Even with encryption, HTTPS, and VPNs, could an open Wi-Fi connection still leave your device vulnerable to network-level attacks if your device is old, not patched with updates, and no longer supported with updates and patches?

​

I am getting conflicting information, but I believe it’s a rule of thumb not to connect to an open network if you do not know who is operating it or if some characteristics of the network appear to be suspicious.

​

In the case of my former neighborhood, an open Wi-Fi network had an SSID that made it appear to be from a church, which was not true upon investigating it. Many devices would connect to it automatically if the person’s device had been configured to automatically connect to networks. This leads to people’s devices connecting to the open network without consent because it’s open. I am particularly concerned about this based on statements made directly to me from a person claiming to be a black hat. He told me directly that he messes around with people’s Wi-Fi and devices, runs IMSI/base stations.

​

My understanding from reading about it is that it’s not considered a wise idea to run an open Wi-Fi network even if your intentions are right because if you do, you subject yourself to legal ramifications from both law enforcement officials and your ISP if a person uses your network for illegal activities. It could also be against your ISP’s policy to give out free internet access to the public because it interferes with their services in the area. ISPs want residents to purchase the service themselves.

​

I raised my concerns on the St. Catharines Reddit, and I faced tons of gaslighting and insults, even though my questions and concerns were reasonable. The overall message was the same as what most people say about open Wi-Fi, which is to be careful when connecting to open Wi-Fi networks and that using mobile data or even a commercial open Wi-Fi network where you know who is operating it is a better idea.

​

Lastly, my final point is that if a person is running an open Wi-Fi network, even with good intentions, the router itself could have vulnerabilities. If you don’t know what the network is, you cannot be sure that the router you are connected to is patched with security updates. I don’t believe it’s worth risking using such an open Wi-Fi network or why someone would even leave their Wi-Fi open with an invitation to join it.