[lifthrasiir]

He made this point explicit:

> Networks like these make it easy for attackers to get a copy of your network data, and if you send something unencrypted, the results can be quite harmful.

The web should be ideally end-to-end encrypted with HTTPS. But in case this assumption breaks down, VPN gives an additional headroom for security. Not much (as explained in the article, and thus should not be advertised so), but still useful.

[thinkloop]

The VPN only protects the first hop, it would not be a good backup for https.

[lifthrasiir]

Yes, but if the target site does not use https there is no alternative.

[quickthrower2]

It protects the first hop for request data. But response data could be interfered with too.

[dahfizz]

The internet is so much bigger than just websites. HTTPS is great but VPNs provide encryption at a much lower level, where it should be. Even when using https you are exposing a lot of unencrypted data because https is an application layer encryption. It's not enough.

[_b8r0]

> The web should be ideally end-to-end encrypted with HTTPS.

No. People designing public access networks should use encryption and AP client isolation.

[baddox]

They should, of course. And for when they don’t, a VPN can protect you. That’s what the article is saying.

[_b8r0]

I'm responding to OP's comment, not the article.