Is a zero-day exploit the only real remaining risk when using public Wi-Fi with fully patched devices and HTTPS?

I had a discussion about the risks of using public Wi-Fi. My point is that standard threats like basic Man-in-the-Middle (MITM) and sniffing unencrypted traffic are mostly neutralized by updated browsers, OS patches, and ubiquitous HTTPS usage. My two main questions are:

1)If a user uses these security measures (updated everything, HTTPS), is the only unknown and potentially successful attack vector left a zero-day vulnerability in the OS or browser? Or are there still simpler, non-zero-day methods for a hacker on the same public network to compromise a fully patched and HTTPS-protected device?

2)Is a VPN truly essential for security on public Wi-Fi, or is its necessity overstated by vendors? Since most of my traffic is already secured by HTTPS (TLS), what specific, high-priority, non-zero-day threat does a VPN actually defend against in this scenario?

submitted by /u/YuriRosas
[link] [comments]

from hacking: security in practice https://ift.tt/FkXTKen

TechScrapHeart

Search This Blog

Is a zero-day exploit the only real remaining risk when using public Wi-Fi with fully patched devices and HTTPS?

Comments

Post a Comment

​Is a zero-day exploit the only real remaining risk when using public Wi-Fi with fully patched devices and HTTPS?

Comments