more VPN Insecurity

https://gergelykalman.com/why-you-shouldnt-use-a-commercial-vpn-amateur-hour-with-windscribe.html https://educatedguesswork.org/posts/public-wifi/ thx @jermanuts for the public wifi link #1 (comment)
beerisgood · Apr 14, 2024 · 2fb0a4e · 2fb0a4e
1 parent 04a7b7b
commit 2fb0a4e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/README.md b/README.md
@@ -28,7 +28,7 @@
 * Messenger (problems): [Whatsapp's Backups](https://sudneela.github.io/posts/the-workings-of-whatsapps-end-to-end-encrypted-backups/), [Signal's Sealed Sender](https://www.ndss-symposium.org/ndss-paper/improving-signals-sealed-sender/), [Telegram](https://portswigger.net/daily-swig/multiple-encryption-flaws-uncovered-in-telegram-messaging-protocol)'s [*Cryptanalysis*](https://www.cryptofails.com/post/70546720222/telegrams-cryptanalysis-contest) [security](https://blog.bytebytego.com/p/ep29-online-gaming-protocol#§is-telegram-secure), Three Lessons from [Threema](https://breakingthe3ma.app/), [Converso - how to uncover extraordinary claims](https://crnkovic.dev/testing-converso/) 
 * Browser Insecurity: [Pale Moon](https://seirdy.one/notes/2022/06/01/pale-moon/), [ungoogled-Chromium](https://qua3k.github.io/ungoogled/), [Brave](https://www.spacebar.news/p/stop-using-brave-browser)
 * [SMS phishing](https://www.bejarano.io/sms-phishing/) is way too easy
-* [Don't!](https://gist.github.com/joepie91/5a9909939e6ce7d09e29) [*use*](https://superuser.com/a/926524) VPN services. Use [MPRs](https://invisv.com/articles/relay.html)
+* [Why](https://gergelykalman.com/why-you-shouldnt-use-a-commercial-vpn-amateur-hour-with-windscribe.html) you [shouldn't](https://gist.github.com/joepie91/5a9909939e6ce7d09e29) [*use*](https://superuser.com/a/926524) VPN [services](https://educatedguesswork.org/posts/public-wifi/). Use [MPRs](https://invisv.com/articles/relay.html)
 * [avoid](https://blog.sekoia.io/luckymouse-uses-a-backdoored-electron-app-to-target-macos/) Electron [*based*](https://www.malwarebytes.com/blog/news/2022/08/a-vulnerability-was-found-in-electron-which-is-what-drives-discord-spotify-and-microsoft-teams) [programs](https://blog.doyensec.com/2022/09/27/electron-api-default-permissions.html)
 * [Matrix](https://archive.is/bPrxT) [*InSecurity*](https://archive.is/lqtLl), [concerns](https://anarc.at/blog/2022-06-17-matrix-notes/) and big [potential metadata issues](https://blog.erethon.com/blog/2023/06/21/what-happens-when-a-matrix-server-disappears/)
 * Phishing [with](https://mrd0x.com/phishing-with-chromium-application-mode/) Chromium's Application Mode