You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Open WiFi network danger on ipad?

So I was at a hotel. And like most hotels they have WiFi. But the wifi at the hotel was an open network. So I Connect my iPad with it. And then I randomly remember that the wifi could have malware or something on it or hackers. I was only connected for 3-5 secondes. I dont know if there is malware or something else on the network. But could my iPad be infected or could a hacker already have acces? If the network was infected or hackers were on it?

Posted on Jul 26, 2022 12:17 PM

Reply
Question marked as Top-ranking reply

Posted on Jul 26, 2022 5:10 PM

This old chestnut needs some qualified explanation…


Part #1


Due to the system architecture of iOS/iPadOS, unless jailbroken, your iPad is not susceptible to traditional malware infection per-se. However, as with all computer systems, there are still vulnerabilities and exploits to which you remain vulnerable. For older devices, no longer benefiting from regular security updates, the risk of an unpatched vulnerability being exploited increases.


Be wary of the often repeated myth that Apple devices are immune to malware; those that perpetuate this falacy do not necessarily comprehend the broader threat landscape. Consider that if the myth (and over-generalisation) were true, Apple would not expend considerable resources, as they do, in developing and issuing regular software security updates and patches for its products.


In connecting to a public (open) WiFi network, you are perhaps unlikely to have exposed your iPad to significant risk of compromise - but some explanation of both risk and recommended mitigation might be useful, if only in dispelling persistent and inaccurate myth that to this day continue to be repeated both here and elsewhere.


While some network traffic uses fully encrypted protocols, it is common misconception that all modern network traffic is fully encrypted. Alas, it is not. Many protocols have unencrypted header information; others upon which communication rely are totally in-clear with no protection whatsoever.


By example, your DNS traffic is (by default) an un-encrypted protocol - and conveys (leaks) considerable information about you and your traffic. This DNS traffic, in addition to being commonly monitored by the network operators(s), is often used for malicious purposes and/or as an attack vector/exploit. Where available and correctly configured, there are available mitigations for risks associated with DNS (such as DoH, DoT and DNSSEC), however, these are beyond reach of most users.


As a further example, without delving into the technicalities, when using public/open networks your network traffic can be easily intercepted by other users of the same WiFi network. In addition to interception and monitoring of unencrypted protocol traffic, a potential source of risk is session hijack/replay.



7 replies
Question marked as Top-ranking reply

Jul 26, 2022 5:10 PM in response to jonhy240

This old chestnut needs some qualified explanation…


Part #1


Due to the system architecture of iOS/iPadOS, unless jailbroken, your iPad is not susceptible to traditional malware infection per-se. However, as with all computer systems, there are still vulnerabilities and exploits to which you remain vulnerable. For older devices, no longer benefiting from regular security updates, the risk of an unpatched vulnerability being exploited increases.


Be wary of the often repeated myth that Apple devices are immune to malware; those that perpetuate this falacy do not necessarily comprehend the broader threat landscape. Consider that if the myth (and over-generalisation) were true, Apple would not expend considerable resources, as they do, in developing and issuing regular software security updates and patches for its products.


In connecting to a public (open) WiFi network, you are perhaps unlikely to have exposed your iPad to significant risk of compromise - but some explanation of both risk and recommended mitigation might be useful, if only in dispelling persistent and inaccurate myth that to this day continue to be repeated both here and elsewhere.


While some network traffic uses fully encrypted protocols, it is common misconception that all modern network traffic is fully encrypted. Alas, it is not. Many protocols have unencrypted header information; others upon which communication rely are totally in-clear with no protection whatsoever.


By example, your DNS traffic is (by default) an un-encrypted protocol - and conveys (leaks) considerable information about you and your traffic. This DNS traffic, in addition to being commonly monitored by the network operators(s), is often used for malicious purposes and/or as an attack vector/exploit. Where available and correctly configured, there are available mitigations for risks associated with DNS (such as DoH, DoT and DNSSEC), however, these are beyond reach of most users.


As a further example, without delving into the technicalities, when using public/open networks your network traffic can be easily intercepted by other users of the same WiFi network. In addition to interception and monitoring of unencrypted protocol traffic, a potential source of risk is session hijack/replay.



Jul 26, 2022 5:11 PM in response to jonhy240

Part #2


There are many valid reasons to use a VPN. Contrary to frequent assertions that you’ll encounter, using VPN over public networks does provide useful and significant protection against local attacks and traffic monitoring which are endemic on public networks. For this reason alone, it may argued that using a VPN reduces (but does not fully eliminate) avoidable risk.


Some contributors are correct in there assertion that, where used, a commercial VPN operator has visibility of your network traffic - as your network traffic is obviously being routed via their VPN gateway/endpoint. Whilst your VPN-tunnelled traffic is protected from locally prying eyes of the open WiFi network to which you connect, your traffic is ultimately delivered to the internet from the VPN gateway in its original (partially encrypted) form.  As such, unencrypted protocol traffic is protected from interception on the high risk “open” WiFi network, but can [technically] be seen by the VPN gateway.


To reiterate, traffic visible at the VPN Gateway/endpoint is still partially encrypted at protocol level. As such, for practical purposes, the traffic exposed to the VPN Operator is no more at risk than would otherwise be exposed to your Internet Service Provider - but is fully encrypted by the VPN tunnel over the “least trust” open/insecure WiFi network. If the VPN Provider is chosen with care, risk of traffic interception over high-risk networks can be significantly mitigated.


For this purpose, use of a VPN is a “trust” exercise. In whom do you place greater (dis)trust? The open/insecure WiFi network to which you make your network connection (with all of its consequential risk, potential traffic monitoring/interception and alteration), or the VPN Operator? Which carries greatest risk to you, the security of your network traffic, or your privacy?


A reputable VPN Operator (noting that “free” services are generally outside of this category) has no commercial interest in your network traffic - but may be bound by legislation of the country in which it is based to collect metadata concerning your connection. The latter you can nothing about - and unless you yourself engage in nefarious activity, should offer no concern. The former simply requires wise selection of your network operator - often requiring parting with money on subscription terms.


If the user has the technical capability (and competence) to correctly configure a VPN endpoint/gateway, trust in the VPN moves from that of a commercial VPN Operator to the end-user entirely - removing any perceived issues with the VPN Operators interest.


To conclude, whilst the explanation is necessarily technical, I hope to have provided additional qualified information as to some of the benefit (and limitations) of using a VPN.


In summary, when using an open (public) WiFi network, a well chosen commercial VPN offer significant benefit to both security and privacy.


Open WiFi network danger on ipad?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.