Is it too risky? Especially if we are talking about meaningful money.

I don't know how it works but I heard you can get compromised some how.

Could someone explain how people can steal your passwords and stuff from unsecure wifi?

Forget that we're talking about wifi, and instead pretend you're giving your personal information (cards, fingerprints, whatever) to an intermediary who will go to your bank and pay in or withdraw money for you. Let's say you'll give them your money, and it will be in a sealed envelope. Would you choose as this intermediary (1) someone you know and trust; or (2) someone you've never met and know nothing about and who will be your courier for free. Clearly you would use someone you trust, in the same way and for the same reasons that you should use network connections you trust. Indeed, piggybacking on unsecured wifi is arguably even worse than (2) as what you're really doing is forcing this unknown person to handle your private information whether they like it or not. You haven't even asked first! As for the money in a sealed envelope, whenever you use the internet you're transmitting data. Some of it is more sensitive than the rest. All of it is transported in packets. Subject to certain caveats, these can be opened and read by anyone with access to them. This includes anyone who controls a wifi network that you use (or a third party who has compromised a network that was insecure).

Read something like this for a guide as to how you can mitigate risks.

Assuming you don't use a Microsoft web browser, the EFF's HTTPS Everywhere extension is a really helpful starting point in mitigating some of the most obvious dangers, too.

The best advice of all, though, is that you shouldn't use unsecure wifi, for exactly the reasons that you wouldn't give control of your money to that stranger.

What about using something called comodo "trust connect" which protects against unsecure connections and doesn't cost too much?

Would this help protect for travelers?

Yes, that might help a bit (but it's not going to eradicate all possible problems). But given it seems to operate as a proxy service you may find it causes you problems with things like poker and/or banking (depending on where Comodo's servers are located - if the same as their website it'll be in the US).

And what about VPN?

A VPN will only secure your traffic between your computer and the endpoint of the VPN. So if you completely trust the endpoint of that VPN (i.e. a corporate network) its OK, otherwise you are just moving the problem from your local LAN to the endpoint of the VPN.

So public VPN service + Comodo TrustConnect on public wifi would be safe route to go correct?

If you trust both of those entities.

I'd just stick with a trustworthy VPN.

As I mentioned above, if this is for playing poker you will probably encounter difficulties.

According to the description of TrustConnect (I have no knowledge of this or pretty much any of Comodos offerings or reliability), adding a VPN would not offer you anything, at least imo.

Edit: just saw that TrustConnect establishes a VPN for you, so adding a VPN to an existing VPN would be a no no.

Google "internet of compromised things"

Made me think twice about joining public networks

Thunderbolts just nailed it.

If only people would realize that any non encrypted data is basically public. No one hestitates to give all their personal information via regular emails ... ask the same people to send a post card with their full details and they'd go nuts over the idea.

Man so what happened was i am using Trustconnect right now and they pretty much say they insure your indentity and such up to like 1.75 million in losses. That sounds good.

But there was a period of time when i left and i wasn't logged on trustconnect for hours with computer just on... am I screwed because this is a shady hotel too? I immediately turned on trust connect when i got back.

Or do i have to be sending information accross like typing in my login info and pressing okay to send across netowrk for them to get it? Could they get files that are just lying there in a folder?

An unsecured wifi could potentially allow someone to see any information that you transmit from your computer to the internet.

That is different from someone being able to access files and folders on your computer. If you are not running a firewall on your laptop, your computer could be exposed to someone reading those files - this is completely independent of the unsecured wifi and this data could be read whether the wifi was secure or not.

Computer security needs to be layered, so you need secure wifi, a firewall, anti-virus, software patches, password management, etc. If you leave any one layer out your computer / data is potentially at risk.

Ok so just leaving the computer on and connected to the unsecure wifi is okay as long as i didn't type in any pw's and stuff right?

Do you use a firewall?

yeah but for those 8 hours that i was gone the firewall was off because i had to turn it off to connect to the poker site for some reason.

Well, all bets are off then. If I'm understanding your posts correctly, you're saying that you turned off your firewall and connected to unsecured wifi in what you yourself describe as a "shady hotel", then left your machine in that state for 8 hours. While for your machine to have been compromised would still require the intervention of a third party, and we have no evidence of one, no-one's going to tell you that your machine is guaranteed safe. Short of deliberately connecting to a few known compromised websites and propping your hotel room door open or inviting a random criminal to sit at your desk to play games on your laptop while you were out, there wasn't an awful lot more you could have done to leave it in a more vulnerable state.

I didn't make this post for ****s and giggles. Router malware is becoming a big issue, and it's only going to get worse until manufacturers start taking vulnerabilities more seriously.

Routers are tiny computers at this point. If a computer can spread malware across a network, a router certainly seems able to (barring a firewall on, no traffic sort of situation)

So someone could have easily went thru all the files on my computer over that period?

i'm pretty sure I have file sharing turned off.

Yes, they could have.
File sharing only makes it easy to share files. If you don't have a firewall running, it's pretty simple to gain access to your computer whether you have file sharing on it not.

In 8 hours I could leave your computer unrecognisable, and I'm not that good at hacking.

Lol I see, is there anyway i can check to see if outside connection came into my pc during that 8 hours?

Well, if you had a firewall it would have logged connections for you.

Otherwise, I don't think the event logs will help you with this. Your only move is to cross your fingers. And learn a lesson that you implement immediately.

You'd be better making sure your machine is malware free. First, though, tell us what antivirus and other security products you have installed. We'll go from there.

I have avira, malwarebytes, and superantispyware which i never use. I did have comodo internet security before but uninstalled it cause it used too much space.

I did full scan of system from a non admin account (i don't think it matters though) and nothing came up on avira or malwarebytes... avira took like 2 hours to complete.

Uninstall SAS. First, and as a general rule, it's a terrible to have programs installed that you will never use. It's just an unnecessary security hole (not saying SAS or any particular program is compromised at the moment but since they can be why would you have them on your system if you don't use them?) Second, though, SAS just isn't very good these days. MBAM should do everything you want it to.

And okay, if you're content that you don't have any malware then you need to get on with life and just learn a lesson. What firewall are you using (when you bother to turn it on)?