Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] VPN?
- Date: Tue, 12 Jun 2018 20:16:06 +0900
- From: Curt Sampson <cjs@example.com>
- Subject: Re: [tlug] VPN?
- References: <1528618310.1210498.1402669344.48BE87D7@webmail.messagingengine.com> <23327.35367.500399.767355@turnbull.sk.tsukuba.ac.jp>
- User-agent: NeoMutt/20170113 (1.7.2)
On 2018-06-12 17:53 +0900 (Tue), Stephen J. Turnbull wrote:
> BTW, like Curt I wonder why you're using a commercial VPN service for
> "security" in the first place....
> It adds multiple points at which a
> MITM exploit can occur, unlike a direct TLS (HTTPS or SSH) connection.
To clarify, that assumes you're not using end-to-end security (TLS or
SSH) over the VPN, in which case the VPN makes no real difference.
End-to-end security is relatively easy compared to almost any other
alternative, which is why it's also generally a lot more secure.
(Difficult == insecure, basically, not only due to misconfiguration
but due to intended but wrong configuration when you make a mistake in
analyzing the system.)
TLDR: "Home" users (and many "business" ones) should be using VPNs for
connectivity (so they can talk to things they couldn't otherwise talk
to) and only TLS and SSH for security.
cjs
--
Curt J. Sampson <cjs@example.com> +81 90 7737 2974
To iterate is human, to recurse divine.
- L Peter Deutsch
- References:
- [tlug] VPN?
- From: David J Iannucci
- [tlug] VPN?
- From: Stephen J. Turnbull
- [tlug] VPN?
- Prev by Date: [tlug] VPN?
- Next by Date: Re: [tlug] Kernel Panic has visited -
- Previous by thread: [tlug] VPN?
- Next by thread: Re: [tlug] VPN?
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |