Is public WiFi actually dangerous? (lemm.ee)

submitted 6 days ago by milicent_bystandr@lemm.ee to c/cybersecurity@sh.itjust.works

18 comments fedilink hide all child comments

I came across a Reddit thread about someone using a neighbour's WiFi, and the (unknown) neighbour later changed the ssid to the user's gaming handle.

Lots of comments saying that public WiFi can be a trap, and a malicious actor can see all your packets, sniff your passwords, spoof login pages.... And not one refuting it with SSL.

Am I missing something?! Is a WiFi/LAN actually that dangerous? I thought pretty much every site and service uses SSL these days, and signed certificates so (unless you have a particular Lenovo or Dell model) DNS spoofing won't work.

And aren't most ports on your own computer closed by default now? Unless you've opened ssh or a samba share with a poor password or something?

I realise packets can still be sniffed, website use can be tracked (but not the data, not things like passwords). With more work, that could be correlated to, for instance, what time a user logs on to a discord server.

Have I missed something big? Is someone else's WiFi or LAN actually dangerous?

you are viewing a single comment's thread
view the rest of the comments

[-] zo0@programming.dev 3 points 6 days ago

Fear the man in the middle

[-] milicent_bystandr@lemm.ee 3 points 6 days ago

Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, TLS can authenticate one or both parties using a mutually trusted certificate authority.

For most purposes, doesn't HTTPS thwart MITM attacks? It's designed to be resilient against MITM for the whole chain through your ISP and other gateways to the destination, no?

[-] taladar@sh.itjust.works 4 points 6 days ago

Only if you start with HTTPS but browsers have favored HTTP for backwards compatibility as the default protocol when something is entered in the address bar until very recently (less than a year for any browser to do that by default via HTTPS). Usually users don't notice because websites redirect to HTTPS but technically a MITM attacker could just redirect you somewhere else.

[-] user224@lemmy.sdf.org 3 points 6 days ago

But even then, theoretically, even if not default, could you not just block the first request to HTTPS site causing fallback to HTTP and then redirect elsewhere for the purpose of nice lock icon?

[-] taladar@sh.itjust.works 4 points 6 days ago

If you have a HTTP fallback on HTTPS failure that might work, but only if the site doesn't use HSTS and this is the first request on that client. I skipped over HSTS preloading in my earlier explanation which also addresses this issue for sites on the browsers list at least.

this post was submitted on 03 Jun 2025

24 points (100.0% liked)

Cybersecurity

7419 readers

8 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social