- cross-posted to:
- technology@lemmit.online
- crypto@infosec.pub
- cross-posted to:
- technology@lemmit.online
- crypto@infosec.pub
You must log in or register to comment.
This is the reason to use a VPN. Not to protect your identity, or to watch region-locked content, but to remove the need to blindly trust developers to always use best practice, and/or blindly trust the strangers that you share public networks with.
You have to instead blindly trust the company that runs the VPN, though. Some of them intentionally obscure who owns the VPN service given they’re often used for things like P2P and spam.
The best VPN is one you run yourself. If you’re on an insecure network like a coffee shop, you can route traffic through a known secure network like your home or a VPS/server you rent.
As 9to5Mac writes, the Passwords app was sending unencrypted requests for the logos and icons it shows next to the sites your stored passwords are associated with. The lack of encryption meant an attacker on the same Wi-Fi network as you, like at an airport or coffee shop, could redirect your browser to a look-a-like phishing site to steal your login credentials. It was first discovered by security researchers at app developer Mysk.
