How to know what others browse through the network?

  • My friend connected to WIFI and after 5 minutes he told me which sites I had actually been browsing, and who I chat with.

    My question is: how do I defend myself against this, and also how did he do this?

    It's a good question to have here, but... why not ask your friend too?

  • Philipp

    Philipp Correct answer

    6 years ago

    In a WiFi network, all information which is sent over the network is broadcasted over the air. Usually network interfaces are configured to just ignore any network traffic not addressed to them, but there are tools available which change them to "promiscuous mode" which allows them to also log and show any traffic which they receive even though it is directed at other network participants. Although WiFi networks are usually encrypted nowadays, the key is shared between all participants, so any network participant can eavesdrop on the traffic of everyone else.

    The only defense against this is end-to-end encryption.

    For casual webbrowsing, you should try to always use the https:// version of a website. That way a sniffer on your WiFi network will only learn the domain you browse, but not which specific URL, what you read there and what you send there. When someone would eavesdrop on you right now, they would learn that you made a TLS handshake with https://security.stackexchange.com but not that the exact URL you view is https://security.stackexchange.com/questions/74471/how-to-know-what-other-browse-through-the-network/ and what you are currently reading here. Should you choose to comment on this, that outgoing message would also be encrypted. I recommend the browser extension HTTPS Everywhere which makes your webbrowser prefer https over http whenever possible.

    Regarding chatting: Many chat systems do not offer encryption. When you are security-conscious, you should refuse to use these. There are too many chat systems available to list them all here, but the Electronic Frontier Foundation has a good comparison of the security features of many chat systems.

    However, when you have a high security need, the best way to protect yourself on a public WiFi network without having to change most of your habits is to pay for a VPN service. With a VPN service, all your internet activity is routed through an encrypted channel to a server on the internet which then works as a proxy. As long as you trust your VPN provider, this allows you to do confidential internet activity from an untrusted network. The greatest advantage is that this works for any network traffic, so it does not matter if the software you use encrypts or not. However, keep in mind that the connection is only secured between you and the VPN provider. This 1. means that your VPN provider could eavesdrop and 2. that the connection between the VPN provider and your destination is unsecured.

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM