Ads for VPNs give their two biggest benefits as often as they can: that you can watch shows blocked in your home country using one, and that hackers using the same public WiFi network can’t steal your data as long as you’re encrypting it with a VPN.
The first one is relatively easy to understand, but how does the second trick work?
1) Simply Saying They Are Something Else
One of the easier methods of tricking a connection is to simply create a hotspot near a public wifi source, and name it the same thing as the legitimate source. If there are two ‘Starbucks Café 9812’ Wifi channels available, the duplicate may catch out users. After that, the hotspot’s creator can intercept any data sent over the connection.
2) Using Specialty Tools
Unsecured Wifi is dangerous in multiple ways – loose, unencrypted packets of data travelling over the Wifi connection can be caught by a hacker and decoded into readable information using something called a WiFi sniffer. Information that your computer will not pick up by default can be found this way, and with it, data sent over that unsecured connection.
Using a WiFi channel with a password is generally good enough to prevent that from happening, however.
3) Hoping For Poor Security Practices
If a public spot’s router is not set up correctly, it might be possible for a bad actor to get into it as an administrator, with all of the permissions that entails. If the router is still using a default dictionary password, a dictionary attack might crack it, and give the bad actor those admin privileges that way. And, if a bad actor got onto the network legitimately, they may be able to execute a man-in-the-middle attack where they trick the target computer and the router into sending potentially sensitive data through them first.
VPNs, or Virtual Private Networks, add an extra layer of security via encryption to information as it passes from the user’s computer, to the router, to the VPN’s server where it is unencrypted, to the website where the request was directed, back to the VPN’s server so it can be re-encrypted, and then back to the router and ultimately the device, where the information is unencrypted.
That’s good for protecting the user from many of the security issues associated with Public Wifi, but it’s not the be-all end-all of security – you must pick a VPN carefully if you intend to use one, because using a VPN means putting all of that data in their hands instead.