Dangers of Unsecured WiFi?

There is a CVE issued a week ago for all Apple OSs that are not on the latest update (Mac iOS, etc). Maybe you were affected.

https://www.cisa.gov/news-events/alerts/2024/09/18/apple-rel...

BTW always wondered... often docs show that a wifi with a password uses encryption, and wifi without password are not encrypted, I'm wondering why that is?

Is it for backward compatibility with old devices?

Why isn't the standard that when connecting to a wifi without password, everything would be just like if there was a (fake) "public password" like the string "password", so that traffic is still encrypted?

Have you confirmed you are locked out of Firebase? Performed a password reset?

If you get to login, check your compute resources since most of these bots just deploy tons of compute and use them for DDOS. This can be in the hundreds of dollars per hour figure.

It is possible to have your session hijacked when using any wifi really, its a lot harder on secured wifi though.

I only tether to my phone now in public, and never use unsecured wifi for anything.

unless you accepted an invalid https certified popup, its not possible, even on public wifi. or maybe you still type: http:// instead of https://, and then is easy to fake a dns response to point to a clone site

Your question is meaningless and context-free.

The only difference with "unsecured WiFi" is its lack of key and encryption.

You've said nothing about who provided that WiFi service, where it was, or anything. Plenty of reputable and well-managed WiFi networks are unsecured these days. Even my ISP runs them; they're perfectly safe. I don't use a VPN.

We're not your tech support department, and it's impossible for us to troubleshoot your bugs with so little information. Your local machine got messed up somehow. It sounds like PEBKAC. What leads you to believe that the WiFi network was to blame? No, I don't care.

Take your machine to an Apple store or something. Contact the administrator of the WiFi network. Go to Geek Squad. Factory reset and reinstall your computer. Who knows how you've shot yourself in the foot?

Hmm, my father in law refuses to use WiFi outside his house, afraid of them hackers, since he has no mobile internet he is often off line for long periods.

I always tell him he is being paranoid, because every app, especially the ones het finds important (like banking) encrypt their traffic. So who cares if the WiFi layer is encrypted or not.

For the people that do use WiFi away from home: It's easy to create an access-point that is malicious and has wpa2. Also, wpa2 isn't that great anymore, right?

I could tell him to just use a (trustworthy) free vpn (ie protonvpn, or just pay for mullvad) if he really needs to connect. That would take care of his concerns.

Am I wrong?

I once connected to unsecured wifi and 2 minutes later started getting ungodly amounts of spam, just spam everywhere filling up my inbox etc.

I started panicking, going over to people around me asking if they've ever experienced such a thing. All I got was a bunch of "huh? no never"s.

I found out a couple hours later that by pure coincidence my friend pranked me right then by signing my email address up for all the spam newsletters etc. he could find....

The London underground now provides mobile connectivity. I have a gut feeling that that is more secure, but probably costly and bureaucratic.

[My works-on-my-machine]

By default, I tether my phone. In the places that's not possible, the public WiFi is typically part of large scale infrastructure like an airport.

The biggest practical advantage of tethering is not security. It's repeatability. Sure security matters and I trust my phone's security. But not having to navigate other people's ideas of internet access is why I tether.

Good luck.