[garyrob]

Honest question: it's still a consensus that they do have value in situations such as airport Wi-Fi, correct?

Separately from that, I still do wonder whether, if you subscribe to a VPN that has well-examined security practices and whose reputation depends on such practices, whether it still may have value over relying on the security over a local ISP which may not have as much expertise or reputation investment with respect to security.

I'm not arguing, just trying to understand the issue better.

[elagost]

Argument is the spice of life! An argument doesn't have to be angry. But nonetheless I appreciate your earnest kindness.

It's less of an issue when every site you connect to uses https, and every app you use employs ssl/tls for its connections. That is common practice these days. Getting man-in-the-middle'd on airport Wi-Fi is less feasible these days than it was 10 years ago. The attacker would have to also install a certificate on the user's device. I welcome corrections if I'm wrong.

VPNs aren't obligated to tell you the truth. They don't have to have good security or even honor what they say on the front page. People trust marketing, not actual policy or actions - just look at Apple. Still waiting on "HMA" VPN to go out of business because they handed over users to the FBI. They're still around and claim No Logs just like everyone else, just like ProtonMail did until this month.

https://arstechnica.com/information-technology/2021/09/priva... https://hacker10.com/internet-anonymity/hma-vpn-user-arreste... https://www.theregister.com/2011/09/26/hidemyass_lulzsec_con...

[garyrob]

"Getting man-in-the-middle'd on airport Wi-Fi is less feasible these days than it was 10 years ago. "

I think the "consensus" I'm referring to may actually have been from at least 10 years ago. I'm an old-timer!

Thanks for the feedback

[gizdan]

> Honest question: it's still a consensus that they do have value in situations such as airport Wi-Fi, correct?

No. I don't think this was ever a consensus. When is the last time you've used a (sensitive) website that is not run over HTTPS? Unless the CAs (or the certs) are compromised, you have no reason to use a VPN when on public Wi-Fi, because it is encrypted with this so-called "military grade encryption" that VPN providers love to mention.

Edit: forgot to add, if the CAs or the certs are compromised, VPNs won't help anyway.

[marderfarker2]

Most public wifi block all the ports necessary for VPN except 80 and 443. Even then DPI will stop most VPN protocol right in its track.

I’ve never had reliable VPN working over public wifi/mobile network, unless I roll my own custom protocol that masquerades as HTTP traffic.

[garyrob]

Interesting. I'm an ExpressVPN subscriber (maybe I won't be much longer) and haven't had any problem using it on public Wi-Fi networks.

[brewdad]

Same here with multiple different VPN providers. Once I get through the TOS screens I can activate the VPN and have no issues. At one hotel chain (rhymes with a moldy British cheese), I have to activate my VPN first since my DNS provider won't resolve their login page.

[wintermutestwin]

I've used VPN over literally hundreds of public WiFi...

[fortuna86]

> Honest question: it's still a consensus that they do have value in situations such as airport Wi-Fi, correct?

No, with SSL and https now the default for 90%+ of the web, you can be sure no one is casually listening in.