On a recent trip to Hong Kong, I noticed that all of the public parks were covered by free government WiFi. I was wary of joining the open networks, though, because Ars contributor Glenn Fleishman warned me of sniffers and attackers ahead of my trip. When I joined, however, the welcome page told me to join another, encrypted version of that network with the password “freegovwifi.” I later learned that this was indeed an official service from the Hong Kong government, and the encrypted network was meant to protect people like me from having their login credentials sniffed by lurking bad guys.

Such a practice should become the de facto standard for open WiFi networks, according to Sophos security researcher Chet Wisniewski. Wisniewski says that businesses that offer free WiFi to customers—such as Starbucks or hotels—are still putting everyone at risk of being sniffed and hacked by leaving their networks open. If those businesses were to simply lock their networks down (WPA2, of course) with the password of “free,” then customers’ information would be much more secure and the world would be a happier place.

Read the comments on this post

Go here to see the original:
Researcher: free WiFi should use "free" password to protect users