VPN recommendations

[snowdenscold]

Technically you need to use some private DNS to obscure your URLs (which can contain personal information) as well, I think.

DNS exposes domain names. The full URL portion is in the HTTP request, and will be encrypted by HTTPS (HTTP over TLS).

Basically, if I go to hxxps://www.example.com/questions/3456/my-document?key1=value1&key2=value2

Anyone in your network path (MitM attacker, your ISP, your VPN provider) will see DNS request/responses and know you went to www[.]example[.]com
If you use a DoH provider, they instead will know you went to www[.]example[.]com

But only the example.com web server is going to see the "/questions/3456/my-document?key1=value1&key2=value2" information.

[Skydog]

Yes, we regularly conduct online banking and credit card transactions, but only when using our home network or our mobile wi-fi network connected directly to Verizon -- not when using a public wi-fi, even if routed through the VPN. We don't do anything on our devices when connected to a public wi-fi that we would be concerned about our VPN provider (or anyone else for that matter) seeing. Our main reason for using a VPN when traveling is to reduce the likelihood of picking up malware, spyware, etc. And so far, for us at least, the Kaspersky VPN has been effective for that purpose.

I'm not trying to promote the use of Kaspersky or any other company, but merely sharing our experience in response to the original poster's request for advice and recommendations. I don't profess to be an expert, so if I've said anything here that is erroneous or misleading, I welcome corrections and clarifications from those more knowledgeable.

I was in your shoes, liked Kaspersky, switched to Bitdefender because well, Putin, and now love Bitdefender. Even more than Kaspersky. Make the switch and you won’t need to think about it anymore.

[-jk]

There's one other thing to note about public wifi that I forgot to mention earlier. Often they're poorly configured, and you're sharing a local network with everyone else who's connected along with you. At home or work, you generally share a LAN with known people and their devices, all collectively behind a firewall, reducing your risk exposure. On proper public wifi, you can't see anyone else's traffic. On the poorly configured ones, everyone sees everyone else and you have no clue who might be sharing that space with you or what they might be doing. Or what malware is on their machine scanning for open ports, trying to sink it's teeth into yours. (Windows does give you the option to declare a LAN as "public", which closes some of those ports.)

Ultimately, managing IT security and privacy is about balancing risk/exposure with convenience/usability, and we all have to draw our own lines. I'm careful with my own stuff, generally choosing to use my phone as a hotspot whenever it has a usable signal. Mrs -jk works in a high profile office; their systems are very tightly managed.

Make sure you stay current on all your updates, don't use stuff no longer being updated (glaring at you, Android!), and keep your brain engaged. Or get off the internet altogether. As Joshua said, "Strange game. The only winning move is not to play."

-jk

[CameronBornAndBred]

There's one other thing to note about public wifi that I forgot to mention earlier. Often they're poorly configured, and you're sharing a local network with everyone else who's connected along with you. At home or work, you generally share a LAN with known people and their devices, all collectively behind a firewall, reducing your risk exposure. On proper public wifi, you can't see anyone else's traffic. On the poorly configured ones, everyone sees everyone else and you have no clue who might be sharing that space with you or what they might be doing. Or what malware is on their machine scanning for open ports, trying to sink it's teeth into yours. (Windows does give you the option to declare a LAN as "public", which closes some of those ports.)

Ultimately, managing IT security and privacy is about balancing risk/exposure with convenience/usability, and we all have to draw our own lines. I'm careful with my own stuff, generally choosing to use my phone as a hotspot whenever it has a usable signal. Mrs -jk works in a high profile office; their systems are very tightly managed.

Make sure you stay current on all your updates, don't use stuff no longer being updated (glaring at you, Android!), and keep your brain engaged. Or get off the internet altogether. As Joshua said, "Strange game. The only winning move is not to play."

-jk

Solid points, except for the very first. I don't think they are "poorly configured", in fact I think it's pretty impressive what a public network can do. On the whole, they are optimized for efficiency.
And as the rest of your post points out, security be damned. Take your chances. (I take mine all the time, but then again I'm usually browsing Facebook, which is always so way secure on its own. )

[Stray Gator]

I was in your shoes, liked Kaspersky, switched to Bitdefender because well, Putin, and now love Bitdefender. Even more than Kaspersky. Make the switch and you won’t need to think about it anymore.

Done.

[FUBARDoorBuster]

Given the current environment in the US, USSR,excuse me Russia, this article addresses some of my concerns. I think I will be signing up ...
https://www.washingtonpost.com/world...source=twitter
Not sure if this worked so, ... try yourself. The Comment field was ... educational. Especially with recent Supreme Court meditations. The right to privacy is .. in the air?? Prove me wrong!!

[Acymetric]

Given the current environment in the US, USSR,excuse me Russia, this article addresses some of my concerns. I think I will be signing up ...
https://www.washingtonpost.com/world...source=twitter
Not sure if this worked so, ... try yourself. The Comment field was ... educational. Especially with recent Supreme Court meditations. The right to privacy is .. in the air?? Prove me wrong!!

Certainly not a bad idea, but to avoid a false sense of security keep in mind your data sent over VPN is only as secure as their willingness to defy government orders (any government really, not just the U.S.).