It’s not just Regime ISP’s.
For example, As a Canadian, I really don’t need my government knowing what sort of torrents I’m downloading.
TOR is good, but it’s also incredibly slow. Without a VPN TOR isn’t really anonymous either since the governments control so many exit nodes.
Except a lot of exit nodes are controlled by the US government
Making it about your average Joe changes a lot. Because yeah, it won’t help much at all in those cases. But a vpn is absolutely one step (among many) if you’re concerned about preventing your internet activity from being seen.
Confirmed: 1 delta awarded to /u/UnovaCBP (6∆).
[1](https://www.reddit.com/r/changemyview/wiki/deltasystem) ^| [2](https://www.reddit.com/r/changemyview/wiki/deltaboards)
Browser fingerprinting is actually not very reliable at all, especially for mobile devices.
This delta has been rejected. The length of your comment suggests that you haven’t properly explained how /u/CommunicationFun7973 changed your view (comment rule 4).
DeltaBot is able to rescan edited comments. Please edit your comment with the required explanation.
[1](https://www.reddit.com/r/changemyview/wiki/deltasystem) ^| [2](https://www.reddit.com/r/changemyview/wiki/deltaboards)
Deltas are for people who change your view. Not for people you agree with. Awarding another delta to somebody that you agree with is very likely to get this whole post pulled.
Sorry, u/lazzzzlo – your comment has been removed for breaking Rule 4:
Award a delta if you’ve acknowledged a change in your view. Do not use deltas for any other purpose. You must include an explanation of the change for us to know it’s genuine. Delta abuse includes sarcastic deltas, joke deltas, super-upvote deltas, etc. See the wiki page for more information.
If you would like to appeal, review our appeals process here, then message the moderators by clicking this link within one week of this notice being posted.
Please note that multiple violations will lead to a ban, as explained in our moderation standards.
I’ve had my Ebay account stolen 3 times in a row.
I mean sure, but even with a VPN, they know which VPN you use. Knowing a user uses X vpn and has Y fingerprint is a great tracker.
Not to mention that torrenting over tor is just a huge dick move due to the amount of bandwidth you’re taking up
Already acknowledged Torrents. But, not what average joe is doing in a coffee shop trying to stay safe from hackers. And, just replied to one about Tor being controlled by the US (and most likely the Five Eyes), in short: if you’re doing something to get you in trouble enough for the US to whip out their tor exit nodes, you’re probably a horrible human (as of the laws now)!
And a lot of VPNs are subpoena-able. There goes logless logs. (SOME ARENT I KNOW, commonly advertised ones? Yeah)
Either way, if you’re doing illegal enough shit where they (the US govt in this case) gotta break out the tor exit nodes, you’re probably a horrible human!
(and they are probably owned by the Five Eyes)
“Internet activity” being an IP going to another IP. Woah!
Edit: plus, are you really ever doing anything other than web browsing in a cafe on public WiFi, like the question says?
Sounds like you need a better password, and to check the new password on haveibeenpwned. Oh, and maybe also check for client side malware?
I can guarantee that it’s not from public WiFi. eBay has HSTS, enforcing an encrypted connection, and it’s in your HSTS Preload List, so a DNS spoof couldn’t have worked. (Unless of course, you skipped the big red “danger danger” page that chrome shows you when certificates are invalid)
Okay, coffee shop is a great example.
Using public wifi is a great way to have your credentials stolen. There is absolutely nothing stopping a Coffee shop from scraping all of your data. SSL will cover you for most things you do, but not everything.
It’s also really, really easy to SSID spoof over a public hotspot, and scrape everything connecting users are doing.
You say “there is absolutely nothing stopping a coffee shop from scraping all of your data”, and then bring up a major one stopping them: HTTPS.
Give me one example of a hack worthy website that runs over HTTP. Just one. And also, anywhere that has a card payment is required to follow PCI DSS, which mandates encryption; so, it’s nearly impossible to steal a credit card number.
SSID Spoofing? You run into all of the same troubles as a regular MITM proxy: HSTS (forces SSL connections), DNSSEC (less used, but still helpful), client side detection and warnings, certificate validation, etc.
Do people really think running a WiFi hotspot really just magically lets them see unencrypted traffic? 