Need to use that hotel WiFi but know it's not the secure thing to do? Concerned about someone sniffing your traffic on the airport WiFi or your local Starbucks? Read this to learn about why it's important to use a VPN - virtual private network -- when using WiFi networks.https://twitter.com/joejerome/status/1052537210837307393 …
-
-
Replying to @KimZetter
I'm increasingly wondering whether urging average users to use a VPN when on public WiFi doesn't do more harm than good. Almost all important network traffic is encrypted anyway, and if you don't trust your fellow Starbucks customers, why trust some unknown VPN provider?
2 replies 0 retweets 11 likes -
Replying to @martijn_grooten
Why trust Google with your gmail? Why trust your doctor with your medical records? Why trust the IRS with your tax return? We live in a world of constant tradeoffs - I think the risk of a rogue player on the WiFi is greater than a reputable VPN company.
3 replies 0 retweets 3 likes -
Replying to @KimZetter
I totally agree about the tradeoffs and what's a bigger risk probably depends both on the WiFi's location and on your VPN provider. But I think it's mostly irrelevant. Just about all our important network traffic is encrypted. I worry this gives people a false sense of security.
2 replies 0 retweets 1 like -
Replying to @martijn_grooten
How is it a false sense of security if it's actually securing their traffic? Or do you mean it risks getting people to trust an entity that might not be worthy of their trust? I'd say that risk already exists with the hotel WiFi.
1 reply 0 retweets 0 likes -
Replying to @KimZetter
1. there's a lot that VPNs typically don't protect against: malware, phishing, etc. That's obvious to you and me but not always clear to the average user. The article linked in the tweet you quoted somehow mentions data breaches as a reason for using VPNs.
2 replies 0 retweets 1 like -
Replying to @martijn_grooten @KimZetter
2. I think people have a limited willingness to do thing to make themselves more secure. By making them do one thing that barely makes a difference, they may not do the things that really do make a difference. Like using 2FA.
2 replies 0 retweets 1 like -
Replying to @martijn_grooten
Fair point. I do think that critical infrastructure engineers and sysadmins remoting into their control stations should be using 2-factor and a VPN.
2 replies 0 retweets 0 likes -
Replying to @KimZetter @martijn_grooten
What's the attack you're imagining that's mitigated with VPN?
6 replies 0 retweets 4 likes -
Replying to @taviso @martijn_grooten
Sniffing, MITM. I used to have to file news stories over unsecured hotel connections (because news organizations are the last to secure their communication channels and don't want to pay for mobile hotspot usage).
2 replies 0 retweets 2 likes
The problem you're trying to solve is you want to communicate in plaintext over the public internet? I don't understand how a third party VPN solves that, are you talking about a corporate VPN?
-
This Tweet is unavailable.
-
-
Public WiFi is susceptible to numerous vulnerabilities as you know. If a user connects to a fake WAP for instance, would using a non-shady VPN w/ IPSec to encrypt plaintext not be a good thing? Assuming the average user doesn't know not to connect to fake WAP. Educate me.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.