Public Wi-Fi and Security

Is it safe to make purchases (https sites only) on the internet while connected through an unsecured Public Wi-Fi Network? The information I’ve found on the internet regarding this question is mixed… and most discussions were from 3 and 4 years ago. I’m not concerned about security pertaining to Social Networks, because I never access them through Public Wi-Fi. Thanks

 

My understanding is that once you go to a https url the data is being encrypted even if your on an unsecure access point.

I'm sure someone will correct me if i'm wrong.

 

That was understanding also... until I read various posts stating that wasn't necessarily true when I googled the queston... but most posts were a few years old. Thanks

 

I wouldn't buy anything on a public unsecured network. And use a good firewall, along with turn off shares.

 

I'm with brownizs. I would never access anything private over a public WIFI.

 

I'll continue by saying I also agree with shnerdly and brownizs to never buy anything or access anything that's private over an unsecured access point (public or private).

Even if your using a https and everything says it's encrypted which i'm sure it would be but another question that comes up is who is it encrypted with, it may or may not be the server you intended (man in the middle).

 

From a strictly technology standpoint, https does give you a completely encrypted and protected connection between 2 points. But that in itself leaves several questions. As Lord said, you don't know their network at all, so you have no idea what your https session is actually with. While most proxy's will pass https data through, most modern proxys actually open https sessions up to inspect what is being passed through, meaning that all the data you send over their network is being monitored and logged including credit card numbers, addresses, ssn's, MAC addresses, etc.

And please do not think that this is an attempt at thievery. These precautions are for their own legal protection. Any illegal activity you conduct over their internet can be their legal problem. Companies hold https data just in the unfortunate case they end up in legal trouble, then can then look back through their logs and associate the activity to a MAC address.

The long and the short of it is, nothing you do over the internet is every really secure. If you ever want to see how many steps your internet traffic goes through, check out this. My personal recommendation is only buy things in places that you have the most control over your connection. Rule of thumb, if you don't know what is between you and the ISP connection, don't give anything you don't want public.