Anonymous wrote:

Anonymous wrote:I'm not sure how SMS works in a wi-fi context, but SMS has never been end-to-end encrypted, and service providers have always been able to capture and store the contents of SMS messages.

It's essentially unencrypted end-to-end (as opposed to broadcast). It just uses the WiFi network as a carrier. So, unless you are one of the endpoints, you won't see the traffic. Someone that is on the network and can scan all of the traffic can pick up the transmissions if they can figure out the headers that the traffic is using, but it's not as simple as picking up broadcast traffic like http or email which just broadcasts for someone to answer and forward the packets to the next hop.

For those not in network administration, what this means is that someone sitting on the network that has the right software on their device that can search and find SMS/text messages and can decipher the headings can read anything. But it is not as simple as tracking your unencrypted (http) web searching. Doable, but not as trivial unless you have the right tools.

You need to look carefully at your messaging app to see if it's actual, traditional, SMS.

Android phones will now often use RCS, which is end-to-end encrypted.

Anonymous wrote:I'm not sure how SMS works in a wi-fi context, but SMS has never been end-to-end encrypted, and service providers have always been able to capture and store the contents of SMS messages.

It's essentially unencrypted end-to-end (as opposed to broadcast). It just uses the WiFi network as a carrier. So, unless you are one of the endpoints, you won't see the traffic. Someone that is on the network and can scan all of the traffic can pick up the transmissions if they can figure out the headers that the traffic is using, but it's not as simple as picking up broadcast traffic like http or email which just broadcasts for someone to answer and forward the packets to the next hop.

For those not in network administration, what this means is that someone sitting on the network that has the right software on their device that can search and find SMS/text messages and can decipher the headings can read anything. But it is not as simple as tracking your unencrypted (http) web searching. Doable, but not as trivial unless you have the right tools.

I supposed if someone is a sophisticated hacker it’s possible, but no, normal people are not able to do this.

True, if "a twelve-year-old with a laptop" counts as "sophisticated."

Seriously, it's not that hard. The owner of the network can see the traffic that passes through that network. Sometimes, others (e.g. the aforementioned twelve-year-old) can, too.

That said, most web traffic is end-to-end encrypted now. There are some clever things that can be done to try to decrypt the traffic, but as long as the URLs in question start with https and your computer/device has not had private SSL certificates installed on it, the best that someone can do is see traffic between your computer and, say, Google, or the Washington Post, or ESPN, or whatever. The contents of that traffic cannot (in practical terms) be determined. Some older web sites use only http, which can be "sniffed" and the actual traffic decoded.

Most other new-ish protocols are also encrypted: ssh, imaps, some SMTP sessions, etc. But, if your mail client still supports, say, unencrypted IMAP or SMTP, email traffic can be sniffed.

I'm not sure how SMS works in a wi-fi context, but SMS has never been end-to-end encrypted, and service providers have always been able to capture and store the contents of SMS messages.

In DC, someone is always listening, be it American interests or foreign.

Middle of nowhere... I guess you can risk it?

Don't share any sensitive information on an open wifi, OP. No bank info, no "pics", no classified information.

No. Not unless that is what they are about -- hacking into the device of anyone using their wifi.

Why? What are you "searching," lol? Or texting? I suppose I can guess. Don't worry, no one is interested in the nudes you are texting.

I supposed if someone is a sophisticated hacker it’s possible, but no, normal people are not able to do this.

Say you are in the middle of nowhere and someone has set up community WiFi for everyone to use. Can that person see what everyone is searching on their devices? Emails? Text messages?