MacMost Now 538: Secure Browsing On Public Networks

If you must browse the web using your MacBook, iPad or iPhone on a public wifi network, you will want to use https whenever possible. Many major sites allow you to force https using an account setting.

Comments: 25 Responses to “MacMost Now 538: Secure Browsing On Public Networks”

    Mike S
    13 years ago

    Gary, great advice. Let me add the following:

    --When surfing using WiFi anywhere outside of your home network, use a VPN. [I use Witopia on my iPhone and IPad (two simultaneous connections per license).]

    --(Tangentially related) Google also has a great new security option called 2-step verification: http://www.google.com/support/accounts/bin/topic.py?hl=en&topic=28786 A few minutes to set up if software applications access your e-mail account, but smooth sailing afterwards.

    Matt
    13 years ago

    What about email accounts running thru Apple Mail? My Mail is set to check every minute for new emails. Is that information being passed between the server and my computer secure? Or am I at risk. I have a gmail account running thru Apple Mail as well as my college email.

      13 years ago

      Look in the account settings for that email account in Mail. Under Advanced, you should see "Use SSL." As long as that is on, it means you are establishing a secure connection between Mail on your Mac and the server.

        Sharon
        13 years ago

        If I check the SSL box the port number changes from 110 to 995. When originally setting up my Apple mail account, I'm pretty sure my ISP said not to do this.

          13 years ago

          I wonder why they would say that? Using SSL is more secure and if it works you should use it. I'd put in a support request and ask them about this.

            Sharon
            13 years ago

            I did just talk to them and they said, yes I can checked the "SSL" box if I want to :o) Maybe when I was getting set up they said I didn't have to check it because they didn't realize it was a laptop and might be using WiFi somewhere. In any event I really don't use my laptop in public places--but I do know to look for the httpS if I'm worried about security at any time ... Thanks.

    Phil Kaplan
    13 years ago

    Very useful. Thanks, Gary.

    Neal
    13 years ago

    Thanks, Gary. Great advice.

    Is this type of security enough for use in coffee shop WiFi? Or should I get a VPN connection?

    How about a segment on VPN?

      13 years ago

      As long as you are on https, it is safe to use public wifi. But the problem is there are some sites that don't offer it, and make sure you are doing email over ssl too. And it is easy to slip into http (not s) if you aren't vigilant.

      Nancy N
      13 years ago

      Yes, I've been meaning to write to ask if you could please address VPNs.

        13 years ago

        That's a tough one to address. People that use them usually have an IT department set them up. So they don't need me. Others don't use them. I don't use them. What are you trying to use a VPN for?

          Nancy N
          13 years ago

          Hi Gary. I travel internationally. My main purpose is security when on airport, hotel and other wifi but also when in China and not able to access some things as basic as cnn articles, I thought a VPN would assist with that, too. That, however, is only a secondary concern.

            13 years ago

            Yes, it does sound like you should be using a VPN. If you work for a company that has an IT department, consult with them about setting one up. Otherwise, I think there are companies that offer VPN servers to individuals. Do a search. I'm not really familiar with them at all, so I'd be interested to head what you find.

              Nancy N
              13 years ago

              My company doesn't extend its IT services to their employees who travel. I'll continue googling to see what I can come up with and will let you know if I am successful

              Adelie
              13 years ago

              YMMD with that asnewr! TX

    Doug B
    13 years ago

    Hi Gary - I'm planning some world travel (sold the house and dropping out for a while). I do quite a bit of web design stuff so I want to take my laptop with me and try some freelancing while I'm away... I was wondering, am I pretty safe to use my Mac "as is" at free WiFi places as long as SSL is on? I've heard all this stuff about VPN etc and I'm not particularly savvy with it all... thanks in advance.. love your site :)

      13 years ago

      You are relatively safe as long as you are on sites that use https. But not all sites do. Make sure you use different passwords at every site, so if someone gets your password at something non-important (like a news or game site) they don't have your password for email or financial stuff.
      I'd look into a VPN service. Just do a search for "mac vpn service" and read about what they offer. They each explain what they do on their sites. Could come in handy.

    Chris
    12 years ago

    Hey Gary
    is it possible to tell my browser that it always uses https if possible when I got to any internet side?

      12 years ago

      Watch the video. I explain how at least do this some of the time.

    Scott
    12 years ago

    Is it safe to use public wifi on my ipad2? Just got it last month. Please advice.

    Thank you.

      12 years ago

      iPad or laptop -- the same idea applies. If you use unencrypted (no WPA2/WEP password) wifi then it is not safe. Sticking to only encrypted sites (https) will make it better, as long as you are vigilant.

    mctavish
    12 years ago

    Gary, what about iCloud and the various iOS apps such as App Store? Are the passwords and other info safe to send through public Wi-FI? Is there a way to tell about the Wi-Fi security of 3rd party apps such as Dropbox, SkyDrive, Kindle, and 1Password? Thanks.

      12 years ago

      Most advanced services like iCloud use SSL (HTTPS) and so are encrypting the data on their own. As far as I know as long as you are using HTTPS you are safe. Not sure of each service, but I would be surprised if they are not. 1Password is a different thing, though, not sure how it relates to this as it is not a web service.

        Ben Quinney, Jr.
        12 years ago

        I asked about 1Password since the iOS app is synced with the desktop app via the Internet, sometimes through Wi-Fi. Checking the 1Password website, I am reminded that this is done with an encrypted file using Dropbox. And Dropbox also uses SLL, so all should be safe.

        I guess that there is no way to tell if SSL is being used by iOS apps if there is no browser interface, other than by checking each company's policy. As you state, such encryption should be expected.

          12 years ago

          Right. 1Password doesn't use "the web," it is connecting through DropBox securely (and the 1Password file is encrypted too).

Comments Closed.