How to keep secure while browsing on open wifi when SSL VPN is blocked?

If you can arrange this ahead of time (or get someone to do it for you), you could set up an SSL proxy (e.g. via stunnel), which would in effect be creating an SSL VPN.
Not so different from tunnelling over SSH, I guess, but it is another option.


I see, you did say "besides using only SSL websites". Nevertheless for many it's not such a bad option to content yourself with the thousands of SSL sites listed in the Firefox and Chrome extension HTTPS Everywhere until you get back to an access point that supports your VPN. Limitations include that eavesdroppers would be able to see which sites you visit and that the extension does not prevent sites from incorporating unsecured resources such as Wikimedia Commons pictures into the secured pages.


Just some thoughts:

  • One important thing that people tend to forget: hotels are not evil, they are just careless.

  • Blocking outgoing traffic is not a good security practice, it's just security through obscurity at best. Which can very easily be defeated. So instead of reducing the user experience and providing fake security, tell them to change their filtering policy.

  • If they refuse or are too slow, add a redirection rule to redirect your traffic on port 80 to your VPN port. Or just change it's port to 80...

How to keep secure while browsing on open wifi when SSL VPN is blocked?

Actually it really depends on what you exactly want to achieve, what you really want to protect, etc. Using basic firefox plugins such as perspective/https everywhere, would provide a relatively secure browsing experience.

Since you have a VPN set up, it would be nice to use it, it's one step further and, if properly set up, can provide a fair level of anonymity and security. Refer to my previous point.