- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
cross-posted from: https://infosec.pub/post/47299437
United flight 236 from Newark to Palma de Mallorca on Saturday night was forced to turn around just an hour after takeoff due to security concerns around a Bluetooth signal. Multiple Redditors claimed to be on the flight and reported that the crew repeatedly requested passengers to turn off their Bluetooth. According to one poster, […]
How so? I know many of the vpns sell your information, what if you have a trustworthy vpn, are you suggesting the traffic is compromised at levels before and after the vpn? I mean I know it is to some degree I just don’t know exactly.
Your traffic is already encrypted with https so yes, the “compromise” here is after the VPN.
I put compromise in quotes since in reality the system is working as designed. You need to use a end to end encrypted messaging app like Signal if you want your communications to stay private.
Your traffic is encrypted, but it is still possible to see what sites you are visiting without a VPN.
With a VPN, all your traffic will just be to the VPN server, and any logs of the sites you visit will sit with the VPN operator.
This is mostly true but I’ll add in some additional info.
Both QUIC and ECH make it harder to easily track what sites are being visited. Not all websites support these but maybe some day they will be standard.
Thank you for the response I value this information.
For the record, I suspect signal has a back door for the US government.
I can say with a very high degree of confidence that Signal does not have a backdoor. What’s far more likely is that you are a victim of a misinformation campaign. In reality there are many organizations that would prefer you that you use something that isn’t end to end encrypted.
That’s not to say that Signal is flawless as it does have some known weaknesses. The issue is that people tend to fall back to not using encrypted messaging at all which is much worse.
My mistrust is not based in anything new, just in a decades old knowledge that everything is compromised. Everything.