I came across a Reddit thread about someone using a neighbour’s WiFi, and the (unknown) neighbour later changed the ssid to the user’s gaming handle.
Lots of comments saying that public WiFi can be a trap, and a malicious actor can see all your packets, sniff your passwords, spoof login pages… And not one refuting it with SSL.
Am I missing something?! Is a WiFi/LAN actually that dangerous? I thought pretty much every site and service uses SSL these days, and signed certificates so (unless you have a particular Lenovo or Dell model) DNS spoofing won’t work.
And aren’t most ports on your own computer closed by default now? Unless you’ve opened ssh or a samba share with a poor password or something?
I realise packets can still be sniffed, website use can be tracked (but not the data, not things like passwords). With more work, that could be correlated to, for instance, what time a user logs on to a discord server.
Have I missed something big? Is someone else’s WiFi or LAN actually dangerous?
Do you know for sure that all traffic out of your devices is properly encrypted? Do you know for sure that non of your devices is listening on a port in an unsecured or vulnerable way?
Realistically, a public WiFi is not that big of a deal as it used to be before almost everything moved to authenticated and encrypted protocols, but there are still plain protocols being used all the time (dns for example) and unless your devices are super up to date you will probably have some possible security issues.
Given the choice you should use a private WiFi, second best is a VPN over a public WiFi, third is a plain public WiFi.
We are past the days of connecting to an attacker controlled WiFi means you are owned, but you are still at a privacy risk and some security risk.