On a previous article, I highly recommended our readers using a VPN when connecting through a VPN, and it’s not because I was selling any VPN solution to you, but because you are risking to lose a lot of your privacy by not doing so. So in case, you’re still hesitating, let’s show on this article the kind of threats you are facing with by not using a VPN solution.

Let’s assume that …

Let’s say you need to go to a public Wi-Fi to perform some internet-related task. You ask for your credential, then directly connects to the internet without using any VPN solution – let’s also assume that the websites you are accessing are not using the https protocol (more on this on another article).

Do you know that every traffic you are sending on the internet is sent in clear text? I can see you from here wondering what “clear text” is. This means that everything you are sending on the internet is available for reading to anyone who is “willing to.”

How does it work?

When using a public network, the same users on the same network are assigned a gateway where all the internet traffic are sent for proper routing. It’s like the main exit door from a building where a guard filters everything that goes in and out. To you, this means that the gateway administrator has access to all your internet traffic – which are sent in clear text if you are not using VPN or https.

Now, if it’s not the gateway administrator, it can be anyone using the same network as you who will pretend that his computer is now the gateway, thereby sending everybody’s traffic to his computer so that all he has to do is read. Scary?

But what kind of information can they read?

Let’s say I am the man-in-the-middle who’s going to sniff your internet packets. I’ve got bad intentions 🙂 There you come going to use the internet in my facility without any VPN or https connection.

I already smile in my corner. I give you the Wi-Fi connection information/credentials and give you a seat. You then set up your Wi-Fi and go checking your Gmail, Yahoo, MSN or whatever e-mail provider account. You go the e-mail provider sign-in login page and enter your credentials and boom! I also got your credentials by listening to your internet connection.

Pretending to be you…

Now even after leaving my office, I can use your e-mail account for sending ugly or spammy e-mails pretending to be you (hey, I also got the list of your contacts, your calendar, all of your e-mail contents, …). I can even “subscribe” your e-mail address to some spam lists … I can do whatever I want. Then, you want to share some news with your friends and connect to Facebook or whatever social network you are part while I can have a cup of coffee or go outside, it doesn’t mind: I don’t have to be in front of my computer so as to sniff what you are doing- I have programs recording it.

Now, not only do I get your credentials on every site you visit, but I also know what websites you are looking at (even if you are positioning your laptop so that no one can see what kind of awkward website you just went to). Ooh, and what about those insane instant messaging chat you just had, are they safe? You bet not. I can read them 🙂

Scary? Well … yes!

And remember, I don’t have to be in the same room as you so I can be in the parking lot provided that I have access to the same WI-FI connection information as you do and I’m fine. I can leave my laptop listening to a whole day even If I’m not physically there … Scary? Not, that’s the whole truth if you don’t take your privacy more seriously.

Again, this isn’t a sales pitch, but you have to use a VPN when on a public WI-FI.