Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] VPN?

On 2018-06-12 17:53 +0900 (Tue), Stephen J. Turnbull wrote:

> BTW, like Curt I wonder why you're using a commercial VPN service for
> "security" in the first place....
> It adds multiple points at which a
> MITM exploit can occur, unlike a direct TLS (HTTPS or SSH) connection.

To clarify, that assumes you're not using end-to-end security (TLS or
SSH) over the VPN, in which case the VPN makes no real difference.

End-to-end security is relatively easy compared to almost any other
alternative, which is why it's also generally a lot more secure.
(Difficult == insecure, basically, not only due to misconfiguration
but due to intended but wrong configuration when you make a mistake in
analyzing the system.)

TLDR: "Home" users (and many "business" ones) should be using VPNs for
connectivity (so they can talk to things they couldn't otherwise talk
to) and only TLS and SSH for security.

Curt J. Sampson      <>      +81 90 7737 2974

To iterate is human, to recurse divine.
    - L Peter Deutsch

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links