• atzanteol@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    7 months ago

    When I use a VPN, I very rarely imagine that the coffee shop / home internet that I’m hooked up to will have a malicious actor

    That’s like 90% of the reason to actually use a VPN at a coffee shop.

    • mozz@mbin.grits.dev
      link
      fedilink
      arrow-up
      1
      ·
      7 months ago

      For this scenario, are you imagining that a person may have physically entered the coffee shop who’s both tech savvy and malicious enough to run a malicious device there?

      Or were you thinking a remote compromise of their router? That one seems moderately more probable, but eliminates anything special about the coffee shop’s router specifically as opposed to your home router or your workplace’s router.

      • atzanteol@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        For this scenario, are you imagining that a person may have physically entered the coffee shop who’s both tech savvy and malicious enough to run a malicious device there?

        I mean… Yeah. I’ve sat in a coffee shop or airport in the past and sniffed traffic out of mere curiosity. Why wouldn’t a malicious actor be there?

        • mozz@mbin.grits.dev
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          I have done, and friends of mine have done a lot more than that. My point is that I’m unusually nerdy and the number of people who’ve ever been subjected to it by me being near them is probably in the double digits for a few minutes over my entire life.

          I will bet you any amount of money that you can go to any coffee shop and set up an insecure VPN there all day and not a single person will randomly come in, set up a malicious DHCP server, and reroute the VPN traffic through their hardware so they can spoof it and spy on your traffic.

          The fact that it’s possible means it’s worth defending against, sure. If it sounds like I’m saying it’s not a big deal I am not. I’m just saying that it is not the most common threat that you need to defend against most urgently or even in the top 10 (primarily because it requires one of this little handful of people nearby to you to be a malicious actor, where most of the ones that are really commonly-encountered threats are the ones that literally any one of billions of people on the planet could at any time randomly target you with, so you’re going to run into a lot more frequently.)

          • atzanteol@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            7 months ago

            Sorry - but you think

            But more likely is that I’m protecting against a malicious ISP

            I’d take that bet.

            • mozz@mbin.grits.dev
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              7 months ago

              Okay, how much?

              I can enumerate the ISPs that have will-hand-your-traffic-over-for-general-vacuuming-up deals with the American government, and the ISPs worldwide that do some form of traffic editing on behalf of differently-repressive-than-the-US regimes, and I can go to Starbucks tomorrow and we can compare that proportion of ISPs to the proportion of people I find actively tampering with my traffic from the cafe.

              • atzanteol@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                7 months ago

                You need to compare “everybody who has ever done anything malicious at a cafe” if you want to make a valid comparison to “all the ISPs in the world”. In the US nobody would be using an ISP that would be doing anything malicious in a cafe. “has deals with the American government” paranoia notwithstanding.

                • mozz@mbin.grits.dev
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  7 months ago

                  What?

                  I am comparing the question, is my traffic being spied on by the ISP (in practice, passed off from the ISP to the NSA for sure and in practice maybe whoever else) actively as I’m running my connection, versus is my traffic being spied on by my fellow patrons. I would describe harvesting all my traffic and giving it to the government as “malicious.” That, to me, is more likely (I mean, more or less 100% chance, within the US) than someone randomly being at the cafe acting maliciously to the point of setting up a spoof DHCP server randomly during the time that I am there.

                  (Part of the Snowden revelations were that the NSA had deals with more or less every major data carrier to harvest in bulk more or less everything that goes over the long-distance internet.)

                  What percentage of people in the world do you imagine set up spoof DHCP servers at cafes? 1%? And what percent of their time do you imagine they spend doing it? I cannot possibly make the math work out to make it make sense unless the cafe literally has at bare minimum thousands of people in it at all times. I mean, sure, it’s worth making sure your VPN is secure against it.

                  I don’t really want to argue continuously back and forth about this for too too long. I feel like I’ve said what I needed to say to communicate my piece about it at this point.

                  • atzanteol@sh.itjust.works
                    link
                    fedilink
                    English
                    arrow-up
                    2
                    ·
                    7 months ago

                    I’m going to go ahead and say we just differ in what we consider to be “malicious behavior”. Yes, the NSA spying is bad, but they’re not “stealing credit cards bad”.