Public Service Announcement: Always use VPN on public (especially unencrypted) wi-fi.
I just connected to the local CoffeeChain’s wifi (after accepting a terms & conditions which are mainly to limit their liability. However their Acceptable Use Policy also includes this line, “could reflect poorly on the reputation of [CoffeeChain]”. Hence why I’m not using their name in this post.)
The wifi network they have is public and open, open as in there is no security at all. They don’t even have the decency to offer the easily broken encryption of WPA2.
This is why you should always use VPNs. There are a lot of good choices with many locations around the world. A VPN will tunnel your connection to another location and the encryption is difficult, if not impossible, to break (my VPN uses 2048-bit encryption). The Electronic Frontier Foundation has an excellent guide on choosing the VPN that’s right for you. (Just be aware that a VPN will protect on the public network but people on the internal VPN network could still potentially access your data so you have to trust your VPN provider).
If you can’t use a VPN at least use sites that are encrypted with HTTPS; and for the love of security, don’t login to your own personal/corporate accounts for anything on public unecnrypted open wi-fi.
To make sure your VPN is working, you can search DuckDuckGo for “what is my ip address” and it will display your IP address and country at the top of the search results, or you can use the traceroute tool.
I whipped up this blog post because I honestly cannot believe that open, unencrypted wifi is a thing anymore.