fsebugoutzone.org:9999

       Post AUt72XDOGD841QipXM by PhilGastwirth@worldkey.io
 (DIR) More posts by PhilGastwirth@worldkey.io
 (DIR) Post #AUt4kTXMznYFUkKPp2 by matt@worldkey.io
       2023-04-21T16:36:46Z
       
       0 likes, 0 repeats
       
       @MarkWillard since we talk about what a VPN and isn&#39;t from time to time, I thought you&#39;d find this interesting. Obviously it is a single event and data point, but these folks seem to have their privacy/security shit togetherhttps://mullvad.net/en/blog/2023/4/20/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised/
       
 (DIR) Post #AUt4kUKI3ugPwTDU4e by MarkWillard@worldkey.io
       2023-04-21T19:25:26Z
       
       0 likes, 0 repeats
       
       @matt wow. That is genuinely very cool and very impressive. Also respect that they voluntarily disclosed this within 2 days even though nothing was compromised.My biggest issue with VPNs is the extremely misleading marketing in many cases (NordVPN, I&#39;m looking at you) but I&#39;ve heard good things about Mullvad. Glad it seems like they did the right thing all around.
       
 (DIR) Post #AUt4kV1tRnYs7hcJ2O by Nitro230@worldkey.io
       2023-04-21T19:49:44Z
       
       0 likes, 0 repeats
       
       @MarkWillard @matt Nord says some shit, but end of the day they get it done for basic VPN needs.The one that always gets me is Google pushing their VPN offering.  Like..... you already scrape every piece of info that runs through your systems.... why would I add more data?
       
 (DIR) Post #AUt4kVreLMxgiDpdi4 by PhilGastwirth@worldkey.io
       2023-04-21T20:08:03Z
       
       0 likes, 0 repeats
       
       @Nitro230Cause when you connect to public wifi, who knows who&#39;s looking at your packets. Any VPN even Google is better than nothing. @MarkWillard @matt
       
 (DIR) Post #AUt52ENA7Ga5fv1JGi by MarkWillard@worldkey.io
       2023-04-21T20:11:19Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @Nitro230 @matt that&#39;s a very common misconception that VPN marketing loves to push... Until around 2017 or so that was a legitimate concern. With 99%+ of web traffic now HTTPS encrypted by default, a VPN isn&#39;t needed on public wifi. The only information that is still potentially visible is DNS request data, and in most cases there&#39;s no reason to trust a VPN provider more than an ISP with that data. There are also cheaper and more effective ways to secure DNS requests than a VPN.
       
 (DIR) Post #AUt5guuLOHeTB9wQ88 by PhilGastwirth@worldkey.io
       2023-04-21T20:18:37Z
       
       0 likes, 0 repeats
       
       @MarkWillardYes I know this. Average consumer doesn&#39;t about https or remember to check. I would say 99% is optistic. Yes almost all major businesses have it but not every site. I use my own Tailscale VPN to my own router and have both router and tailscale set up with nextdns@Nitro230 @matt
       
 (DIR) Post #AUt5q8cjlRRMKC6R6G by MarkWillard@worldkey.io
       2023-04-21T20:20:18Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @Nitro230 @matt genuine question: what site that you are conducting sensitive transactions over doesn&#39;t support HTTPS, and why are you still using it (on or off public wifi)?
       
 (DIR) Post #AUt687XeWet2BJIcTY by PhilGastwirth@worldkey.io
       2023-04-21T20:23:35Z
       
       0 likes, 0 repeats
       
       @MarkWillardPublic wifi isn&#39;t just web traffic. I don&#39;t want them sniffing my devices @Nitro230 @matt
       
 (DIR) Post #AUt6Drx9OgoNZTy0e0 by matt@worldkey.io
       2023-04-21T20:24:37Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @MarkWillard @Nitro230 I&#39;m curious too, what else is there that wouldn&#39;t be encrypted other than DNS?
       
 (DIR) Post #AUt6i3VD1Olq4vI7zU by MarkWillard@worldkey.io
       2023-04-21T20:30:04Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @Nitro230 @matt it sounds like the threat model you have in mind is someone making a malicious request to your device via the public wifi LAN. I don&#39;t think that a VPN would defend against that, because VPN or not you&#39;re still connected to the wifi LAN. The best defense would be keeping your OS up to date, disabling unnecessary network services, and a properly configured software firewall on your device.
       
 (DIR) Post #AUt72XDOGD841QipXM by PhilGastwirth@worldkey.io
       2023-04-21T20:33:46Z
       
       0 likes, 0 repeats
       
       @MarkWillardAnd or accidentally connecting to the wrong public wifi. I was just at several airports and the naming schemes are all over the place and some have several options. I&#39;m overly cautious. @Nitro230 @matt
       
 (DIR) Post #AUt76r0uaiO8aKweIK by PhilGastwirth@worldkey.io
       2023-04-21T20:34:32Z
       
       0 likes, 0 repeats
       
       @MarkWillardWhen you work in security and at my last job had the &quot;keys to the kingdom&quot; it just made me super cautious@Nitro230 @matt
       
 (DIR) Post #AUt7UTsOGd37m9E1uC by MarkWillard@worldkey.io
       2023-04-21T20:38:49Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @Nitro230 @matt I work in IT security as well. None of the threats you&#39;ve identified are solved by a VPN. The only threat I&#39;m aware of that VPN mitigates over public wifi is DNS request eavesdropping; and if you&#39;re using NextDNS that threat is already mitigated more efficiently and cost effectively than it would be by a VPN.
       
 (DIR) Post #AUt7pZITJBVafWToW0 by PhilGastwirth@worldkey.io
       2023-04-21T20:42:38Z
       
       0 likes, 0 repeats
       
       @MarkWillardYeah I&#39;m not paying for anything other than NextDNS so cost isn&#39;t an issue in my personal situation. My area of IT security is more access control than infra so I do say I am wrong on the VPN/https with public wifi. Thanks for the feedback@Nitro230 @matt
       
 (DIR) Post #AUt8XzFWBBWZtsHLGK by PhilGastwirth@worldkey.io
       2023-04-21T20:50:36Z
       
       0 likes, 0 repeats
       
       @MarkWillardQuestion. Say on my mobile, you were talking https. But what about all the apps, how are you sure a banking, gaming app is transfering data securely? @Nitro230 @matt
       
 (DIR) Post #AUt8mwQuvqRxVfk2EK by matt@worldkey.io
       2023-04-21T20:53:19Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @MarkWillard @Nitro230 Apple App Store policy requires use of encrypted connections; apps will be rejected that don’t. I believe the Google Play store has a similar policy.
       
 (DIR) Post #AUt8nfTdSaMXD8MLDM by MarkWillard@worldkey.io
       2023-04-21T20:53:26Z
       
       0 likes, 0 repeats
       
       @PhilGastwirth @Nitro230 @matt I can only speak for myself and my own use case in that regard, but I don&#39;t use any gaming apps; and if a bank isn&#39;t using HTTPS for everything in 2023 (heck, even 2013 for that matter), that&#39;s not a bank I would choose to do business with.
       
 (DIR) Post #AUt9w0Im19u64JokF6 by PhilGastwirth@worldkey.io
       2023-04-21T21:06:11Z
       
       0 likes, 0 repeats
       
       @mattLooks like you are right about the app stores requiring https now. @MarkWillard @Nitro230