Search By Topic:

Popular Topics:



Thought Leadership | Jun 6th, 2011

Ask the Expert: Is It Safe For Me to Use Hotel Wifi?

Kent Lawson

Q: I read your article about the risks of using wifi in hotels. I just don't understand why hotels would offer me something that leaves me so exposed. Hotels would never put me in a room without curtains on the windows or a deadbolt on the door, so why are hotels not doing more to protect me?

hotel wifi

A: This is a question I’ve often wondered myself. Since hotels are such excellent venues in which to steal confidential information, why don’t they do more to protect us?

The simple truth is that most hotel wifi networks are completely unsecured.

In fact, the risks associated with using a hotel network are much greater than using a wireless network at your home or office. Recently, a group called TrustWave SpiderLabs released a study that showed hotel networks accounted for nearly 40% of security breaches in 2009.

You want to know what’s even worse than that?

Most hotels didn’t even know these breaches occurred for nearly five months!

Hotel networks face two types of risks:

  • The first is the normal insecurity inherent to all wifi networks. I wrote about this topic a few weeks ago, and basically, there are just two ways hacking is done in public wifi hotspots. But it's pretty simple, and it doesn't even take a "geek" to figure it out these days.
  • The second type, which I find much more surprising, is that fully wired Ethernet communications (as in, when you plug your computer’s Internet cable into the hotel’s network) might be just as insecure.

You mentioned that you had read my earlier article on this topic, so you probably will recall that even I assumed that if I plugged directly into the hotel’s network with a cable that I was safe. However, Ethernet is a system that connects a bunch of computers to form a LAN (local area network). Nearly 90% of all LANs use Ethernet, which is over 30 years old. When it was first created, no one assumed that anyone would do anything malicious. How times have changed!

Nearly 20% of hotels in the United States use a hub configuration LAN, where all network data is sent to every computer connected to the network. Each computer is only supposed to listen to data specifically intended for it, and ignore the rest.

However, anyone connected to the network can simply switch their laptop’s network card to “promiscuous mode” and view all the information sent over the entire network -- unless that information is encrypted.

And if you have file sharing turned on (most people do but do not know it), all your files can be accessed.

Networks that use switches and routers are better because they send network traffic to a specific address. However, these networks are vulnerable to something called address resolution protocol (ARP) spoofing. Basically, hackers use a tool (freely available on the Internet) to “spoof” another user on the same network and can then steal data meant for that user.

So why aren’t hotels doing more to protect you?

I don't mean to criticize them, but it seems they are making a tradeoff between ease of use and security. This is a tradeoff that is inherent in most security issues. Essentially, they feel it is their role to provide a very easy-to-use wifi service and leave the security responsibility to the individual users.

Minimize Your Risk

While it’s important to understand the dangers inherent to all hotel networks, it’s more important to know what you can do about them. Below are some steps you can take to minimize these risks:

  • Disable or block file sharing.
  • Enable a Windows Firewall or install a third-party personal firewall.
  • Use file encryption.
  • Use a virtual private network (VPN).

A VPN encrypts all your Internet communication from being intercepted by others, whether in wifi or Ethernet networks. Don’t rely on hotels (or any other WiFi provider) to protect you. You need to protect yourself.

By using a VPN, all of your communication is encrypted between your laptop and the VPN’s remote server.

In fact, The New York Times recently noted that our PRIVATE WiFi™ software is a "VPN for the masses," as it easily protects you from passive sniffing and cyber attacks. If a hacker tries to listen in on your communications, whether in a hotel room or in any public wireless location, all they will see is gibberish.

Associated Topics:

Associated Topics:


Related Posts

Protecting Your Identity with the Internet of Things

Thought Leadership
Eva Velasquez | May 21st, 2015

The internet of things—or IOT, as it’s commonly known—was once the stuff of science fiction, a newfangled “wave of the future” concept only experienced at futuristic demonstrations like the World’s Fair. But now many of these devices are already in use in millions of households around the world. They’ve become an interesting yet somehow still unknown entity in the world of technology, and industry experts have stated these products will be the norm just a handful of years from now. Read More

Avira Offers PRIVATE WiFi’s VPN As Part of New Bundle

News & Features
Jared Howe | May 14th, 2015

Germany-based security company, Avira, just announced the release of a new bundled product which includes both their Antivirus Pro and PRIVATE WiFi.  This bundle protects users from both malware infection and data theft. Read More

How To: BlueKai, Online Tracking, and Your Privacy

Jared Howe | May 5th, 2015

BlueKai is an online marketing firm that provides data to marketers, ad networks and publishers. This data is used to target ads to consumers.

This information that BlueKai gathers is considered "anonymous" because it identifies web browsers, not individuals. However, Read More

How To: Safari Privacy and Security Settings

Jared Howe | May 5th, 2015

To edit the security settings for Safari:

  1. Go to Safari > Preferences.
  2. Click the AutoFill tab.
  3. On this tab, select what types of forms your browser fills in automatically.
    Note: In general, you should remove all the checkboxes

Read More


Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.