Every now and then I will want to get a change of location for my tech work. Different visual stimuli, different people to observe, and…caffeine. But here’s my problem. Starbucks offers free wireless access to its customers, and the tradeoff is they grab way too much personal data on us. So what does a privacy-conscious person do when they want to do some work, or some research, in a nationwide coffeehouse franchise?
Questions to Consider
Do you really need to give the barista your real name for your drink order?
When the barista announces, “Chris, your grande frappa-lappa-mappachino is ready,” it gives everyone else knowledge of your real first name….and your drink preference. My paranoid tin-foil hat is firmly in place with this one, but I like creating a little bit of disinformation in my public life. Even though I’m using a card with my real name on it to pay for my drink, when the barista asks what my name is on the order, I give them an alias name. I never know who else might be paying attention to me, the car I arrived in, and any other personal information I might be revealing during my visit. This might be a helpful practice for single people. Some random person in the shop might find you attractive and use the broadcasted name, and the unique drink, to strike up a conversation. If you use an alias name, it might create more difficulty for them to get more information about you if you aren’t interested in them. Some people can’t take no for an answer. For what it’s worth, in four years of providing a fake name, no barista has asked me why the name on my payment card differs from the name I give them for my drink order.
Do you really need to connect your mobile phone to Starbucks’ wireless network?
Are you watching streaming videos on your mobile phone at Starbucks? Then it’s wise to connect to the public wireless. Otherwise, there’s nothing on your phone that your cellular data plan can’t provide.
On Starbucks’ “Free Wifi” Connect webpage, do you need to provide your real name, email, and zip code in order to access their internet?
This is a simple data-grab from Starbucks solely used for marketing purposes. I have never needed to give them any personal information to access their wireless internet. In fact, I grin mischievously knowing Starbucks marketing is seeing that Leroy Jenkins with an email of leroy@jenkins.com with a zip code in Seattle to use their free wireless network.
What will you be using your phone/tablet/laptop for on Starbucks’ public wireless internet?
Work? basic web browsing? sending emails? watch videos? compose documents? gaming? Instead of bringing your entire tech arsenal with you to Starbucks, decide what you will be doing and bring only what’s necessary. Theft occurs. Even when you go to the restroom for a few seconds to wash your hands after spilling some coffee.
What data will you be giving Starbucks with your web browser activity?
The Police said it best… “Every weblink you take, whenever you’re awake, every “Hey Google” you say, every mouseclick you make,
I’ll be watching you.” You use their free wireless? They get full access to record, harvest, and leverage all data activity you do on their network.
The Starbucks Tech Arsenal
My mobile phone? I never connect it to a Starbucks wireless. All my mobile phone needs are accomplished with my cellular data plan. However, if you are on an iPhone, consider this: When you connect to a wireless network, your iPhone will not only remember the network for easier connectivity in the future, but it will also toggle “Auto-Join” on by default. This can be problematic when the Adversary uses their portable technology to create their own evil wireless network, entitled “StarbucksWifi.” If your phone is set to auto-join a network with that name, when you are out and about, your iPhone might auto-join that evil StarbucksWifi network without your awareness and possibly send packets of data information to the bad people’s technology. And that can be a bad thing.
I don’t bring any work-issued devices into a Starbucks. Instead, I purchased an economically-priced laptop with decent hardware specs solely for public wireless usage. In other words, I bought a burner computer. Loaded Ubuntu Linux on it instead of Windows, but that’s save for another conversation.
On my economically-priced laptop’s web browser, Mozilla Firefox, I have a Multi-Account Containers extension installed. This means my important websites get their own dedicated container. Cookies downloaded by one container are not available to other sites’ containers. So those websites aren’t grabbing web information about other sites I visit. I like to keep ‘em separated.
I always use a paid Virtual Private Network for all my web browsing, even on my burner laptop. The two VPNs I use are ProtonVPN and Mullvad. I don’t want Starbucks knowing which websites I visit. They only know I’m accessing a server in a big city.
I never install software applications on Starbucks wireless. I make sure everything I need is set up on my laptop, at home on my own wireless network, before entering the store.
I never visit a banking website when on Starbucks wireless. Or any other public wireless network for that matter. Financial websites are only accessed at home on my personal network.
Just a couple of things to keep in mind as you consider visiting that popular coffee shop…and use their free wireless.