When you connect to, umph, say, Starbucks’s wireless networks and similar, you connect without even providing a username or password (some of these applies to web based authentication) think about these;
- 1. It’s open, therefore there’s NO encryption, everyone (can) see your traffic
- 2. Others can impersonate you! and do stuff you wouldn’t (or would, but not in public, haha)
- 3. Anyone could easily impersonate the access point and become the gateway. Which mean, everything passes through his/her computer before reaching another destination
- 4. Your own computer can be easily exposed to unauthorized access (or attempts) since almost ANYONE can connect, which mean, the good and bad guys!
- 5. And finally, It’s designed to be insecure! or the implementors have no clue what so ever. So, don’t even expect any security on it.
Stay secure, opt for secure APs (at a minimum), if you do not have a choice, they ensure that you access only SSL, TLS or VPN type of accesses to ensure you create an encrypted tunnel between you and the destination. Wikipedia TLS or SSL for more information.