I don’t use a VPN, even on public WiFi, because I don’t use any unsecured protocols (except for occasional public HTTP). Am I being naïve?
17
1
2
TLS Man in the Middle attacks. Most apps won’t complain about injected certificates.
2
An app that doesn’t complain about invalid certificates has no business running on my machine

Oct 16, 2017 · 8:56 AM UTC

1
But do you know? IIRC someone recently posted that even Virus Scanners sometimes pull updates via HTTP in the background.
1