mkb
There are mitigations but I'm not aware of an ironclad fix.
When thinking about these risks it helps to do a little thread modeling: What specifically do I want to protect? Who might threaten it? What specifically might they do?
A corporate network can help prevent wifi MITM from an outsider by using MAC filtering and the Enterprise variants of WPA/WPA2. That's too onerous for public networks or most smaller orgs.
mkb
The next (and better) mitigation is to use other layers: Use a VPN and use encrypted protocols wherever possible. You want both because VPNs can leak and encrypted protocols aren't always an option.
Actually, I highly recommend everybody use a VPN when using any sort of public wifi. Your university might provide one. If not, commercial options aren't terribly expensive compared to tuition and textbooks. :)
mkb
@jartigag Yep, mac filtering is a fine illustration of a key security concept: “Secure” is not boolean.
Any mitigation we can come up with can still be circumvented. The goal is not to make attacks impossible but to shave risk by making attacks incrementally more difficult.
Bobinas P4G is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.
All Bobinas P4G content and data are available under the Creative Commons Attribution 3.0 license.