I totally agree about the tradeoffs and what's a bigger risk probably depends both on the WiFi's location and on your VPN provider. But I think it's mostly irrelevant. Just about all our important network traffic is encrypted. I worry this gives people a false sense of security.
You totally ignored the point. You want to communicate privately with host over untrusted hops You->A->B->C->Host. TLS Let's you do this, but you're scared you might click through a warning, so you instead send all your traffic to sketchy host F, now You->F->A->B->C->Host.
-
-
You didn't solve anything, you just moved some bits around. Do not say "what about warning fatigue", when a VPN does not solve warning fatigue.
-
The threat model I'd assume for an average user is "dumb attacker with a wifi pineapple or equivalent". That's easy for someone in a coffee shop. I don't expect a low-resource attacker to have the capability to MITM traffic out of a VPN server.
- 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.