I’ve been working from home or from public wireless points for about two years now. Here’s how I make things work for me.
Issue #1: Public wireless networks are not secure.
The biggest risk is that someone steals your login credentials while you’re surfing the web. There are a number of ways I deal with this:
- I have a VPN service, which will encrypt all my traffic. Here’s a list.
- I use HTTPS, backed up with HTTPS Everywhere and Convergence.
- I use Privoxy, an HTTP proxy that blocks tracking websites… or all websites.
This last one is worth noting if you have a tendency to procrastinate: using a whitelist is be far more effective for me than using Freedom or SelfControl. When I go to a coffeeshop, I’m going to work; there’s no point in randomly browsing websites, so I block everything with Privoxy, and then set up a whitelist.action file.
1 2 3 4
You can install Privoxy using Homebrew and it’s good to go. Set up a custom location in Network Preferences, and set up the HTTPS and HTTP proxy to localhost:8118 to pass it through.
Issue #2: Public Wireless networks are flakey.
I still can’t quite believe how terrible open networks can get. So:
- I have a Verizon Mifi mobile hotspot. I don’t typically need it, but it’s worthwhile when I do.
- I use another HTTP proxy, Polipo, that caches content for me.
- I use a DNS proxy, pdnsd, that caches IP addresses from DNS, and Google DNS.
Polipo is extremely useful, but the version on Homebrew is out of date. The trunk version is recommended if you run into any bugs. The pdnsd install on Homebrew is almost totally seamless, and Polipo recommends it.
Using Polipo and pdnsd means my exposure to the network is somewhat limited, and browsing is somewhat faster. Minimizing network traffic is important when I’m using the mobile hotspot – it’s limited to 5 GB a month, which is very easy to blow through if you’re not careful. There is some duplication of effort as browsers will typically cache content internally… but then again, if I’m checking the same page in Chrome & Firefox, they’re not sharing their internal caches.