Privacy while using wi-fi in public places

Here I am in a Mc. Donald’s using their wi-fi to do my banking, send emails, etc. etc. Just how safe, how private is such a network? When using wi-fi spots in bars, restaurants, etc. am I compromising privacy? Should I be using a system which emloys encrypation/proxy servers, such as Witopia?

If you are using SSL encrypted sites (sites with padlock in the address bar) and your own device then you are fairly safe.

Web mail - could be a problem as they are not always encrypted.

Public wifi services are open so can be tapped if someone wants to do that so it pays to use only encrypted sites.

I've opened up banking websites with wi-fi.
Never had any issues.

Thanks for replies.

PhiMeow, you say (only) "fairly safe". What is the risk here?

Edited by: italihurr

My confidence is SSL site is 90-95%. SSL encryption is not unbreakable but it will take considerable effort and computing power to do so.
With my bank site (it uses SSL) I also use additional security measure provided by the bank (I had to request this, and luckily my bank can provide it). This is the use of a security token when logging on to the site. Google 'two factor authentication' if you want to know more.
2factor authentication is not foolproof but increases the security.

Also the bigger risk is using public computers more than using public wifi.
Public computers can have keylogging software which grabs the keys as you type and before they get encrypted.
Its also in the Banks best interest to make their systems secure.

I would generally trust large companies WiFi signals such as McDonalds and Starbucks, but be on guard!

Be careful of fake WiFi signals, just because it's called "McDonalds WiFi" doesn't mean that somebody isn't creating the signal from their laptop...

I'm a big fan of a program called "keyscrambler" [http://www.qfxsoftware.com/] which helps to encrypt keystrokes as you type. It's free and easy to install.

{quote:title=zoltan wrote:}{quote}
I'm a big fan of a program called "keyscrambler" which helps to encrypt keystrokes as you type. It's free and easy to install.

Keyscrambler is excellent software, but offers no additional protection when you use public wifi, assuming you're using your own computer to connect. It will protect you if there is ALREADY a keystroke logger in your machine, but otherwise it's useless. It will not encrypt your Internet connection, only the path from keyboard to text input fields on a computer program such as Firefox

One risk in using public wifi is that it's basically a big local area network, which means you are sharing what's on your computer with everyone, and without encrypting or tunnelling your Web link you're sharing all the traffic on your Internet connection. If you send emails in plain http connection, there's no privacy at all.

One risk is the so-called "man in the middle" attack . Moreover, even when you connect to an encrypted site, an intruder could have engineered the wifi to use their own DNS (the way domains are resolved to IP addresses) and sent you to a lookalike site, where you reveal your banking login credentials.

At the very least make sure you have a good firewall in the computer, go for something like Gmail, which now defaults to an https connection all the time, don't let your browser store passwords (these are easily copied, even when you are not on the site in question), use a VPN like HotSpot Shield to connect to non-encrypted sites, encrypt all of your sensitive data on the computer (ie: don't have plain text password lists lying around) and DON'T do any financial transactions on public wifi unless it's an emergency!

Some important tips for public wifi.

Thanks for the clarification Midnight Toker. I wasn't aware of this previously.

Cheers
Zoltan