What can someone potentially see when you use unsecured public WiFi?


I understand that using unsecured public WiFi is a security risk, and if I’m not using a VPN, someone can “eavesdrop” on my activity. What I don’t know is what could they actually see? Could they just mirror my activity on their laptop and watch in real time what I’m doing, or is it more like you might see in a Hollywood movie, with pages of code streaming quickly down the screen (preferably green text on a black background for max cliche).

Topic: Networking
Answer this Question


4 total
Dr. Rose
Vote Up (7)

It mostly depends on the type of attack. for example, a free program like tcpdump can be used to capture all of the data sent over the wireless connection, including both traffic to or from your computer. Thus, any unencrypted internet traffic to/from your computer can be transparently viewed, either at the time or later. In the simplest case, this includes every website you visit, but if the websites don't use HTTPS, this can include passwords and usernames. Also some tools like nmap can be used to quietly scan a machine for any services you may have left open, and can then be used to attempt to break into them. In particular, remote desktop and screen sharing allow for simple visual observation of all behaviour on your machine.On an open wireless network,Unpatched exploits are worse as an attacker can run arbitrary code on your machine. Most commonly, this will involve installing some piece of spyware, such as a keylogger to records keystrokes made on a computer.

Adam Magoon
Vote Up (7)

If they're on unencrypted wifi, going to non-ssl (https) sites, then they can basically see everything you're seeing. Not even close to the movie cliches. It's more like a window with a list of clickable "caches", that would then open up to the page you went to/are currently on. This in itself isn't that threatening. They won't be able to see info you type into a page unless it's a "post" and gets saved to the website database for frontend visibility.


Ever hear of Firesheep? Made a bit of news back in 2010. Here's an article that'll give you a brief description of the type of "can of worms" Firesheep opened up, as well as its predecessor, Cookie Cadger.


The biggest threat with these programs, in my opinion, is not the program itself, but the ability to use these programs to watch someones habbits (like which websites they normally go to) for a day or two and pick a non-ssl site to set up a man-in-the-middle attack.

Vote Up (4)

Here's what an eavesdropper sees when you use an unsecured Wi-Fi hotspot

" You’ve probably read at least one story with warnings about using unsecure public Wi-Fi hotspots, so you know that eavesdroppers can capture information traveling over those networks. But nothing gets the point across as effectively as seeing the snooping in action. So I parked myself at my local coffee shop the other day to soak up the airwaves and see what I could see.

My intent wasn't to hack anyone's computer or device—that's illegal—but just to listen. It’s similar to listening in on someone’s CB or walkie-talkie radio conversation. Like CBs and walkie-talkies, Wi-Fi networks operate on public airwaves that anyone nearby can tune into.

As you'll see, it’s relatively easy to capture sensitive communication at the vast majority of public hotspots—locations like cafes, restaurants, airports, hotels, and other public places. You can snag emails, passwords, and unencrypted instant messages, and you can hijack unsecured logins to popular websites. Fortunately, ways exist to protect your online activity while you’re out-and-about with your laptop, tablet, and other Wi-Fi gadgets. I'll touch on those, too. "

Vote Up (4)

Just to add to what Adam already said, there was an article on PCworld last year where the author checked to see what he could see by snooping over public WiFi. Short answer: A LOT! It might be worth a read if you have time. 


Ask a question

Join Now or Sign In to ask a question.
Yelp has agreed to pay US$450,000 to the U.S. Federal Trade Commission to settle charges that the company accepted registrations to its services from children under 13 through its apps.
Jive has built links between its enterprise social networking (ESN) suite and Microsoft's Office 365 to let users leverage Jive collaboration features with the cloud versions of Outlook, Office, SharePoint and OneDrive for Business.
With the newest commercial service to spring from its highly publicized Watson cognitive computing initiative, IBM is attempting to streamline the process of analyzing data so business managers can pull insights from data sets without the help of IT experts.
Lyft is bringing its car-pooling service to Los Angeles, even while California regulators say it's illegal.
Cisco, IBM, HP, Intel, Microsoft argue that the Internet of Things is mainstream today.
The U.S. Federal Communications Commission's deadline for the public to comment on the agency's proposed net neutrality rules passed Monday with more than 3 million comments filed, by far a record number for an FCC proceeding.
In an ongoing effort to commercialize its Watson analysis technology, IBM is testing a new service that can answer questions business managers might have about their data.
Facebook has partnered with several large companies to kick off a new project called TODO that aims to improve the way open source software is developed and consumed.
Internet conglomerate Mail.Ru has at last acquired total control of Russian social network VKontakte after a lingering shareholder dispute involving allegations of embezzlement and the involvement of the Russian secret service.
Infor is hoping to elbow its way into Workday's turf with an upcoming cloud-based financial software suite dubbed Financials Xi.
Join us: