4/8/11
6:41 am

MacMost Now 538: Secure Browsing On Public Networks

If you must browse the web using your MacBook, iPad or iPhone on a public wifi network, you will want to use https whenever possible. Many major sites allow you to force https using an account setting.

Video Transcript (Click to Expand)
Hi, this is Gary With MacMost Now. On today's episode, let's learn about how to make your Mac book a little more secure browsing a public wifi network. Now if you have a Mac book or an IPad, you probably been in the situation when your browsing using a public wifi network. The problems with these networks is their not secure. Your information is sent in the clear in other words all the characters are just visible over the wireless signal. So people can use other computers and various pieces of software on the router and all points in between to see exactly what your transmitting, what your getting from the websites your visiting. So if your doing something, like say checking your email, or updating facebook that means they could see exactly what you are doing. Now its always best to avoid open public wifi networks for this reason. Maybe to use a network that has a password cause at least that means the data is encrypted that's being sent through the air. But a lot of websites also another solution. You can use https, the s stands for secure. You see this all the time when you say are going to pay for something at an E commerce website. It will change to https and you'll see a little lock symbol in Safari meaning that the data between your browser and the website are completely secure and encrypted. However, if your doing something such as checking your email, or updating Facebook, it may not be secure, but you can force it to be. So for instance, here I am inside of twitter and you notice that i am surfing twitter using http, so all this stuff is sent in the clear. Now i can add the s myself, manually. And you'll see the page just reloads and I am actually now securely surfing Twitter, you can even see the lock over there. so now all this data is being sent to and from the server encrypted and can't be read over a public wifi network. Now doing this manually isn't the best idea because your likely to forget and of course usually go to the website first and than you say Oh better add that s to it. And not all websites support it. But some of the major websites not only support it but have a setting that will force https if at all possible. So for instance if i go to my Twitter settings, I can look all the way at the bottom of the Twitter settings and i will see an https only setting. If I turn that on, than I don't have to worry about it again anytime I'm surfing twitter, it will be encrypted. Same thing is true in Facebook, if you go into your Facebook settings under my account than you look towards the bottom of the page, you can see an account security section, expand that and you've got the option to set it to browse Facebook on secure connection https whenever possible. Another site is Gmail, this also has under settings under general a setting right here for always use https. So there really is no reason why you shouldn't have all of those on if you use those websites. And also look at some of the other websites that you use all the time and see if they've got a setting to always force https. And some websites don't really need it, like for instance I noticed when surfing around on Amazon, since it's an E Commerce site I seem to just about always be in https and certainly whenever I was checking out or accessing account information. So there's just one way that you could be a little bit more safe when using a public wifi network. Til next time, this is Gary with MacMost Now.

Comments: 25 Responses to “MacMost Now 538: Secure Browsing On Public Networks”

    Mike S
    4/8/11 @ 9:12 am

    Gary, great advice. Let me add the following:

    –When surfing using WiFi anywhere outside of your home network, use a VPN. [I use Witopia on my iPhone and IPad (two simultaneous connections per license).]

    –(Tangentially related) Google also has a great new security option called 2-step verification: http://www.google.com/support/accounts/bin/topic.py?hl=en&topic=28786 A few minutes to set up if software applications access your e-mail account, but smooth sailing afterwards.

    Matt
    4/8/11 @ 5:46 pm

    What about email accounts running thru Apple Mail? My Mail is set to check every minute for new emails. Is that information being passed between the server and my computer secure? Or am I at risk. I have a gmail account running thru Apple Mail as well as my college email.

      4/8/11 @ 6:27 pm

      Look in the account settings for that email account in Mail. Under Advanced, you should see “Use SSL.” As long as that is on, it means you are establishing a secure connection between Mail on your Mac and the server.

        Sharon
        4/14/11 @ 10:16 am

        If I check the SSL box the port number changes from 110 to 995. When originally setting up my Apple mail account, I’m pretty sure my ISP said not to do this.

          4/14/11 @ 10:20 am

          I wonder why they would say that? Using SSL is more secure and if it works you should use it. I’d put in a support request and ask them about this.

            Sharon
            4/16/11 @ 10:13 am

            I did just talk to them and they said, yes I can checked the “SSL” box if I want to :o) Maybe when I was getting set up they said I didn’t have to check it because they didn’t realize it was a laptop and might be using WiFi somewhere. In any event I really don’t use my laptop in public places–but I do know to look for the httpS if I’m worried about security at any time … Thanks.

    Phil Kaplan
    4/14/11 @ 11:00 am

    Very useful. Thanks, Gary.

    Neal
    4/14/11 @ 2:15 pm

    Thanks, Gary. Great advice.

    Is this type of security enough for use in coffee shop WiFi? Or should I get a VPN connection?

    How about a segment on VPN?

      4/14/11 @ 2:20 pm

      As long as you are on https, it is safe to use public wifi. But the problem is there are some sites that don’t offer it, and make sure you are doing email over ssl too. And it is easy to slip into http (not s) if you aren’t vigilant.

      Nancy N
      4/15/11 @ 8:15 pm

      Yes, I’ve been meaning to write to ask if you could please address VPNs.

        4/15/11 @ 8:38 pm

        That’s a tough one to address. People that use them usually have an IT department set them up. So they don’t need me. Others don’t use them. I don’t use them. What are you trying to use a VPN for?

          Nancy N
          4/17/11 @ 8:58 am

          Hi Gary. I travel internationally. My main purpose is security when on airport, hotel and other wifi but also when in China and not able to access some things as basic as cnn articles, I thought a VPN would assist with that, too. That, however, is only a secondary concern.

            4/17/11 @ 9:13 am

            Yes, it does sound like you should be using a VPN. If you work for a company that has an IT department, consult with them about setting one up. Otherwise, I think there are companies that offer VPN servers to individuals. Do a search. I’m not really familiar with them at all, so I’d be interested to head what you find.

              Nancy N
              4/17/11 @ 10:12 am

              My company doesn’t extend its IT services to their employees who travel. I’ll continue googling to see what I can come up with and will let you know if I am successful

              Adelie
              5/1/11 @ 4:52 pm

              YMMD with that asnewr! TX

    Doug B
    5/30/11 @ 4:52 am

    Hi Gary – I’m planning some world travel (sold the house and dropping out for a while). I do quite a bit of web design stuff so I want to take my laptop with me and try some freelancing while I’m away… I was wondering, am I pretty safe to use my Mac “as is” at free WiFi places as long as SSL is on? I’ve heard all this stuff about VPN etc and I’m not particularly savvy with it all… thanks in advance.. love your site :)

      5/30/11 @ 8:54 am

      You are relatively safe as long as you are on sites that use https. But not all sites do. Make sure you use different passwords at every site, so if someone gets your password at something non-important (like a news or game site) they don’t have your password for email or financial stuff.
      I’d look into a VPN service. Just do a search for “mac vpn service” and read about what they offer. They each explain what they do on their sites. Could come in handy.

    Chris
    12/12/11 @ 1:57 am

    Hey Gary
    is it possible to tell my browser that it always uses https if possible when I got to any internet side?

      12/12/11 @ 7:46 am

      Watch the video. I explain how at least do this some of the time.

    Scott
    3/8/12 @ 6:07 pm

    Is it safe to use public wifi on my ipad2? Just got it last month. Please advice.

    Thank you.

      3/8/12 @ 9:54 pm

      iPad or laptop — the same idea applies. If you use unencrypted (no WPA2/WEP password) wifi then it is not safe. Sticking to only encrypted sites (https) will make it better, as long as you are vigilant.

    mctavish
    7/7/12 @ 3:24 pm

    Gary, what about iCloud and the various iOS apps such as App Store? Are the passwords and other info safe to send through public Wi-FI? Is there a way to tell about the Wi-Fi security of 3rd party apps such as Dropbox, SkyDrive, Kindle, and 1Password? Thanks.

      7/8/12 @ 12:34 am

      Most advanced services like iCloud use SSL (HTTPS) and so are encrypting the data on their own. As far as I know as long as you are using HTTPS you are safe. Not sure of each service, but I would be surprised if they are not. 1Password is a different thing, though, not sure how it relates to this as it is not a web service.

        Ben Quinney, Jr.
        7/8/12 @ 3:34 pm

        I asked about 1Password since the iOS app is synced with the desktop app via the Internet, sometimes through Wi-Fi. Checking the 1Password website, I am reminded that this is done with an encrypted file using Dropbox. And Dropbox also uses SLL, so all should be safe.

        I guess that there is no way to tell if SSL is being used by iOS apps if there is no browser interface, other than by checking each company’s policy. As you state, such encryption should be expected.

          7/8/12 @ 11:40 pm

          Right. 1Password doesn’t use “the web,” it is connecting through DropBox securely (and the 1Password file is encrypted too).

Comments Closed.