You appear to folks to be rather bright, but realize that you are not

In other words, on my BLU View 1 phone, if I log onto a bank's actual website, I am not really protected. But if I log onto the bank through its app, I AM protected. Now, I have to figure out how to load the banking app into my phone.

No, I am not getting the WiFi for free. I HAVE Comcast's Xfinity ON DEMAND which is their WiFi which I pay $55 per month FOR MY CHROMEBOOK, not phone. The whole purpose of my reaching out for information is that Xfinity ON DEMAND is being discontinued in mid December. But, Max, that prepaid Xfinity does NOT include any other device other than my Chromebook, so how can my phone be using it, as you say? Is my phone using its OWN carrier's network of is it using some 'public wifi'?

I have heard over and over and over again NEVER to use public wifi for banking. YOU are inferring that as long as the padlock (or https?) appears, it is OK to use public wifi for banking or buying. And, is the https just as valid as that padlock?

Ok First this is rather useful

1. You can use your COMCAST Xfinity wifi with multiple devices including your phone. You can use this wifi on your phone while you are using it with your Chromebook. Just use the same Network and password.

2. Hopefully you are going to get a new Wifi provider. You should be able to get cable internet or something similar for $55 a month. When you are at home, you can use this with both your Chromebook and Phone at the same time (that is how wifi works). My TV uses the Wifi to connect to NetFlix, and my daughter has no problem watching it while I am using the same Wifi on my computer and my phone.

Second... (I had to google this because I didn't know this).

Apparently Google (in its infinite wisdom) has stopped using the lock icon for some versions of the Chrome browser. Apparently you have this version of Chrome. Their logic is that since they pop up a big red warning when you use an insecure site... the lock isn't needed. I believe Google is being idiotic.

If you are using https... and there is no warning message... you can be sure you are secure.

The reason I am confident that this is the case is that www.citi.com is a secure site (and they are a big bank that pays engineers to do it correctly). If you are not getting the lock when connection to https://citi.com... you won't get it anywhere. It is just the version of Chrome that you are using on Chromebook. I am sorry that Google did this to you.

I know how security works pretty well. Unfortunately there are no certainties in life... I can't guarantee anything. I can only tell you what is "extremely secure" what is "very secure" and what is "not so secure".

1. The banking apps are extremely secure even when on a public wifi. These are more secure than anything else, because the engineers control everything about these apps. There is no way for you to add a plugin, or look at porn on a banking app, or do anything else other then what the engineers designed the apps for. That allows the engineers to control the security and be quite certain there are no backdoors.

2. Banking webpages are very secure. They aren't as secure as the banking apps. This is because banking wepages run on a browser, and browsers are complicated. You could be looking at porn on another page, or you can install a plugin... You could accidently click one of those little permissions boxes that lets another site use your camera or see your files. The engineers designing a website can be almost certain that these other things won't compromise your security. But they can't control what you do.

This is why the apps are more secure than the webpages. This is true whether you are on a phone or on a computer.

I don't know what to tell you about what you have heard "over and over again". I can only tell you that

1. As an engineer who knows how security works... I have no problem using banking apps on my phone. I feel perfectly secure. I have never heard of actual software engineers having this fear.

2. The banks themselves market the apps. If these apps aren't secure, the banks will be sued (and will lose the money that other people stole). If these apps weren't secure, the banks would be in big trouble.

The fact that the banks are putting their names, their reputations and their financial futures on the fact that these apps are secure should tell you something. They pay us engineers a lot of money to get this right.

I can explain to you how this security works if you are interested. It is complicated, and the whole point is that if you are not a software engineer, you don't have to know how it works. It should be easy from your point of view, and you should be able to have confidence that your banking information (and money) is completely secure.

I think that you are incorrect. Xfinity ON DEMAND provides Internet to ONLY one device. I have two other Chromebooks I got very cheap a couple of years ago and they cannot get onto this Xfinity Internet.

Max, when one signs up for Xfinity ON DEMAND, there is NO PASSWORD. One signs up using the device one wants to use, then pays online with a credit card for one day, one week one month, then it is on.

You might be wondering how I can sign onto Xfinity's On Demand service if I did not have Internet. Comcast allows internet solely for their sign on website. To corroborate what I said, Comcast also confirms what I just said, in that the ON DEMAND service is NOT usable on any other device than the one signed in on.

Max, your generous outpouring is something rather unique. There are countless people reading these posts, but not one has ventured forth even to attempt to help me. Tech people are notoriously arrogant (like university professors tend to be), but you are rather unique in countering that tendency. And I thank you for your largess. I wish that I could help you, also, but how when the brain is decidedly limited?

OK, I am going to say something that is counter to what you are saying. I logged into my bank on my phone. I used their website and, after a few attempts, managed to actually do it. I did not see a need to download the bank's app. First, I don't even know how to do that, but even if I did, that app is going to consume much data from my reserve. Do I make any sense here, or are you determined to insist that downloading the bank's app is the ONLY way to go. I respect your output a whole lot.

And, one more thing: ONLY on my phone and NOT on any computer desktop or Chromebook, this happens (and I briefly mentioned this previously): When I type my password, the ACTUAL character appears for about one second until that character turns into an anonymous dot. I guess this is to assure you that you are typing on that tiny keyboard correctly. This kind of scares me, because, for a split second, the password is fully visible. I am not concerned with someone looking over my shoulder, but, rather, am concerned that if someone were able, electronically, to view my screen, that hacker would then be able to piecemeal the password. The reason that I stress this is because, again, with a desktop or Chromebook that password's characters are NEVER, EVER shown as they really are. Instead they begin as dots and end as dots, safely encrypted. Does what I have said have any validity?

I have a feeling that what you are inferring is that: If I do use a banking website, that should be the ONLY thing on that browser at that time. All other websites should be turned off UNLESS THEY ARE ALSO "HTTPS".

On my old Chromebook I am unable to download different browsers. I have the Chrome and that is it. I can use different search engines, but not different browsers.

I don't understand how this works then. Maybe they locked your chromebook as part of a package deal? If that is the case $55 is a lot of money for a single device.

My advice is for you to take that $55/month and use it to get real wifi that will allow you to use it with any or all devices.

No I don't mean to be inferring that. Remember, I am an engineer. I am going to give you an exact answer that has too much information (that's what we do ).

What I am mostly saying is that with modern technology, well designed websites are extremely secure. You can trust that your banking app or your credit card site will be secure, as long as you follow the basic rules.

1. My comment about other pages were based on security holes being open in the past. These security holes have been fixed. I am recounting them... I don't think you should worry about them.

2. You don't have to close other pages when you do your banking.

[Let me try to be useful (instead of talking like an engineer).

1. If you are using SSL on a well-run site (and any big corporation will be well-run) you are very secure if you don't break one of the rules below.

2. The biggest security threat is malware. This is when you have a program running on your machine that has the power to steal passwords/ data/ etc.

3. To not get malware on your computer...keep your anti-virus software up-to-date. Be careful that email doesn't trick you into installing something, and don't download things from sites you don't trust.

4. To not get malware on your phone, only download things from the play store. Actually, the phones restrict what you do unless you know enough to hack around (and if you don't know what this means, you are safe).

5. The showing you a letter at a time of your password is intended to be a convenience (because it is hard to type on the screen). It is not a security risk. They only way they can read your screen is if they have malware installed (which you can prevent easily). If they have malware installed, you are already screwed... but on your phone it is not easy to get malware unless you are looking for trouble.

Ok, good words, but some of them are well beyond me at this point.

You say "If you are using SSL..." Max, I have NO IDEA what these 'secure sockets' even mean!!! Is SSL the same as https???? Are you saying that reputable sites (i.e., with https) ARE ALREADY SSL? If not, I have no idea what you mean with this. Am I supposed to buy SSL???

Remember, with my old Chromebook (Samsung XE303C12-A01US) one can't install anything. I don't even think that NEW Chromebooks can have anything installed, as their memory and hard drives are very limited I think.

So how does one install such anti-virus software?. I have never done that. Do you mean that even on reputable sites, I am at risk from trouble if I have not installed such software? Again, my Chromebook cannot have anything installed. And, as far as the phone goes, one would have thought that Tracfone would have already installed such anti-virus software, as well as regularly update it.

Somehow, someway, I think that I am making a tiny bit of sense here, but I also feel that this tiny, self-imposed 'bit' will never be allowed to manifest into a byte.

The goal is that you don't need to worry about security.

1. The main thing I am saying is that if you do the normal things using your computer the way it was intended to be used... you don't need to worry. That really is what I am trying to say here.

2. You can think of SSL and HTTPS as the same thing (actually to an engineer, HTTPS is build on top of SSL, but there is no need worry about this distinction except for intellectual curiosity ).

3. SSL is built in to any modern browser or App. It comes automatically. (Engineers actually have to pay for certificates... but if you aren't an engineer you don't have to worry.)

4. I don't know that much about Chromebooks. I just googled it. I think anti-virus comes for free. It is easier for engineers to make Chromebooks secure because they are locked down (you as a customer can't do much). If you get an official update, accept it (as long as you are sure it comes from google).

My main message is that you don't need to worry to much. Don't download any software.. especially if a link from an email asks you to install something. This is the main risk.

I am very paranoid of such phishing and malware attacks and, thankfully, you did not even have to advise me of such.

What you have said regarding public WiFi, I have long inferred, but there is an actual obsession among most that public WiFi is more dangerous than COVID 19!! Yet, in my small mind, I have always imagined that such engineers have always anticipated that people WILL use such convenience environments to log onto even banking and, thus, 'public logins' need to be at least somewhat safe because of the convenience factor. I am not going 'to respond to' those who want me 'to trust' them. My personality is quite paranoid in that regard.

Max, You have helped me greatly and I thank you profoundly. Right now, I cannot think of anything extremely pressing that I need an immediate response to. Hopefully, when I do, you might see my inquiry and appropriately respond. Again, thank you for your generosity. - David Lyga

Obviously there is no danger to not using public wifi. You are making your life a little less convenient, but you are not hurting anything.

One thing from this conversation that will definitely make your life better.

Get your self some good wifi for your house/apartment. For what you have been paying ($55/month), you should be able to get DSL or Cable internet. Once you have your own internet you will set up a name/password. Then you will connect all of your devices (chromebook, phone, TV, light bulbs) to it securely and have unlimited data with no extra cost.

This is the most important recommendation that I have.