A WPA3 network with a strong unique key should be safe. Sometimes defaults are predictable and users don't change.
Sometimes "getting free internet" doesn't involve cracking WPA keys. Think unencrypted hotspots with bypassable captive portals and devices with ancient firmware and exploitable CVEs.
I think what we can safely say is that negligent wifi access point operators exist in most residential areas.
It is possible for an attacker to crack WPA3 in such a way that they can connect to the network. It's not fast or easy, but it can be done.
It's not impossible that it could be done with a smartphone, although that would make the task even more difficult. Since you can't really "casually" crack WPA3 (as far as I'm aware), I doubt that anybody is doing it that way. They'd be more likely to pick up more suitable kit for $100-$200.
Cracking the key?
A WPA3 network with a strong unique key should be safe. Sometimes defaults are predictable and users don't change.
Sometimes "getting free internet" doesn't involve cracking WPA keys. Think unencrypted hotspots with bypassable captive portals and devices with ancient firmware and exploitable CVEs.
I think what we can safely say is that negligent wifi access point operators exist in most residential areas.
It is possible for an attacker to crack WPA3 in such a way that they can connect to the network. It's not fast or easy, but it can be done.
It's not impossible that it could be done with a smartphone, although that would make the task even more difficult. Since you can't really "casually" crack WPA3 (as far as I'm aware), I doubt that anybody is doing it that way. They'd be more likely to pick up more suitable kit for $100-$200.