Warning: Phones can openly transmit emails and passwords — even with VPNs installed. Why does this happen? What can you do to fix it?

Many people use VPNs to encrypt traffic when using public Wifi, in an attempt to keep emails, passwords, etc. out of hackers’ hands.  However, as reported in ars Technica, there’s a large gaping hole in this security option.

Many email apps automatically check email the moment the phone or tablet connects to Wifi. If the phone checks your email before the VPN connects, all your emails and credentials can be openly transmitted for all to see.

How much information can be leaked before the VPN connects? The ars Technica researcher did the following test to find out:

“I tested this scenario at a Starbucks with Google Wi-Fi while running Wireshark. Thousands of packets went back and forth on the open network before the VPN attempted to connect.” — ars Technica

Literally thousands of data packets can be sent and received before your phone or tablet connects to the VPN.

So what can you do about it?  Fortunately, some new inventions finally close this security loophole.  The solution lies in portable VPN routers, such as Keezel and Anonabox.  Your phone, tablet, and/or computer solely connect to the portable VPN router, and the router then connects to the public Wifi.  In other words, nothing traverses the public Wifi without first being encrypted by the external, portable VPN router.

keezel_500

Note: Terra Privacy LLC is not affiliated with Keezel nor Anonabox.  Our company provides third-party security and privacy recommendations as a public courtesy.