Plus we outline all the risks
You’re just minding your own business, connecting to a Wi-Fi network at a friend’s house or at a coffee shop, when your iPhone warns you that this Wi-Fi network may not be private or that there’s a Wi-Fi security issue.
You should never ignore these warnings, and once you understand what they mean, you can make an informed decision about how much you’re willing to expose yourself.
What Does the Wi-Fi Privacy Warning Mean?
In iOS 14, Apple introduced a privacy feature where the phone presents a unique MAC address to each Wi-Fi network you connect to, known as a “private Wi-Fi address.” A MAC address (Media Access Control address) is a unique identifier assigned to a device’s network interface controller (NIC).
Usually, the MAC address of a device (specifically its NIC) remains the same. So in the past, you could track a specific phone across multiple Wi-Fi networks by logging its MAC address. If someone knows your phone’s Wi-Fi MAC address, they can track you at particular places at specific times.
To combat this, Apple has iPhones running iOS 14 or newer create unique MAC addresses for each Wi-Fi network they connect to and save it for that network. This makes MAC address tracking impossible, but not all Wi-Fi networks work correctly with this feature. When that happens, your iPhone will warn you that there might be a privacy issue with the network, so you can decide not to connect to it if you’re worried about being tracked.
Update Your Router’s Firmware
If you’re getting a Wi-Fi privacy warning on your own Wi-Fi or on a network run by someone you know, you can often resolve the issue by updating the network router’s firmware. Then, go to Settings > Wi-Fi and select the “i” next to the network name.
Select Forget This Network and then attempt to reconnect to see if the error reappears.
Wi-Fi Security Warnings
When you connect to an open Wi-Fi network on your iPhone or iPad, you may see a message that says the network is not secure and that the internet connection can be monitored.
This message reminds you that your internet traffic may not be encrypted, meaning others could monitor your online activity. By displaying this warning message, Apple wants to help you make an informed decision about whether or not to connect to an open Wi-Fi network and encourage you to use a VPN to protect your privacy and security online. We’ll talk about VPNs shortly, but first, we have to explain what an “open” Wi-Fi network is.
What’s an “Open” Wi-Fi Network?
An “Open” Wi-Fi network is a wireless network that doesn’t require a password or any other form of authentication to connect to it. While it can be tempting to connect to an open network, it’s important to remember that they can be risky to use since anyone within range of the network can potentially access your online activity without your knowledge.
This is because the Wi-Fi password is used as an encryption key. Unless you know the password, the packets flying through the air are gibberish. So even if someone records that activity using software known as “packet sniffers,” they can’t see information such as which websites you visit.
All Public Wi-Fi Is Insecure
While your iPhone will warn you if you try to connect to an unencrypted Wi-Fi network, that doesn’t mean you’re safe because there’s no warning!
As we just mentioned, the Wi-Fi password is the encryption key. In other words, the Wi-Fi network is open and unencrypted to anyone with a password. That’s why public Wi-Fi, where everyone can access the password, is so dangerous. Your iPhone doesn’t know the difference between a public Wi-Fi network and a private one, but you should tread carefully whether your phone issues a warning or not.
Use a VPN!
The most effective solution to keeping your activity private when on an open or public Wi-Fi network is a VPN or Virtual Private Network. This uses strong encryption technology to hide the contents of your internet packers from everyone else on the Wi-Fi network. A VPN won’t do anything to mask your phone’s MAC address, however, so the warnings mentioned above that relate to private Wi-Fi MAC address still apply separately from this issue.
The iPhone “Weak Security” Warning
Your iPhone may give you yet another warning related to Wi-Fi security on top of MAC address tracking or being on an insecure open Wi-Fi network.
If your iPhone tells you that you’re using a Wi-Fi network with “weak” security, it means that the encryption standard it uses is vulnerable to hacking. At the time of writing, the newest Wi-Fi encryption protocol is WPA3 (Wi-Fi Protection Access).
You’ll get this warning if the Wi-Fi network you’re connected to uses anything less than WPA2 with AES (Advanced Encryption Standard). Specifically, your iPhone will issue this warning if you’re using WPA 1 or WPA2 with TKIP (Temporal Key Integrity Protocol).
That’s because these older standards have been “cracked,” for lack of a better term. So hackers know how to break this security, and you shouldn’t use it.
The solution is to change your router settings to use a better standard, to update its firmware, hoping that a better standard is included, or to speak to the hotspot’s owner and get them to do it. If your router doesn’t have a firmware update, you can also consider a custom third-party firmware with better security. If you’re using a VPN, your risk is still minimal, however.
HTTPS Traffic Is Still Encrypted
Let’s assume you are on an open Wi-Fi network, a public network, or a network where a hacker has cracked the encryption. What can they see?
While they can easily intercept and analyze any network traffic moving between computers on the network, that doesn’t mean they can see everything. Specifically, any website with “HTTPS” at the start of its web address is encrypted. So while someone on the network can tell you’re visiting a specific site, they can’t read any of the actual information you’re exchanging with that site’s servers.
If you want to be extra careful, you may wish to install HTTPS Everywhere on your iPhone so that you don’t have to rely on website hosts to ensure your connection is private.
What Are the Risks?
What could go wrong if you ignore Apple’s Privacy warning message? Ignoring the warning about MAC address privacy is of least concern here. Yes, it does create an avenue to track your movement and location, but you may not care about being placed at that particular spot.
For example, suppose you are worried about being tracked by the Wi-Fi networks you connect to. In that case, you should know that your phone’s location can be tracked in many other ways, including GPS location data, which cellphone tower you’re connected to, or the metadata in photos you post.
If you don’t want to be tracked at all, put your phone into Airplane mode, and put it in a signal-blocking bag for good measure.
- Hackers can intercept the data moving between your iPhone and the hotspot, allowing them to access your data, such as login credentials and financial information.
- Public hotspots are often unsecured, and cybercriminals can distribute malware or infect your device with other malicious software.
- Hackers can use specialized software to intercept and record your online activity, including browsing history, (some) chat conversations, and online purchases.
- They can steal your identity, including your name, address, Social Security number, and other sensitive information.
These are much more likely threats, so get a VPN and upgrade the security on your home network Wi-Fi router (or buy a new one) to make sure you don’t get exposed to those who’d use your private data against you.