back to article Where do people feel most at risk of being pwned? The pub

It may be a place of refuge for world-weary Brits, but the humble boozer is where they most fear Wi-Fi attacks. Research from service provider NordVPN, carried out by survey company Cint, discovered that 52 percent of little Britons feel most at risk from nefarious cybercrims when they visit pubs, cafes and restaurants. For …

  1. Murphy's Lawyer
    Pint

    For those times when there's no mobile signal...

    ... the right software will ensure you are Very Probably Not in danger of being hacked by "free" wi-fi.

    Mine's the device running that software with a set of single disposable email addresses for registration to ensure all contacts from the wi-fi provider and their carelessly selected business partners fall screaming into the abyss unread.

    1. Arthur the cat Silver badge

      Re: For those times when there's no mobile signal...

      Mine's the device running that software with a set of single disposable email addresses for registration to ensure all contacts from the wi-fi provider and their carelessly selected business partners fall screaming into the abyss unread.

      I find a random gmail address works fine for 99% of free WiFis (unless the mail contains an access code of some sort). Gmail will happily accept and drop mail if the address doesn't exist, so pick something unlikely to be a real person's address.

      1. Lon24

        Re: For those times when there's no mobile signal...

        Make sure it is a truly random collection of letter and numbers. One of my GMail accounts has been accidentally been used twice by different people. My address is a is a straight string. The other two used the same string but with the two random digits Google appends to avoid duplicates. Either they or the online company managed to forget the digits. Why online companies selling stuff don't do a simple email verification beats me.

        Two banks decided (after many years of use) to declare another email address as invalid because it isn't a personal address 'for security reasons'. It isn't a personal address for the very reason that should it fall into miscreant hands they can't infer my name. That's security. Neither bank bothered to inform me that my valid address was now invalid until I tried to get into the account and stopped receiving emails. Perhaps they had but their stupid system wouldn't send it. Doh!

        1. Vic Not 20

          Re: For those times when there's no mobile signal...

          On a related note, I can't stand when companies reject "plus addressed" emails - presumably because they don't want their nefarious data-sharing practices revealed. This is where a proactive consumer data protection regulator would be helpful...

          1. John H Woods

            Re: For those times when there's no mobile signal...

            >presumably because they don't want their nefarious data-sharing practices revealed

            Hanlon's razor suggests perhaps their webdevs don't know about RFC 5233 and they consider "+" an invalid character. I've even had companies where you can use + to register but it kills their billing system :-)

            1. Arthur the cat Silver badge

              Re: For those times when there's no mobile signal...

              Hanlon's razor suggests perhaps their webdevs don't know about RFC 5233 and they consider "+" an invalid character.

              [Maybe that should be RFC 2822, which specifies valid addresses. RFC 5233 is just the Sieve subaddress extension.]

              If you really want to have fun, ${HOME} , %TMPDIR%, `' and /\/\/\/ are all valid local parts for email. I don't think the average mail handling software would accept those.

  2. 43300 Silver badge

    Just not worth the risk of using this, especially as pubs might be using dodgy unpatched routers as well. Most places now (in urban areas, anyway) do have a 4G signal.

    Can people not manage without internet access for more than five minutes?

    1. Christoph

      But then how would they solve pub arguments if they can't google?

      1. Sam not the Viking Silver badge
        Pint

        Solving Arguments

        It is a well known tradition, especially in pubs, that you cannot let facts get in the way of a good argument.

    2. Giles C Silver badge

      If they do the pub quiz at a nearby establishment (where I am to the quiz tonight) they need to be able to last at least 90 minutes without or you get chucked out the quiz and the room it is held in…

      1. GlenP Silver badge

        If they do the pub quiz in my local internet access is essential as it's run online. You only have 30 seconds to answer though which precludes Google.

        And yes, most of the customers there will be using the Wifi due to the cr*p mobile signals round here.

        1. Fred Dibnah

          If they did allow you more time to search, every answer you got from Google would be ‘Amazon’ or ‘Alibaba‘.

    3. sedregj
      Childcatcher

      I use a OpenVPN to my home when out and about. If you are behind CGNAT then that won't work for obvious reasons. If you are simply behind "no fixed external IP address" then dynamic DNS will get you a fixed name instead, and off you trot.

      Even without a VPN, do bear in mind that to do "man in the middle" requires your device to trust something out of the ordinary and it generally won't even ask you to do so and simply fail. This means that your phone or tablet on a dodgy pub wifi will fail safe.

      https done right is effectively a VPN between your device and the web site. Nowadays most web sites will fail or work properly. If you try to browse and get loads of errors, then put it away and have a laugh instead.

    4. Efer Brick

      Only when you don't have to order online whilst at the table.

  3. that one in the corner Silver badge

    Leading questions or a fair and balanced enquiry?

    Do you feel at risk from a cyberattack?

    Where do you feel at risk from a cyberattack?

    From this list, where do you think you are most at risk from a cyberattack?

    Do you think there is any genuine difference between a hotspot you sign into compared to one without a password? Have you considered that signing into one means you have just given your email to somebody and agreed to their terms, without reading them very, very carefully? Want to change your mind about your last but one answer?

    Do you have any idea what a cyberattack actually is and how much damage could realistically be created by one? Compared to the damage you leave yourself open to by just posting all that stuff on social media in the first place?

    Are any of these surveys worth reporting?

    Or is the real value from these surveys that they give people the chance to pontificate on why does anyone risk public hotspots, and go on and on and on about how clever they are, always using VPNs and two hundred disposable emails, aren't all those other people just uninformed fools who don't know how to survive in the modern world? I.e. be online pub bores?

    1. s. pam

      Re: Leading questions or a fair and balanced enquiry?

      Never EVER give a real email address if you’re so desperate you use a free service! I use (pick a name)@spamhaus.org which might grab more bad networks onto the Blacklist

      1. Anonymous Coward
        Anonymous Coward

        Re: Leading questions or a fair and balanced enquiry?

        fuck@you.com usually does the trick for me.

      2. Anonymous Coward
        Anonymous Coward

        Re: Leading questions or a fair and balanced enquiry?

        Thank you for telling you for telling everyone in earshot what we already know. What was that last bit in the previous comment, about pub bores?

    2. goodjudge

      Re: Leading questions or a fair and balanced enquiry?

      Re: "Are any of these surveys worth reporting?"

      The ONLY relevant line in that article is "Research from service provider NordVPN, carried out by survey company Cint". It's just an ad. Publicity depts in all sorts of companies are well known for dreaming up headlines then creating a "report" and follow-up "press release" that matches the desired outcome.

      1. hittitezombie

        Re: Leading questions or a fair and balanced enquiry?

        It might be an advertisement, but being an ad doesn't make it completely wrong.

        Always use a VPN when using a network you don't own or trust, and never trust a public network, with or without a password. This is just common sense lacking from most of people outside El Reg's readers circle.

        1. Korev Silver badge

          Re: Leading questions or a fair and balanced enquiry?

          Pretty much every Youtube channel seems to have adverts for VPNs these days, so the great unwashed maybe more familiar than you first think...

  4. s. pam
    FAIL

    Stupid is as stupid does..

    Gosh golly gee whiz, there was a time of no WiFi anywhere and society worked perfectly well. You’d sit and have an actual conversation in a pub or restaurant unlikely to be penetrated by mobile signals and if something urgent in your life was happening you’d pop outside for a moment.

    I actually avoid free WiFi and enjoy those I’m with and their company finding it sad when I see a family or group come into aforementioned venues all sitting staring at their devices!

    #sadinnit

  5. Anonymous Coward
    Anonymous Coward

    World weary brits?

    What about us 'mericans? We might call them bars but the principle remains the same, thank you.

    1. werdsmith Silver badge

      Re: World weary brits?

      pubs have bars in them. Some of them are called public bar, lounge bar, tap room and snug.

      1. that one in the corner Silver badge

        Re: World weary brits?

        A good pub has more than one bar in it! Pick two or three from the list you just gave, each has its own differing charms (well, "charms" may be pushing it for some establishments!).

        Add in a function room or two upstairs, a garden and maybe a separate dining area. Kid an families are welcome (but keep the rugrats out of the crumblies-only bar).

        Couple of large, friendly dogs by the open fire.

        Then you have the makings of a really decent pub.

  6. xyz Silver badge

    Who can afford to go to a pub these days

    Just asking

    1. Piro Silver badge

      Re: Who can afford to go to a pub these days

      If you don't, they'll all be gone, and I can tell you after moving to a country that lacks pub culture, you'll be extremely sad.

    2. John H Woods

      Re: Who can afford to go to a pub these days

      Who can afford to run one?

  7. TDog

    Kindle

    Although I run no software protection on my kindle as far as I am aware it has never been hacked on a pub wifi.

    1. hittitezombie

      Re: Kindle

      "as far as you are aware", yes.

  8. Mike007 Bronze badge

    Did they do a follow-up question of "are your fears based on known technical vulnerabilities, or what you saw on an advert for a VPN service"?

    My phone doesn't run any insecure services listening on the LAN, and everything I do is over HTTPs... I suspect the same applies to 99.9% of people?

  9. Anonymous Coward
    Anonymous Coward

    Dynamic dns & a vpn at home is a must nowadays.

    1. Anonymous Coward
      Anonymous Coward

      Nonsense

      1. Dan 55 Silver badge

        Looks like the OP's self-hosting a VPN and uses it when they've only got Wifi coverage. Arguably better privacy and cheaper than (name of VPN flogged on YouTube). What's the problem there?

  10. simpfeld

    More open WiFi Paranoia

    ..from a VPN company.

    Sure you can grab registration details (maybe) most of these are often (usually) HTTPS now. But pretty much everything is encrypted now going out to the Internet, what danger is there now.....really

    1. X5-332960073452
      Headmaster

      Re: More open WiFi Paranoia

      Danger = To the profits of VPN providers (in this case Nord) .

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like