• skuzz@discuss.tchncs.de
    link
    fedilink
    arrow-up
    5
    ·
    7 months ago

    You only use HTTPS everywhere until you don’t. It’s kinda like a security blanket to use a VPN in those situations. Someone could be running a MITM proxy and you’re dumb enough/in a rush/etc. and click accept on the expired cert. Or some new 0day vulnerability allows badness to happen without your knowledge. Even without being able to see your traffic, a bad actor could still see your DNS requests and narrow down what services you use for further targeting, especially if you frequent a place.