11

do you guys who don't care so much about privacy use a vpn on public wifi hotspots?

and why would you?

Comments
  • 9
    Using a vpn on public wifi isn’t about privacy, Ensuring my traffic is unlikely to be collected by packet sniffers is.
  • 6
    @C0D4 Beat me to it.

    But, using a vpn in general is good practice as well; it ensures that your isp doesn't see everything you do and the US has some bad practical examples as to what can happen when you don't use a vpn.
  • 1
    Turned table... we actually care more about secrecy.
  • 1
    @C0D4 but everything is https so can't be sniffed anymore?

    Somehow even in Android now I can't do packet captures anymore even with a cert installed...
  • 5
    @billgates

    You are correct, the data submitted in a form will be encrypted, however.. your DNS lookups will be resolved over UDP (insecure as shit), unless you configure that outside a browser.

    If you have an email client open, 90% of the time that will be ran over SMTP, which can be insecure unless configured correctly (we are talking normies here.. so most likely)

    So with enough of this data,(browser wise) It can be determine what you are doing, especially if a website uses URL parameters to pass your data around, things like emails and login details could potentially be obtained.

    But yes https is a good start but this still relies on web devs and sysadmins to actually do things correctly aswell.
  • 0
    @C0D4 but https is now the default I think? Otherwise there's would be a huge red sign in the address bar/or warning page and I haven't seen any in a long time
  • 0
    As long as I'm using TLS I don't care. Hopefully dnssec will take off soon 😵
  • 3
    @billgates Not everywhere and you don't see this huge red warning UNTIL you've loaded the website :/
  • 0
    @linuxxx you guys must be going to some very dark places on the net... but actually now that I think of it, that warning page is only if you use a self signed certificate... (I'm thinking of the dev servers at work)
  • 1
    @billgates The newest chromium/chrome/firefox versions also give but red flags if you visit ANY site without a secure connection.
  • 0
    @linuxxx the whole SSL thing is pretty strange though. It used to be SSL was a nice feature and costs like $50 to get a certificate. Now it's like a must-have (mostly) and basically free for everyone/included in all hosting packages?
  • 0
    @billgates There's one or two free providers but there's differences in certificates with paid ones :)
  • 0
    @billgates Oh and also; SSL isn't used anymore. The now used 'protocol' is TLS.
  • 0
    @linuxxx well I just say SSL because the URL is https... thought the long version was SSL/TLS, they they were a combo doing 2 different things but guess not...
  • 0
    @linuxxx the paid ones are more trusted because they do due diligence? aka make sure the physical address exists and isn't related to gangs and drug cartels?

    I think I added SSL once, $50 more and they just said here you go...
  • 3
    @billgates The drug cartels don't matter as far as I'm aware but when you see the company name in the url (these are EV certificates and expensive, EV: Extended Validation) there are additional validation steps like literally calling the phone number under that business which is in the country's business register.
  • 0
    @linuxxx could you help me set up openvpn on my digitalocean droplet?
  • 1
    @calmyourtities Possibly, what would you need?
  • 0
    @linuxxx i have a tcp openvpn server working on port 443, but i can't access it from my school wifi. i can reach websites with https so i know that port 443 is unblocked, and i know the ip isn't blocked because i can connect to a http server running on the vps from my school. i can't figure out the problem.
Add Comment