What the hell Proton!

What is he talking about, public WiFi can easily poison and monitor your DNS requests (most people don't know or use encrypted DNS), and there's still tons of non-https traffic leaks all over the place that are plain text. Even if encrypted, there's still deep packet inspection. VPNs can mitigate DPI techniques and shift the trust from an easily snoopable public WiFi to the VPN's more trustworthy exit servers.

This guy really needs to elaborate on what he's trying to say when the cyber security field very much disagrees with this stance. I'm not a huge fan of Proton, but they aren't doing anything wrong here. You should use it for public Wi-Fi.

When I first saw this I thought it was funny. The fact that so many people are falling for it has only made it even funnier.

FWIW, Haley Welch might seem dumb as bricks, but she also seems quite sweet - doing charity stuff, keeping her other friend from "that" vid for the ride, etc. As far as people becoming famous for bullshit reasons goes, she seems to be handling it well.

I don't know how effective VPNs are over a public WiFi network, but I do know it stopped Spectrum from sending me "you are downloading copyrighted material, stop it" emails once I started using one. Fuck Spectrum, I don't have them anymore, but that seems like a good enough reason to keep using one in certain circumstances.

Considering how most of the Internet is encrypted with TLS, if you add DNSSEC+DoH/DoT on top, trying to MITM someone on a public WiFi is way harder than it was, unless you're a state-level adversary and you're able to craft valid certificate for a domain you don't control from a globally trusted (root) certificate autority (which will lose its trusted status quite fast once discovered, ex: CNNIC)

I’m not online enough to understand this.

I don't understand why everyone assumes using a VPN means paying for a third party. I have Wireguard deployed in my NAS and I always have that VPN connection active on my phone to be able to access my LAN deployed services remotely, Jellyfin for example.

This was nothing more than a poorly executed joke from Proton. Some people are massively overreacting.

Permanently Deleted

I have a vpn for... reasons... 🏴‍☠️⚓️🏴‍☠️

I assumed it was a joke. My feed has been full of jokes about her talking about urban planning and transit oriented development.

I'm sure as shit trusting proton over some random public network in a cafe setup by some random open reach engineer or something

Thank goodness someone explained that to me. I was startong to wonder if she was some sort of technology expert, or something.

Can someone share proton's response? I don't have a xitter account

Don't hire that contractor lol

This was poorly executed. The National Park Service twitter account does jokes well.

So I'm confused networking stuff has never been my strong suit, is this saying you can still be fucked on public WiFi even if you connect through a VPN?

"It's a prank bro"😅 but seriously as an IT guy I'm tired of pushing VPNs down our (collective) throats, not saying the threat isn't real but it's really overblown by the ads

Taking cybersecurity advice from someone called Hawk Tuah is modern day version of clicking banner that says find 40+ single women in your zip code

Well with https enforced and secure dns not much to worry about.

you gotta love the "lol joke" fall back. the same strategy used by generation of trolls

Mulvad.

Also - using someone who got famous by describing sucking dick seems quite weird :) Who wants technical advice from her?

The only effective antivirus program known to man is called a backup

The only real use case for VPNs is to bypass geo blocking on streaming sites, and the VPN providers know this. They also know that if they lean too hard into that, eventually someone will sue them and their business model will evaporate - so they add the "iT MaKEs yOu mORe SeCurE" nonsense as a fig leaf so they can say with a straight face that they operate a product with legitimate uses

Dude is completely right. VPNs are good against geoblocking but thats it. All VPN providers that claim not to log stuff are lying and if there are logs it doesnt make a difference privacy wise