您正忙着自己的事,连接到朋友家或咖啡店的Wi-Fi网络,这时您的 iPhone 警告您该(Wi-Fi)Wi-Fi网络可能不是私有网络或存在Wi-Fi安全问题。
您永远不应该忽视这些警告,一旦您理解了它们的含义,您就可以就愿意暴露自己的程度做出明智的决定。
Wi-Fi 隐私警告(Wi-Fi Privacy Warning Mean)是什么意思?
在 iOS 14 中,Apple引入了一项隐私功能,手机会向您连接的每个Wi-Fi网络提供唯一的(Wi-Fi)MAC地址,称为“私人Wi-Fi地址”。MAC地址(MAC address)(媒体访问控制(Media Access Control)地址)是分配给设备的网络接口控制器 ( NIC ) 的唯一标识符。
通常,设备(特别是其NIC )的(NIC)MAC地址保持不变。因此,在过去,您可以通过记录MAC地址来跨多个(MAC)Wi-Fi网络跟踪特定手机。如果有人知道您手机的Wi-Fi MAC地址,他们就可以在特定时间、特定地点追踪您。
为了解决这个问题,Apple让运行 iOS 14 或更高版本的 iPhone为它们连接的每个Wi-Fi网络创建唯一的(Wi-Fi)MAC地址,并将其保存到该网络。(MAC)这使得MAC地址跟踪变得不可能,但并非所有Wi-Fi网络都可以通过此功能正常工作。发生这种情况时,您的 iPhone 会警告您网络可能存在隐私问题,因此如果您担心被跟踪,您可以决定不连接到该网络。
更新路由器的固件
如果您在自己的 Wi-Fi 或由您认识的人运行的网络上收到 Wi-Fi 隐私警告,通常可以通过更新网络路由器的固件来解决该问题。然后,转到Settings > Wi-Fi并选择网络名称旁边的“i”。
选择忘记(Select Forget)此网络(Network),然后尝试重新连接以查看错误是否再次出现。
Wi-Fi 安全警告
当您在 iPhone 或 iPad 上连接到开放的Wi-Fi网络时,您可能会看到一条消息,指出该网络不安全并且互联网连接可能受到监控。
此消息提醒您,您的互联网流量可能未加密,这意味着其他人可以监控您的在线活动。通过显示此警告消息,Apple希望帮助您就是否连接到开放的Wi-Fi网络做出明智的决定,并鼓励您使用VPN来保护您的在线隐私和安全。我们很快就会讨论VPN(VPNs),但首先,我们必须解释什么是“开放”Wi-Fi网络。
什么是“开放”Wi-Fi 网络?
“开放”Wi-Fi 网络是不需要密码或任何其他形式的身份验证即可连接的无线网络。虽然连接到开放网络很诱人,但请务必记住,使用它们可能存在风险,因为网络范围内的任何人都可能在您不知情的情况下访问您的在线活动。
这是因为Wi-Fi密码被用作加密密钥。除非你知道密码,否则空中飞过的数据包都是乱码。因此,即使有人使用称为“数据包嗅探器”的软件记录该活动,他们也无法看到您访问的网站等信息。
所有公共 Wi-Fi 都不安全
虽然如果您尝试连接到未加密的 Wi-Fi 网络,您的 iPhone 会发出警告,但这并不意味着您是安全的,因为没有警告!
正如我们刚才提到的,Wi-Fi密码就是加密密钥。换句话说,Wi-Fi网络对拥有密码的任何人都是开放且未加密的。这就是为什么每个人都可以访问密码的公共Wi-Fi如此危险。(Wi-Fi)您的 iPhone 不知道公共Wi-Fi网络和私人 Wi-Fi 网络之间的区别,但您应该谨慎行事,无论您的手机是否发出警告。
使用VPN!
在开放或公共Wi-Fi网络上保持活动私密性的最有效解决方案是VPN或虚拟专用网络(Virtual Private Network)。它使用强大的加密技术来向Wi-Fi(Wi-Fi)网络上的其他人隐藏您的互联网加壳程序的内容。然而, VPN不会做任何事情来屏蔽您手机的MAC地址,因此上述与私有(MAC)Wi-Fi MAC地址相关的警告仍然独立于此问题而适用
。(VPN)
iPhone“安全薄弱”警告
除了MAC地址跟踪或处于不安全的开放Wi-Fi网络之外,您的 iPhone 可能还会向您发出与(Wi-Fi)Wi-Fi安全相关的另一个警告。
如果您的 iPhone 告诉您正在使用安全性“弱”的 Wi-Fi 网络,则意味着它使用的加密标准容易受到黑客攻击。截至撰写本文时,最新的 Wi-Fi 加密协议是WPA3(Wi-Fi 保护访问(Wi-Fi Protection Access))。
如果您连接的Wi-Fi网络使用低于WPA2和AES(高级加密标准(Advanced Encryption Standard))的网络,您将会收到此警告。具体来说,如果您使用带有TKIP(临时密钥完整性协议)的(Temporal Key Integrity Protocol)WPA 1或WPA2 ,您的 iPhone 将发出此警告。
这是因为这些旧标准已经被“破解”,因为缺乏更好的术语。因此,黑客知道如何破坏此安全性,因此您不应该使用它。
解决方案是更改路由器设置以使用更好的标准,更新其固件,希望包含更好的标准,或者与热点所有者交谈并让他们这样做。如果您的路由器没有固件更新,您还可以考虑安全性更好的自定义第三方固件(custom third-party firmware)。不过,如果您使用VPN,您的风险仍然很小。
HTTPS 流量仍然加密
假设您位于开放的Wi-Fi网络、公共网络或黑客已破解加密的网络上。他们能看到什么?
虽然他们可以轻松拦截和分析网络上计算机之间移动的任何网络流量,但这并不意味着他们可以看到一切。具体来说,任何网址开头带有“ HTTPS ”的网站都是加密的。(HTTPS)因此,虽然网络上的某人可以告诉您正在访问特定站点,但他们无法读取您与该站点服务器交换的任何实际信息。
如果您想格外小心,您可能希望在 iPhone 上安装HTTPS Everywhere,这样您就不必依赖网站主机来确保您的连接是私密的。
有什么风险?
如果您忽略 Apple 的隐私(Privacy)警告消息,可能会出现什么问题?忽略有关MAC(MAC)地址隐私的警告在这里是最不值得关注的。是的,它确实创建了一个跟踪您的移动和位置的途径,但您可能不关心被放置在那个特定的位置。
例如,假设您担心所连接的Wi-Fi网络会被跟踪。(Wi-Fi)在这种情况下,您应该知道可以通过许多其他方式跟踪您手机的位置,包括GPS位置数据、您连接到的手机信号塔或您发布的照片中的元数据。
如果您根本不想被跟踪,请将手机设置为飞行(Airplane)模式,并将其放入信号屏蔽袋中以防止被跟踪。
- 黑客可以拦截您的 iPhone 和热点之间移动的数据,从而允许他们访问您的数据,例如登录凭据和财务信息。
- 公共热点通常不安全,网络犯罪分子可以传播恶意软件或用其他恶意软件感染您的设备。
- 黑客可以使用专门的软件来拦截和记录您的在线活动,包括浏览历史记录、(某些)聊天对话和在线购买。
- 他们可以窃取您的身份,包括您的姓名、地址、社会安全(Social Security)号码和其他敏感信息。
这些威胁的可能性更大,因此请购买VPN并升级家庭网络Wi-Fi路由器的安全性(或购买新路由器),以确保您不会暴露在那些利用您的私人数据来攻击您的人面前。
Why Your iPhone Displays a “Privacy Warning” on Wi-Fi Networks
You’rе just minding your own business, connecting to a Wi-Fi network at a friend’s house or at a сoffee shop, when your iPhone warns you that this Wi-Fi network may nоt be private or that there’s a Wi-Fi security issue.
You should never ignore these warnings, and once you understand what they mean, you can make an informed decision about how much you’re willing to expose yourself.
What Does the Wi-Fi Privacy Warning Mean?
In iOS 14, Apple introduced a privacy feature where the phone presents a unique MAC address to each Wi-Fi network you connect to, known as a “private Wi-Fi address.” A MAC address (Media Access Control address) is a unique identifier assigned to a device’s network interface controller (NIC).
Usually, the MAC address of a device (specifically its NIC) remains the same. So in the past, you could track a specific phone across multiple Wi-Fi networks by logging its MAC address. If someone knows your phone’s Wi-Fi MAC address, they can track you at particular places at specific times.
To combat this, Apple has iPhones running iOS 14 or newer create unique MAC addresses for each Wi-Fi network they connect to and save it for that network. This makes MAC address tracking impossible, but not all Wi-Fi networks work correctly with this feature. When that happens, your iPhone will warn you that there might be a privacy issue with the network, so you can decide not to connect to it if you’re worried about being tracked.
Update Your Router’s Firmware
If you’re getting a Wi-Fi privacy warning on your own Wi-Fi or on a network run by someone you know, you can often resolve the issue by updating the network router’s firmware. Then, go to Settings > Wi-Fi and select the “i” next to the network name.
Select Forget This Network and then attempt to reconnect to see if the error reappears.
Wi-Fi Security Warnings
When you connect to an open Wi-Fi network on your iPhone or iPad, you may see a message that says the network is not secure and that the internet connection can be monitored.
This message reminds you that your internet traffic may not be encrypted, meaning others could monitor your online activity. By displaying this warning message, Apple wants to help you make an informed decision about whether or not to connect to an open Wi-Fi network and encourage you to use a VPN to protect your privacy and security online. We’ll talk about VPNs shortly, but first, we have to explain what an “open” Wi-Fi network is.
What’s an “Open” Wi-Fi Network?
An “Open” Wi-Fi network is a wireless network that doesn’t require a password or any other form of authentication to connect to it. While it can be tempting to connect to an open network, it’s important to remember that they can be risky to use since anyone within range of the network can potentially access your online activity without your knowledge.
This is because the Wi-Fi password is used as an encryption key. Unless you know the password, the packets flying through the air are gibberish. So even if someone records that activity using software known as “packet sniffers,” they can’t see information such as which websites you visit.
All Public Wi-Fi Is Insecure
While your iPhone will warn you if you try to connect to an unencrypted Wi-Fi network, that doesn’t mean you’re safe because there’s no warning!
As we just mentioned, the Wi-Fi password is the encryption key. In other words, the Wi-Fi network is open and unencrypted to anyone with a password. That’s why public Wi-Fi, where everyone can access the password, is so dangerous. Your iPhone doesn’t know the difference between a public Wi-Fi network and a private one, but you should tread carefully whether your phone issues a warning or not.
Use a VPN!
The most effective solution to keeping your activity private when on an open or public Wi-Fi network is a VPN or Virtual Private Network. This uses strong encryption technology to hide the contents of your internet packers from everyone else on the Wi-Fi network. A VPN won’t do anything to mask your phone’s MAC address, however, so the warnings mentioned above that relate to private Wi-Fi MAC address still apply separately from this issue.
The iPhone “Weak Security” Warning
Your iPhone may give you yet another warning related to Wi-Fi security on top of MAC address tracking or being on an insecure open Wi-Fi network.
If your iPhone tells you that you’re using a Wi-Fi network with “weak” security, it means that the encryption standard it uses is vulnerable to hacking. At the time of writing, the newest Wi-Fi encryption protocol is WPA3 (Wi-Fi Protection Access).
You’ll get this warning if the Wi-Fi network you’re connected to uses anything less than WPA2 with AES (Advanced Encryption Standard). Specifically, your iPhone will issue this warning if you’re using WPA 1 or WPA2 with TKIP (Temporal Key Integrity Protocol).
That’s because these older standards have been “cracked,” for lack of a better term. So hackers know how to break this security, and you shouldn’t use it.
The solution is to change your router settings to use a better standard, to update its firmware, hoping that a better standard is included, or to speak to the hotspot’s owner and get them to do it. If your router doesn’t have a firmware update, you can also consider a custom third-party firmware with better security. If you’re using a VPN, your risk is still minimal, however.
HTTPS Traffic Is Still Encrypted
Let’s assume you are on an open Wi-Fi network, a public network, or a network where a hacker has cracked the encryption. What can they see?
While they can easily intercept and analyze any network traffic moving between computers on the network, that doesn’t mean they can see everything. Specifically, any website with “HTTPS” at the start of its web address is encrypted. So while someone on the network can tell you’re visiting a specific site, they can’t read any of the actual information you’re exchanging with that site’s servers.
If you want to be extra careful, you may wish to install HTTPS Everywhere on your iPhone so that you don’t have to rely on website hosts to ensure your connection is private.
What Are the Risks?
What could go wrong if you ignore Apple’s Privacy warning message? Ignoring the warning about MAC address privacy is of least concern here. Yes, it does create an avenue to track your movement and location, but you may not care about being placed at that particular spot.
For example, suppose you are worried about being tracked by the Wi-Fi networks you connect to. In that case, you should know that your phone’s location can be tracked in many other ways, including GPS location data, which cellphone tower you’re connected to, or the metadata in photos you post.
If you don’t want to be tracked at all, put your phone into Airplane mode, and put it in a signal-blocking bag for good measure.
- Hackers can intercept the data moving between your iPhone and the hotspot, allowing them to access your data, such as login credentials and financial information.
- Public hotspots are often unsecured, and cybercriminals can distribute malware or infect your device with other malicious software.
- Hackers can use specialized software to intercept and record your online activity, including browsing history, (some) chat conversations, and online purchases.
- They can steal your identity, including your name, address, Social Security number, and other sensitive information.
These are much more likely threats, so get a VPN and upgrade the security on your home network Wi-Fi router (or buy a new one) to make sure you don’t get exposed to those who’d use your private data against you.
