Need to use that hotel WiFi but know it's not the secure thing to do? Concerned about someone sniffing your traffic on the airport WiFi or your local Starbucks? Read this to learn about why it's important to use a VPN - virtual private network -- when using WiFi networks.https://twitter.com/joejerome/status/1052537210837307393 …
-
-
Replying to @KimZetter
I'm increasingly wondering whether urging average users to use a VPN when on public WiFi doesn't do more harm than good. Almost all important network traffic is encrypted anyway, and if you don't trust your fellow Starbucks customers, why trust some unknown VPN provider?
2 replies 0 retweets 11 likes -
Replying to @martijn_grooten
Why trust Google with your gmail? Why trust your doctor with your medical records? Why trust the IRS with your tax return? We live in a world of constant tradeoffs - I think the risk of a rogue player on the WiFi is greater than a reputable VPN company.
3 replies 0 retweets 3 likes -
Replying to @KimZetter
I totally agree about the tradeoffs and what's a bigger risk probably depends both on the WiFi's location and on your VPN provider. But I think it's mostly irrelevant. Just about all our important network traffic is encrypted. I worry this gives people a false sense of security.
2 replies 0 retweets 1 like -
Replying to @martijn_grooten
How is it a false sense of security if it's actually securing their traffic? Or do you mean it risks getting people to trust an entity that might not be worthy of their trust? I'd say that risk already exists with the hotel WiFi.
1 reply 0 retweets 0 likes -
Replying to @KimZetter
1. there's a lot that VPNs typically don't protect against: malware, phishing, etc. That's obvious to you and me but not always clear to the average user. The article linked in the tweet you quoted somehow mentions data breaches as a reason for using VPNs.
2 replies 0 retweets 1 like -
Replying to @martijn_grooten @KimZetter
2. I think people have a limited willingness to do thing to make themselves more secure. By making them do one thing that barely makes a difference, they may not do the things that really do make a difference. Like using 2FA.
2 replies 0 retweets 1 like -
Replying to @martijn_grooten
Fair point. I do think that critical infrastructure engineers and sysadmins remoting into their control stations should be using 2-factor and a VPN.
2 replies 0 retweets 0 likes -
Replying to @KimZetter @martijn_grooten
What's the attack you're imagining that's mitigated with VPN?
6 replies 0 retweets 4 likes -
I think normal users would click through SSL errors for expired/invalid certs, so an SSL MITM could be possible. Some sites don't pin certs and users re-use passwords. Yes VPNs can be MITMd but users face less VPN error fatigue When did we stop believing in defense in depth?
2 replies 0 retweets 0 likes
You understand what a VPN does, right? Your traffic is passing across the hostile public internet, and your solution is to.... pass it slightly differently?
-
-
The best argument you can come up with for this is, "well... users don't see vpn errors as often, so maybe they won't dismiss them", but they now have to deal with vpn errors *and* ssl errors. That is not "defense in depth".
1 reply 0 retweets 1 likeThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.