That is, what can we do to best protect/secure/encrypt the data that is transmitted over such networks to/from the devices (aside from not using the public networks in the first place)? Would using a VPN accomplish this? Any recommendations for one? Something else? These are iPhone 7's and iPad Pro's, all running the latest version of iOS 10. Thank you!
posted by jroybal to Computers & Internet (6 answers total) 10 users marked this as a favorite
A VPN would be your best bet. I'm a fan of Cloak, which has a great app and will automatically turn the VPN on when you join an untrusted network.
posted by SansPoint at 12:07 PM on September 29, 2016 [3 favorites]

Agreed, a VPN is best, although you may have to connect to a web page on the Wifi first in order to activate the connection on some public WiFi networks, so you won’t be able to leave the VPN on all the time.

Otherwise make sure that all your email / web connections are securely encrypted by default & will refuse to authenticate themselves over an unencrypted connection. (My IMAP server doesn’t even offer the option to log in unless the connection is encrypted for instance.)
posted by pharm at 12:10 PM on September 29, 2016 [1 favorite]

There are various risks in using open wi-fi:

1. Anybody else on the wifi network can see all of your network traffic.

2. Similary, anybody else on the wifi network can modify any of your network traffic.

3. If you join and "remember" a public network, your phone will automatically connect to other networks with the same name.

4. It's possible to abuse #3 to do nefarious things like track people, because your phone has a unique network MAC address. (There are actual systems in use that do this, for retail environments etc.) However, Apple has taken specific action against this one by periodically scrambling the MAC address.

So really, the main risks are #1 and #2, which can both be avoided by using encryption -- either a VPN or by your apps using an encrypted protocol. Lots of apps used to be pretty lousy about security, but a lot has changed over the last several years due to the ongoing Snowden/Stuxnet-induced crisis in infosec, and the big apps (Facebook, Twitter, Google) should be secure enough to use over an untrusted connection.

Personally I don't worry about it too much. If this is Serious Business though you'll at least want a VPN.
posted by neckro23 at 12:36 PM on September 29, 2016 [2 favorites]

Yep, VPN. I'm quite happy with Private Internet Access.
posted by Johnny Wallflower at 4:47 PM on September 29, 2016 [1 favorite]

nthing Private Internet Access. I use it on all my devices.
posted by MonsieurBon at 10:36 PM on September 29, 2016

Opera VPN, from the browser maker is free and easy.
posted by blue_beetle at 6:30 AM on September 30, 2016

« Older Good slice of life historical fiction? Not too...   |   Why is internet+TV+phone cheaper than internet... Newer »
This thread is closed to new comments.