4. Hindrance to online experience: With VPN services all online traffic originating or targeted at a user's mobile device is sent thru the VPN tunnel to a central VPN server, the other endpoint of the tunnel. Therefore, the VPN server acts as a proxy for serving all Internet applications, including browsing, online media, email and chats, etc. But the overhead can cause significant latency and jitter, hampering the online experience. This can be annoying at times, forcing users to access public Wi-Fi without the VPN thereby risking security breaches.
6. Configuration and operational issues: Some VPN technologies available today require special settings/capabilities (like opening of certain ports, firewall tweaks, VPN pass-through, etc.) to work properly for hotspot users. However, such special settings/capabilities can differ from hotspot to hotspot, rendering the VPN service useless at certain spots. Also, when users are at home or in the office, they do not require full-fledged public VPN services, meaning they need to manually start or stop the service according to their location. That means they may forget to turn the VPN back on when accessing a public Wi-Fi service, making them susceptible to a host of attacks. Further, since the support of some VPN technologies is limited to certain operating system only, users opting for a public VPN service need to ensure that the service is suitable to all mobile devices they would use in public Wi-Fi hotspots.
While use of a VPN service increases your privacy and provides data protection, it is something of an inconvenience and adds cost and complexity, which ironically defeats the convenience, ease and cost-effectiveness of public Wi-Fi hotspots.
Sohail Ahmad is a researcher, developer and security expert with eight years of experience in wireless, particularly Wi-Fi domain. During these years, he researched Wi-Fi vulnerabilities, contributed to open source Wi-Fi driver development project, released security tools and published various research papers in ACM and IEEE conferences such as WiSec and Comsware. He hold a master's degree in computer science from Indian Institute of Technology Roorkee (IITR), India.
Read more about anti-malware in Network World's Anti-malware section.