Video: Protecting Your Logins on Public WiFi (For Non-Infosec Peeps)
Demo of how easy it is for bad guys to steal your logins.
We’re all told not to use public wifi, but why? Notwithstanding that everyone uses public wifi anyhow, what are the actual risks? In this video, I demonstrate how easy it is for a bad guy to steal your logins if you’re not careful about using encryption.
This video isn’t aimed at infosec peeps. If you’re already working in infosec, you probably know all this already.
Key points:
Banks and other important sites will force you to use HTTPS which is encryption (and good!)
VPNs are better because they encrypt more than just your web traffic, but are harder to set up. I recommend Windscribe VPN (affiliate link), ExpressVPN, and Proton VPN.
TCPDump is a common traffic collection tool.
Wireshark is a common traffic analysis tool.