196

16087 readers

2036 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago

MODERATORS

[email protected]

qaz

[email protected]

842

thanks lain (rule) (lemmy.blahaj.zone)

submitted 1 month ago by [email protected] to c/[email protected]

90 comments fedilink hide all child comments

Source

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 48 points 1 month ago (3 children)

HTTPS solved much of the security issues of untrusted networks. As long as you're not doing banking or whatever, you should be fine without a VPN.

[–] [email protected] 43 points 1 month ago (2 children)

Why would banking be an issue? I get that its a target, but I really would expect a bank to take care of their TLS.

[–] [email protected] 19 points 1 month ago

Also i would expect banks to use some sort of 2FA where you have to manually confirm any transaction on your mobile device, or enter a code generated from there into your computer.

[–] [email protected] 7 points 1 month ago

No security measure is perfect. When doing security-sensitive things, it's better to wait when you're home on an uncompromised network.

But yes, the chances of something happening is very small, even when using an unknown network.

[–] [email protected] 19 points 1 month ago (1 children)

It should be fine as long you don't click through any SSL errors. And something like a bank should have HSTS enabled, meaning your browser will refuse to load the site if there's an SSL error.

[–] [email protected] 5 points 1 month ago

They don't let me choose a password longer than 6 characters. I don't assume anything about my bank's security.

[–] [email protected] 1 points 1 month ago

Personally I do a Tailscale tunnel to my home network, if nothing else but so that services don't log a hotel IP