Michał "rysiek" Woźniak · 🇺🇦 on Nostr: Hot take: When I see general* "security advice" that mentions "do not use public ...
Hot take:
When I see general* "security advice" that mentions "do not use public WiFi" or "use a VPN", I am immediately suspicious about all other advice offered.
Yes, a decade ago that was a consideration, because most sites were not using HTTPS. Credentials were flying cleartext on the wire.
Today, almost all sites use HTTPS.
*) "general" meaning "without a very specific threat model in mind", meant for general public, etc.
#InfoSec
When I see general* "security advice" that mentions "do not use public WiFi" or "use a VPN", I am immediately suspicious about all other advice offered.
Yes, a decade ago that was a consideration, because most sites were not using HTTPS. Credentials were flying cleartext on the wire.
Today, almost all sites use HTTPS.
*) "general" meaning "without a very specific threat model in mind", meant for general public, etc.
#InfoSec