Drop a pin on a map. Pick a random city and random street. Chances are if you were to actually go to that location, your Mac or iPhone will pick up several Wi-Fi networks. Some may even be free and open to use: think of Starbucks, the Apple Store, the library, on college campuses, or possibly even the networks of some homes.
While free Wi-Fi is very convenient, there are risks involved in its use. This article will cover some of the risks associated with public networks and how you can keep your Mac safe when using them.
Make sure that the network you connect to is the right one. You may have seen similarly named networks when you’re at a Starbucks, such as “Starbucks Free Wi-Fi” or “Starbucks High-Speed Internet.” These are not owned by Starbucks but someone hoping you will connect to it, so they can get their hands on your communications or login credentials. If you are not sure which network is the right one, ask the staff of the establishment you’re in.
By default your Mac will remember Wi-Fi networks that it has previously joined—a time saver, for sure, but also a risk. If your Mac has “Apple Store” or “Starbucks” in its memory, there is nothing stopping it from joining my fake “Apple Store” network. If the network has the same name and the same password (or lack thereof), your Mac thinks, “it must be the one I remember from before, right?” Your Mac does not know any better, and it “helpfully” connects automatically, while perhaps it shouldn’t. We recommended that you delete free Wi-Fi networks from your history, so that your Mac will not auto-join them the next time you’re in range. For a step-by-step on how to do this, have a look at Intego’s article here.
Your Mac has sharing capabilities built in. To view them, open your System Preferences and go to the Sharing pane.
Make sure all services in this pane are unchecked. Optionally, you can change your computer’s name to be a bit less revealing. For instance, instead of “Bob’s 2015 MacBook Pro” use “Bob’s Computer.”
Another radio sending out signals is your Bluetooth. Use your laptop’s built-in trackpad instead of a wireless mouse and turn Bluetooth off. This can be done in your System preferences > Bluetooth pane.
With your Bluetooth disabled, AirDrop can’t function; however, next time your Bluetooth is on, have a look at your AirDrop settings. The setting that controls who can send you files when AirDrop is active has to be changed in the AirDrop window itself. Click on AirDrop in a Finder window sidebar and a window similar to the image below will appear:
Click on the “Allow me to be discovered by” menu, and make sure it is not set to “Everyone.” If you never use AirDrop, then you can also set this to “No One” and never worry about it again.
A firewall is required to block and monitor connection attempts made to and from your Mac. A firewall is your Mac’s personal body guard that won’t let anything, or anyone, through without your express permission. It worries about incoming and outgoing network traffic, so you won’t have to. (Note: Apple’s built-in firewall only offers inbound traffic protection.)
Intego NetBarrier, included with the Mac Internet Security and Mac Premium Bundle packages, is the right tool for the job.
Loaded with three presets, Home, Work and Public Hotspot, adjusting the flow of traffic is as easy as toggling a profile. At home, your trusted network, NetBarrier will allow local network traffic to flow free, but switch it to Public Hotspot and the gates are slammed shut. Nothing enters your Mac unless you allow it.
If all you need is the Internet, you can block outgoing local connections for an even more closed off environment. You can browse the web, check your email and message with your friends without having to worry about someone else on the network attempting to access your Mac.
Of course, the preset profiles can be edited and customized to suit your needs, but the default settings offer excellent protection. If a process or application wants access to the network, Intego NetBarrier will let you know and you decide what happens next.
Alright. You’re on a network that you know is not a fake, and access to your Mac is actively blocked and monitored by the firewall, ready to start browsing? Not quite yet. The network you’re on is still accessible to multiple people, and even though they now can’t get into your Mac, someone could be monitoring and capturing the network traffic itself. If the information to and from your Mac is not secure, then you can still be at risk; login credentials to websites may be stolen and privacy may be compromised.
A VPN will create a secure, encrypted tunnel from your Mac, straight out of the network you are connected to and to the VPN host. This host will be an off-site server from your preferred solution: a VPN provider, a VPN router at your home, or a macOS Server with the VPN service enabled. The result is that your use of Facebook, messaging, email or online banking can all be done knowing your communications are not watched by anyone on the network.
For more about VPNs, see our article on why you need a VPN, or listen to our Intego Mac Podcast episodes all about VPNs and about CyberGhost VPN in particular.
Really try to get a VPN solution. It’s worth it. If this is not an option though, here are a few tips to keep your communications as secure as possible.
You type in “intego.com” but your Mac has no idea where to find that website—or rather, it wouldn’t without DNS (short for Domain Name System). Instead of crawling the web in the hopes of accidentally running into the server that hosts the site, it contacts a DNS server. The DNS server knows that “intego.com” is hosted on a server with the IP address “96.126.119.191.” Your Mac contacts that IP address and finds “intego.com.” This happens in a fraction of a second every time you type in a website address and hundreds of times more in the background without you even knowing.
Using a public network usually means you are not alone. So here are a few additional tips for added security.
On campus, at a Starbucks, in an airport or at work, these tips should help you stay safe on any network that is not your own.
For more ways to keep your Mac safe at Universities and public networks, check out these 15-Mac hardening security tips from Intego to lock down your computer.
