VPN services offered by a lot of service providers are
marketed as solution to Wi-Fi hotspot’s insecurity. I have been advocating this
since long that it might improve the situation but fail to offer
privacy and data protection to wireless hotspot users.
When a user first time connects to the Internet in a Wi-Fi
hotspot, his VPN client remains in disconnected state. It requires manual enabling
of the service. During this small time window when his VPN is not ON, he is
vulnerable to various wireless threats. For the sake of point being mentioned
in this post, lets ignore this vulnerability that exists in a small time
window.
Majority of Wi-Fi hotspot all across the globe requires you
to pay for Wi-Fi internet access at some point in time. Some may ask you to
make a transaction upfront, while others provide free few minutes Internet
access and thereafter access needs to be purchased. When a user tries to
purchase Wi-Fi internet bandwidth, he has access only to the payment gateway. Since the user cannot access any service on the Internet, he cannot utilize VPN service to protect his transaction done to purchase Wi-Fi internet bandwidth in a fee based Wi-Fi
hotspot. So, all Wi-Fi hotspots offering paid internet access and requiring
users to make payment through their web portal make users vulnerable to
Wi-Fi threats irrespective of users having VPN subscription.
In a Wi-Fi hotspot that offers few minutes of free Internet
access and then fee based internet access, suddenly, makes the user vulnerable
to wireless threats on expiry of the free session by blocking all connections
from his device to the Internet including VPN tunnel. At this stage if a user
proceeds to purchase more wireless internet bandwidth, he will end up risking
his credit card information or bank account details.
The situation of a VPN service subscribed user in any
paid Wi-Fi hotspot environment is similar to the Emperor who thought he had new
clothes but he had nothing on.
No comments:
Post a Comment