How can one determine if such access points are secure?
In reality, wifi access points are about the same security as wired ethernet. The only difference is your data is exposed to more people with wifi than with ethernet. Using big-O notation, adding a fixed multiplier to any value doesn't actually increase the value. because it doesn't scale significantly with the problem. (increasing n to 2n, compared to say, an increase n^2 to n^3) Sorry, bit of a math geek here
So end-to-end encryption (https etc) is the most basic solution for data security. Privacy however is a lost cause unless you are using a vpn, since anyone that can see your traffic can tell
where you are connecting to, even if they can't
read the data. If you're using a vpn but are doing local DNS instead of all-traffic-over-vpn, again users that can see your traffic can see your DNS queries when you need to make them (which is not all the time) and see where you're interested in connecting to.
Lets compare it to something very disconnected, to give you a clearer perspective. Trash. You can learn
a lot about someone from what they throw away.
A LOT. But 99.9% of us don't secure our garbage. (incinerator) There's a fair percentage that have a shredder they use regularly for sensitive documents, (wild guess, 5%?) but for the most part we just bag it and throw it in the can. That's not all that different from the packets we send flying around on the internet. If someone has a serious interest in what you're doing, they could exploit this. Cops do it all the time, they don't even need a warrant to dig through your trash. (it's considered "abandoned" and isn't covered by any privacy laws once its at your curb for pickup) Lets say you have the option to "secure your garbage cans", so the garbage is under lock and key until it gets picked up by the trash man. Have you really gained much? It does slightly bother me in the back of my mind, that at some point in the future, landfills will be the subject of a lot of controversy. That handful of junk mail you threw in the can upstairs in your den identifies the contents of this week's bag of garbage, and everything in it. 25 years from now recycling companies
are going to be digging out landfills for materials, and probably looking for side-business to increase their revenues. It may be plausible for what you throw away today to be a matter of public record or for sale, and that kinda freaks me out.
The reality is that today we don't have a lot of privacy, but as time goes on, things we
thought were private won't even be private anymore. That encryption you're using on your vpn, or your browser is using in its https, if the NSA really is saving everything they can fit on city block areas of hard drives, the whole concept of "encryption good enough to be unbreakable for the next 10 years" won't matter anymore, because 10 years from now they can and
will be breaking it, and reading your old mail. Go watch Enemy of the State for a sobering look at how powerful it is to be able to rewind time if you record everything so you can look through it later.
So really, worrying about the security of a public wireless access point is about as pointless as worrying about the security of your garbage can as it sits at the end of your driveway.
The only time it matters is when its connecting computers to their own private LAN, where traffic is both trusted and privileged. When I throw something in the can here at the office, the night staff empty it and take it downstairs to get burned.