When I am in a hotel or a hotspot, and I want to connect to my bank I need a secure way to do so. Is using the Tor browser OK? Does it make it secure? Of course my bank has a HTTPS connection, but i would still be worried about, for example, a 'man-in-the-midle' attack etc.
Thanks
MBP+MBP+MM+MM - 10.6+10.10
https is the security that encrypts your data between the device & the site. Ideally your bank uses certificates with good ciphers & extended validation so that anyone on the public wifi cannot attack your traffic. Others on the same network can see you are sending data to the bank's site but they cannot see what that data is.
https://www.ssllabs.com/ssltestcan tell you how good the bank is dong their job with the certificate & it's security. Be sure to check the site that you login to some banks have many site addresses with different certificates & security levels.
Provided you do not blindly accept dialogs similar to 'this certificate is bad, do you want to ignore' you should be safe on public wifi as the certificate system can't be altered in transit (at least for good, modern security).
Proxies will not add extra security.
A VPN can add extra security when using a public wifi network, that wraps all traffic up inside encryption - very similar to https sites but it also handles http sites and other traffic. Be sure to use a VPN you trust if you choose to use one. They will help with open wifi & other public access points.
Cellular data is not immune to being attacked or manipulated by bad actors within cellular companies so you should consider using VPN's there too if you are paranoid about privacy/ hacking etc.
TOR is just a 'chinese whispers like system' that passes data from place to place in an attempt to hide the source. Each node cannot read the content, only the exit nodes can see the data. It wraps the data in layers of encryption and each node peels or adds one layer (like an onion, hence 'The Onion Router'). It's actually an elegant system invented by the US navy. You probably don't want to use it for banking as you will exit in some random country, your bank may see that as suspicious & can potentially lock the account - VPN's can have the same issue but most paid services allow you choose from a few exit locations.
1. Read up on HTTPS
https://en.m.wikipedia.org/wiki/HTTPS
You already have a 'secure pipe' if your bank uses that (a bank would probably be breaking laws or banking guidelines by not using secure connections).
2. A VPN will hide insecure connection data - see #1. It probably doesn't do anything but go ahead & pay for one if you want a layer of privacy for other data.
Unless you have think you are a high-profile target of spying, such as Julian Assange, your email data is not likely to be interesting to anyone but you. Stealing your emails is WAY too much work for no reward.
But you should be tempering what you commit to computer-readable form in everything you write, in every situation. You should assume that ANYTHING you commit to computer-readable form could eventually become Public. These writings should pass the "Sunshine Test". If this were to be exposed to the Public (i.e., have the sun shine on it) would you still be proud to have written it?
rbakelaar wrote:
Also check out Turn Private Browsing on or off on your iPhone, iPad, or iPod touch
What for?
That just stops the storing of cookies and website data on your device.
But does nothing to the data you send over the network. Private Browsing will not make a wifi network more secure.
Good morning Folks
I did some more digging around looking for solutions. I would appreciate your expertise as to this.
How about the following:
Thanks.
I am not that familiar with the Tor Browser but I'll post my opinion. Tor appears to operate similar to Torrents in that it rely on worldwide volunteers to route your traffic though connected nodes. This in my opinion opens up your transmitted data to many more possibilities of compromise. Tor does make it difficult to track your data routing but I don't see how it protects your data content.
The above is just my opinion as I have not thoroughly studied the Tor Browser.
The Tor Browser site basically says the same thing:
"Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location."
I see nothing that says your data is more secure, which is understandable. In my opinion your data would be less secure.
If you are in a Witness Protection Program, you need Tor Browser. Tor Browser "claim to fame" is anonymity, not necessarily increased security of your data.
It is the WRONG tool for this job. Your Bank may not even allow connection, because your end of the connection will be originating from IP Address: "I don't know".
There is no real way to make a public wifi secure.
If you absolutely must access your Bank's website to perform sensitive actions, use your Cellular Hotspot feature from your iPhone or other smart phone.
The cellular network is by nature more secure than most other connections.
You are over thinking this. Millions of business travelers use their email from hotels every day. As already stated several times, use your email server's secure web interface. Hotel or other hotspots are not secure. Anyone can listen in and intercept packets. The issue is if a packet is intercepted can the interceptor read the data. If you are using a secure layer, https, they can not read the data contained in the packet.
You're right it won't make a wi-fi network more secure. His main goal on the thread is to browse securely. Private browsing windows make it so that websites don't track you making banking and surfing more secure. If you're worried about security while you're surfing turn on your firewall on the Mac and don't allow incoming connections.
rbakelaar wrote:
You're right it won't make a wi-fi network more secure. His main goal on the thread is to browse securely. Private browsing windows make it so that websites don't track you making banking and surfing more secure. If you're worried about security while you're surfing turn on your firewall on the Mac and don't allow incoming connections.
I'm sorry but I think you missed "the goal on this thread". Private browsing windows and turning on your computer's firewall do nothing to secure data transmitted or received via email, browsing or any other protocol.
rbakelaar wrote:
You're right it won't make a wi-fi network more secure. His main goal on the thread is to browse securely.
The main goal is to browse more securely while connected to a public Wifi such as a Hotel hotspot.
ChangeAgent wrote:
When I am in a hotel or a hotspot, and I want to connect to my bank I need a secure way to do so.
Private Browsing will do nothing for this specific requirement at all.
The security they were worried about is not on their own Mac its the wifi network they are connecting to.
Also secure banking sites generally rely on cookies to maintain your logged in status and other data, and log you out based on these cookies. In Private mode these cookies cannot be set, and such the banking sites cannot work.
Again, for what was explained as required, Private Browsing will not help. So there is no point in turning on, and in fact will hinder what the object of this thread was.
Hi ChangeAgent,
Easy solution. Use private browsing windows: Safari: Use Private Browsing windows.
Like BobTheFisherman said. You're really over thinking this way too much.
Bob, Grant, thank you. Good input.
Any ideas as to how to make it secure?
Tor browser secure surfing?
