Meta Data Collection. DNS injection.

There are some man in the middle moves that can happen, so like all things security, defence in depth. (Btw I don’t use VPN )

Using a VPN means relying on some faceless ISP you don't know while using public WiFi means relying on some faceless ISP you don't know.

You may be susceptible to: DNS poisoning DNS filtering / restrictions MiTM if your client doesn’t use pinning

If you don’t pin public keys (e.g. innoq.com) it’s easy to intercept/MIM connections. In the end it boils down to basic trust…

Since I was in China 12 years ago I’ve setup a private SSH/VPN server but I just use it for mails and calendar, browsing and developing w/o

With a well managed VPN you could avoid entire classes of attacks: typosquatting, DNS spoofing and mitm for example @GardionHQ

Same here.

Some open WiFi system inject JS Content into your HTTPS via MITM. This is a „service“ to show time left in free WiFi... and obvious not safe

I use Own VPN, so I connect to home network (to access NextCloud) and for surfing, it is also helpful against GEO blocking