I came across a Reddit thread about someone using a neighbour’s WiFi, and the (unknown) neighbour later changed the ssid to the user’s gaming handle.
Lots of comments saying that public WiFi can be a trap, and a malicious actor can see all your packets, sniff your passwords, spoof login pages… And not one refuting it with SSL.
Am I missing something?! Is a WiFi/LAN actually that dangerous? I thought pretty much every site and service uses SSL these days, and signed certificates so (unless you have a particular Lenovo or Dell model) DNS spoofing won’t work.
And aren’t most ports on your own computer closed by default now? Unless you’ve opened ssh or a samba share with a poor password or something?
I realise packets can still be sniffed, website use can be tracked (but not the data, not things like passwords). With more work, that could be correlated to, for instance, what time a user logs on to a discord server.
Have I missed something big? Is someone else’s WiFi or LAN actually dangerous?
You can additionally use a VPN ot TOR to mask more, but in theory the VPN hoster or TOR exit node can see connections someone makes to the sites. The TOR exit nodes just don’t know it’s you and what you’re doing in encrypted connections. VPN providers may know it’s you, from your payment data.
Tor exit nodes could also identify you if they cooperate with some of the websites you visit (the way e.g. a government could force them to).