• Dymonika@beehaw.org
    link
    fedilink
    arrow-up
    3
    ·
    9 months ago

    So this is a question I’ve been wondering: is public WiFi safe to treat like a private one if you’re using HTTPS everywhere?

    • skuzz
      link
      fedilink
      arrow-up
      5
      ·
      9 months ago

      You only use HTTPS everywhere until you don’t. It’s kinda like a security blanket to use a VPN in those situations. Someone could be running a MITM proxy and you’re dumb enough/in a rush/etc. and click accept on the expired cert. Or some new 0day vulnerability allows badness to happen without your knowledge. Even without being able to see your traffic, a bad actor could still see your DNS requests and narrow down what services you use for further targeting, especially if you frequent a place.