If I'm using public free wifi (in a supermarket) on my phone (android), is it dangerous in any way ?
If I don't login anywhere, and those apps where I'm already logged in are using https (google, facebook).
If the public wifi ask first to check a checkbox before giving you internet access, does that help ?
I'm mainly asking this because of all the VPN commercials.
If I'm using public free wifi (in a supermarket) on my phone (android), is it dangerous in any way ? If I don't login anywhere, and those apps where I'm already logged in are using https (google, facebook).
Possibly; it depends on the app. While e.g. the Facebook or Gmail app is going to perform HTTPS certificate verification correctly, you don't have any guarantees that all your apps will. Especially for less-popular apps, they might be doing something silly like sending your login details as plain password without verification. (For that matter, you don't even have any guarantees that all of them use HTTPS...)
It's not as huge a risk as some VPN ads make it, but (maybe depending on location?) some kind of secure tunnel might be a good idea.
If the public wifi ask first to check a checkbox before giving you internet access, does that help ?
No, it doesn't help all. In fact, the very method used by such networks to open the login/checkbox page is exactly the same kind of "man in the middle" interception that an attacker might use. Browsers even deliberately weaken some HTTPS checks so that such redirections could work.
(And usually you also don't know for sure whether you're connected to the real Starbucks Wi-Fi or to someone else who has set up the same SSID...)
The checkbox on the supermarket landing page is usually for agreeing to obey the law and promising to be good. It has no real meaning, except to protect the supermarket from lawsuits.
HTTPS communication is very secure, so no problem.
Ensure that the other applications using this connection do use encryption and that the firewall on your computer is enabled as protection against hackers prowling the same public hotspot.
Using a VPN is the best protection, and there exist some good free ones.
