15/05/2019

VPN instead of HTTPS when Using Public Wi-Fi

VPN instead of HTTPS when Using Public Wi-Fi


HTTPS is the most widely used protocol, which is known to add an extra layer of protection against unsanctioned access to users’ resources. It works great for LAN connections, but not for WiFi. If you go online via public WiFi from time to time, there are good reasons to download VPN software and feel safer with a VPN service by your side. Let’s see the reasons why.


The Hypertext Transfer Protocol Secure is a standard security option used by an overwhelming majority of websites. It makes a connection between you and a website safe, as it encrypts data being exchanged between a website and a device. To ensure that the site, which you are visiting, is operated by the person stated by the site, the protocol provides respective signatures and certificates.

However, this is not the case with WiFi, because the protocol does not encrypt all information, which are transferred in a WiFi mode. Unencrypted data will be available for persons who are in charge of WiFi hotspots. Therefore, those who regularly go online in public had netter set up a VPN connection. Also, VPN provides easy access to blocked sites.

What is it?

HTTPS secures the connection between a website and a browser via the TLS (Transport Layer Security) protocol. The protocol is a set of commands, which coordinate the communication and ensures its security. TLS secures your logins, passwords, and other important and confidential information against unsanctioned access.

The TLS technology implements a specific way of coding connections, which is known as private-key cryptography. The transfer of a data implies that it is coded prior to being sent and decoded upon reaching the destination device. Your browser and the server share public keys in a handshake fashion. In other words, the browser and the server “shake hands” and jointly “decide” and code the connection. The connection results in the appearance of unique private keys, which encrypt it and make it impossible for a third party to affect the communication without being spotted. It is not until the connection is finished that the transfer process begins.

TLS is a kind of technology, which digitally certifies and authenticates websites’ credentials, so users can be trust the data they get and be sure the site owner is the one who he/she says he/she is.

Once again, the system does provide a substantial degree of security, and this applies to LAN connections. TLS does not protect DNS queries, like VPN does, and therefore makes you vulnerable. Also, you may find it hard to get access to blocked sites.


What is DNS and a DNS query?

The DNS (the Domain Name System) is a distributed naming system intended for translating host names to IP addresses. A DNS query is a request for data sent from a PC or mobile device (DNS client) to a DNS server. These requests are sent with the goal of receiving IP addresses, which are nothing less than numerical versions of URLs. As a result, every time you enter a URL, your PC or device sees it as a combination of digits and dots (like 185.23.67.432) Browsers locate these numbers via DNS resolvers supplied by IT service providers. Unfortunately, neither requests nor responses are protected by encryption. Therefore, intruders and hackers can get through to them quite easily. Without VPN, you simply expose your data, and it can be used against you one day.

DNS leaks

Lack of protection leaves your queries literally spread before the eyes, and any intruder will have your IPs, passwords, logins, banking information, and whatever websites you have visited on his/her fingertips. Quite so typical of all public WiFi hotspots! It does not even take an intruder to compromise your IP, because the resolver will automatically collect it and make it available to third parties.

Do Not Get Spoofed

DNS vulnerabilities open up new horizons for spoofers. Not unlikely, you are going to have your requests spoofed. In other words, the attacker can grab your data and IP for one of your target websites and replace it with that of a website, which he or she controls. You will be unknowingly visiting a malicious site and possibly having malware installed on your device, because the URL won’t change. Sadly, the malicious website will be your resolver, and all data will be falling into the wrong hands. Advanced browsers feature alert functions and can warn you about poor protection. 

Unfortunately, many spoofers resort to advanced ways of tricking users and get the better of new browser technologies. It is no longer uncommon for bad sites to have certificates and look to ordinary users like good ones. For example, they apply the so called ‘punycode’ technique, which allows hackers to build several websites with the same or very similar URLs, which would be properly certified. Those who appreciate WiFi and rely on HTTPS only must always be on the watch-out and ready to face problems.

The technique lies in replacing Unicode characters like竹, Ж, etc., with those consisting of more common ones (figures and letters), which are part of the international domain name system. Using these common characters allows intruders to code these exotic-looking URLs as “normal” ones, making it hardly possible for browsers and/or users to tell a fake site from the original one. Therefore, many of us have no idea they are being misled, and in most cases they decide to thoroughly check the certificate and differentiate between the original and fake URL when it is too late. Browsers do try to keep pace with the time and eliminate such vulnerabilities. However, this is still a hit-and-miss game, so it is not advisable to expose confidential information while working in public WiFi areas without relying on virtual private networks (VPN).

Why Use VPN while Going Online in Public?

As follows from the above, there is nothing to guarantee that your information has not been exposed after even a brief session with a public online hotspot. Even if you have visited a good and reputable website, it could have had elements, which are not protected by the protocol, and hackers can channel malware onto your system using these vulnerabilities.

A VPN connection with the help of a service like BroVPN will help you avoid trouble. These networks use a data exchange technique, which allows different mobile IPs to act as servers on a peer-to-peer basis without running your information through a proxy. This should keep it away from your Internet provider and those who steal it from WiFi users by aid of techniques described above. Besides, you can route your data via any mobile server located in any part of the world and change servers many times each day before being identified. Intruders simply won’t keep up with you. 

If you download VPN software, which we provide, you will have all your DNS queries protected, because it runs its own DNS server and resolves all data through it. The service comes with advanced and reliable software and takes great care to clear any and all vulnerabilities. Therefore, none of your information is exposed or made available to third parties.

 Get Access to Blocked Sites

Another good reason to use VPN is an opportunity to visit resources, which are not available everywhere. For example, if you are traveling outside of the USA, you will not be able to watch films and/or programs streamed by providers like Pandora, Netflix, etc., because they do not stream outside of the USA due to copyright agreements. However, if you are using a VPN service, you can connect to a mobile IP located in the USA and watch media streamed by these providers.

Log In

Sign up BroVPN

Restore password for BroVPN

Reset password for BroVPN

Choose plan:

Free

VPN supported by online community

Subscription

Premium VPN

By pressing "Install" I accept terms of use

Install

Open BroVPN-Setup.exe after download to start install process

Шаг 1 Стрелка Шаг 2

BroVPN installing

Конец

1

2

3

Загрузка
Thanks! We'll contact you.