What is an evil twin attack, and should they worry you? - Proton VPN Blog
protonvpn.com
Ewin attacks used to be a menace on public WiFi networks, but the widespread adoption of HTTPS has drastically reduced the risk.

Comment:

I thought this article gives a balanced view if we should VPN with a public Wifi network, instead of the normal VPN vendor selling fears.

Summary:

Evil Twin Attacks - Not a major threat anymore

What is it?

Evil twin attacks involve hackers setting up fake Wi-Fi networks that mimic legitimate ones in public places. Once connected, attackers can spy on your data.

Why was it scary?

Before 2015, most online connections weren’t encrypted, making your data vulnerable on such networks.

Why isn’t it a major threat anymore?

  • HTTPS encryption: Most websites (85%) now use HTTPS, which encrypts your data, making it useless even if intercepted.
  • Let’s Encrypt: This non-profit campaign made free website encryption certificates readily available, accelerating the widespread adoption of HTTPS.

Are there still risks?

  • Non-HTTPS websites: A small percentage of websites (15%) lack HTTPS, leaving your data vulnerable.
  • WiFi sniffing: Although not as common, attackers can still try to intercept unencrypted data on public Wi-Fi.

Should you still be careful?

  • Use a VPN: Even with HTTPS, your browsing history can be tracked by Wi-Fi providers and ISPs. A VPN encrypts your data and hides your activity.
  • Be cautious with non-HTTPS websites: Avoid entering sensitive information like passwords on such websites.

Overall:

HTTPS encryption has significantly reduced the risks of evil twin attacks. While vigilance is still recommended, especially when using unencrypted websites, it’s no longer a major threat for most web browsing.

  • @kittenzrulz123@lemmy.worldEnglish
    95 months ago

    Tip: If you want to hide your activity use a no logs VPN or even better, something like Mullvad. However, in the end you can’t get more private then tor.

    • KptnAutismusEnglish
      35 months ago

      once my expressvpn contract runs out, i’ll take a look at mullvad. seems to be the go-to around here.

      • @subtext@lemmy.worldEnglish
        25 months ago

        I can also recommend ProtonVPN. One of the few that still allow port forwarding (made easier when used in conjunction with Gluetun).

        • @felbane@lemmy.worldEnglish
          25 months ago

          Proton is also one of the few with proper P2P support, particularly helpful for those that are increasingly inclined to sail the seven seas.

      • @ProxyAEnglish
        75 months ago

        He was caught because the FBI was already seeking for him and knew who he was. He made mistakes that revealed his identity, Tor is not to blame here