[Sir_Cmpwn]

My layman explanation is:

You have to take your choice of VPN seriously. When you use a VPN, they can read all of your internet traffic, so choose a company you can trust with that information. If they screw up, like NordVPN did, then anyone can read all of your internet traffic even when you think you're safe. You're often better off without a VPN than with one.

[lkbm]

This seems like an overstatement. Five years ago, mostly true, but can they mitm my ssl connections? (I'm getting mixed answers on StackExchange, but it seems like generally no.)

They can see what sites I visit, but for most of those sites, they still shouldn't be able to see the content.

(This might be more nuanced than the layman explanation needs to be. Just curious for my own sake.)

[acdha]

It's likely that they cannot trivially MITM SSL connections but for that to be true you're relying on a bunch of things which are not trivial to verify:

1. All of the apps and sites you care about are HTTPS-only and don't rely on, say, an HTTP-to-HTTPS redirect which can be bypassed.

2. The VPN client doesn't do something like configure a proxy.

3. Your OS, apps, and browser don't have exploitable bugs or weak software update mechanisms, or that the VPN provider or whoever compromised them isn't going to try exploiting them.

Obviously the third one is a relatively low probability since it's noisy but it's the kind of thing which would be hard to rule out since VPN providers have a market incentive to cut corners if they think it won't be noticed and by their nature it's easy to imagine a law-enforcement or intelligence agency thinking it'd be a good service to compromise to get access to a userbase which contains people who are trying to hide something of interest.

[yk]

Depends, if they have a root (or a wildcard) certificate, they can show you that, and your browser will happily show you a green lock. However, the list of root CAs in your browser is public, for Firefox see [0], and hopefully someone would notice if a VPN provider has access to such an certificate.

(However, that is something that also applies to ISPs, at least Telekom has a CA and therefore a root certificate.)

[0] https://www.mozilla.org/en-US/about/governance/policies/secu...

[Sir_Cmpwn]

The article I linked in my original comment goes into a bit more detail and is aimed at the layman, but it's a bit more in depth than a comment you can make in a conversation.