What about man in the middle attacks that use SSL/TLS stripping, certificate spoofing, or downgrade attacks
I think travel warriors who rely on many public hotspots, including hotel wifi, which has almost zero protections makes VPNs a safe option.
I'm in Canada and my last hospital visit was free, the wifi was free too, the password was by the front desk, I think it just gets changed every month. I think a nurse chose the password cause it was a warm/fuzzy word. The only thing I had to pay for was parking. Even restaurants have free Wi-Fi, just ask the waitress for the password.
protonvpn.com
Don’t forget the CEO-issued mandatory statement to customers stating that “…your privacy is our top priority!”
Proton literally have a free tier that's brilliant.
We are talking about a public WiFi, being in a hospital is a detail.
Could you not say the same about your ISP? How much can you say you trust your ISP? Or any ISP? If you truly want to hide your traffic, you need a reputable VPN (examine reviews, whether there is no logs policy, independent reviews and security assessments of vendor, etc), encrypt DNS traffic, use a firewall, and just be plain smart and security conscious browsing or using the internets.
Yes!!!!! Or, at least, any of the major ISP's in the US. Comcast, Spectrum, Google, and the list goes on. I trust Proton or Mullvad way more than any of these predatory ISP's.
So, inside a hospital, it will be the hospital’s WiFi network, but… ok, let’s say you use a public open WiFi in a coffee shop and you access your Chase bank. What danger presents itself? I contend that there is none, except somebody can find out that you bank at Chase, along with 35 million other people.
I’m going to repeat myself a third time: What danger does public wifi present if you are using HTTPS, which is enforced by web browsers today?
Weird tone but let's roll with it. I'm going to be the third person to tell you... You can be a victim of a person-in-the-middle attack on public wifi. Google it. This can be mitigated by using a VPN.
How can a man in the middle attack present a certificate which convinces your browser that it is making a legitimate HTTPS connection to the website of your choice?
SSL encrypts the connection between you and the website but the ISP and anyone in between (hospital wifi) will know what website you are connected to.
Thus, using SSL over a public WiFi network is safe and a man in the middle attacker cannot obtain your passwords or any of your confidential data.
Continuing the analogy, if you use encrypted DNS (DoH) then the address on the envelope can't be read as well.
I'm sure you are capable of doing your own research to learn about "man-in-the-middle" attacks over public wifi. Just using SSL doesn't protect you from an attack vector. There are other methods to steal your passwords and confidential data with "man-in-the-middle". I don't use public wifi w/out a VPN. Anybody can pretend to be Starbuck's guest wifi network.
“Do your own research” is not an answer. No-one in this thread has explained how public WiFi is unsafe to use and how passwords can be stolen in man in the middle attacks.
For anyone who's interested in finding out about why visiting SSL websites doesn't protect you entirely, DYOR. It's very easy to find. And easy to discover that a VPN protects you.
If a malicious attacker spoofed your bank’s website, SSL authentication would fail. They would not posses the certificate necessary to prove to the browser that they are chase.com or whatever.
