Security when you’re on untrusted network. I can trust Google to snoop my banking data and update the spending power info on my ad profile, I can’t trust the random dude in trench coat also using the public wifi when I am traveling out of my roaming coverage.
I joke of course, but the security aspect is still valid.
What is it that you’re doing that is still not using some form of authenticated encryption? Almost everything is https, ssh, almost all mailservers have tls support, irc does have tls support…
What’s left that needs to be encrypted by a VPN?
You only use HTTPS everywhere until you don’t. It’s kinda like a security blanket to use a VPN in those situations. Someone could be running a MITM proxy and you’re dumb enough/in a rush/etc. and click accept on the expired cert. Or some new 0day vulnerability allows badness to happen without your knowledge. Even without being able to see your traffic, a bad actor could still see your DNS requests and narrow down what services you use for further targeting, especially if you frequent a place.
Security when you’re on untrusted network. I can trust Google to snoop my banking data and update the spending power info on my ad profile, I can’t trust the random dude in trench coat also using the public wifi when I am traveling out of my roaming coverage.
I joke of course, but the security aspect is still valid.
What is it that you’re doing that is still not using some form of authenticated encryption? Almost everything is https, ssh, almost all mailservers have tls support, irc does have tls support… What’s left that needs to be encrypted by a VPN?
So this is a question I’ve been wondering: is public WiFi safe to treat like a private one if you’re using HTTPS everywhere?
You only use HTTPS everywhere until you don’t. It’s kinda like a security blanket to use a VPN in those situations. Someone could be running a MITM proxy and you’re dumb enough/in a rush/etc. and click accept on the expired cert. Or some new 0day vulnerability allows badness to happen without your knowledge. Even without being able to see your traffic, a bad actor could still see your DNS requests and narrow down what services you use for further targeting, especially if you frequent a place.