We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Wifi Security
Apreciar
Posts: 627 Forumite
in Techie Stuff
I will be going to Tenerife for a few months and will need to access my bank accounts, as I will not have broadband I will have to use local wifi. Is there any way to ensure a secure connection. Will connecting through VPN encrypt my information or is there any other way to be secure.
Change is here to stay
0
Comments
-
Pretty sure all banks would be using an HTTPS connection which would be using encryption by default0
-
I understand that but regularly on this forum folk are warned not to trust local wifi, if the HTTPS is enough, why is this.bob_a_builder wrote: »Pretty sure all banks would be using an HTTPS connection which would be using encryption by defaultChange is here to stay0 -
if using just HTTP then there is the possibility of the man in the middle attack - i.e. you think you are talking to direct to a local wi-fi but actually connected to a hot-spot on some crooks laptop who is skimming your data & passwords etc
since HTTP is end to end security would have thought would be ok
lets wait and see what others say0 -
If HTTPS is used, data is encrypted/decrypted on your device, so no one in the middle could see what is being sent. VPN is useful if you wish to also hide your regular traffic.0
-
Thanks, so you are saying that so long as I See the HTTPS I will be safe on the bank sites?TadleyBaggie wrote: »If HTTPS is used, data is encrypted/decrypted on your device, so no one in the middle could see what is being sent. VPN is useful if you wish to also hide your regular traffic.Change is here to stay0 -
HTTPS means the pipe is encrypted - data passed along it cannot be spied upon as the data passes by.
It doesn't necessarily guarantee the end point is who you think it is. It's possible to redirect traffic so you think it's going to https://www.yourbank.com, but it's not really (this name points to some address, it's possible if you own wifi to tell your PC that https://www.yourbank.com is hosted at a different address - as they'll control the domain name service possibly too).
Check the certificate - when you visit the site on your trusted machine it should say (hovering over the padlock symbol) "signed by Verisign" and your bank's name (or their parent's name - Natwest says RBS).
The certificate RBS bought is signed by Verisign, and as long as the would-be fraudsters don't get hold of VeriSign's private key they can't create a fake version of that certificate too.
They can provide their own certificate, but can't sign it as having come from VeriSign - the trusted third party.
So HTTPS - nobody can see the data as it's sent.
Certificate - proves the end point is who it's supposed to be.
If you check both - and they look good - you're OK.
Mirno0 -
How do you check the certificate on an ipad?Change is here to stay0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.2K Work, Benefits & Business
- 600.8K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards