https:// together with VPN

MDKMDK wrote:

Bill.Satellite wrote:

mr. ed wrote:
I've been using a virtual private network (VPN) whenever I do any financial transactions on the Web. I was wondering, if a website is already secure (https://), does a VPN provide extra security? Or, does it not matter at all?

BTW, I usually use public networks, hence my question. Thanks for your replies.

You are going to get many (and many inaccurate) responses. Once you are connected to an HTTP(S) S being the important letter, you can enter any information securely without concern.

Unless someone set up a "man in the middle" intercept and is recording you with a packet sniffer.
https://security.stackexchange.com/questions/186238/how-does-ips-terminate-decrypt-encrypted-traffic
A man created encryption, and a man can decrypt it, too. Apple did it, and the FBI and others can do it as well, given the tools and motivation.

what you failed to mention is ips requires a root certificate to be installed on the pc/device, otherwise the device knows there was a interception of the certificate. point being they won't be able to do that, and you would get a popup indicating the certificate has changed.

wnjj wrote:
VPN also means a secure link between you and "the web". That gets you past the local open wireless network problem. Local hackers picking up your wifi signal wouldn't even be able to see non-HTTPS data. HTTPS data ends up doubly encrypted by the webpage and the VPN.

Using both is like a second lock. Needed? That's your call.

That makes sense to me. I'll just keep using the VPN since it hasn't caused any issues. I also appreciate the other respondents on this thread. :)

Bill.Satellite wrote:

mr. ed wrote:
I've been using a virtual private network (VPN) whenever I do any financial transactions on the Web. I was wondering, if a website is already secure (https://), does a VPN provide extra security? Or, does it not matter at all?

BTW, I usually use public networks, hence my question. Thanks for your replies.

You are going to get many (and many inaccurate) responses. Once you are connected to an HTTP(S) S being the important letter, you can enter any information securely without concern.

Unless someone set up a "man in the middle" intercept and is recording you with a packet sniffer.
https://security.stackexchange.com/questions/186238/how-does-ips-terminate-decrypt-encrypted-traffic
A man created encryption, and a man can decrypt it, too. Apple did it, and the FBI and others can do it as well, given the tools and motivation.

mr. ed wrote:
I've been using a virtual private network (VPN) whenever I do any financial transactions on the Web. I was wondering, if a website is already secure (https://), does a VPN provide extra security? Or, does it not matter at all?

BTW, I usually use public networks, hence my question. Thanks for your replies.

You are going to get many (and many inaccurate) responses. Once you are connected to an HTTP(S) S being the important letter, you can enter any information securely without concern.

The VPN is only as secure as the provider's servers and technicians make it. You have to be careful when choosing one. Not all VPNs are created equally secure. Not everyone from Switzerland or Sweden is honest and trustworthy.....
Also google "can VPNs be hacked" - many hits, and they aren't foolproof for all types of hacking, so don't think because you're using one, you're safe.

VPN also means a secure link between you and "the web". That gets you past the local open wireless network problem. Local hackers picking up your wifi signal wouldn't even be able to see non-HTTPS data. HTTPS data ends up doubly encrypted by the webpage and the VPN.

Using both is like a second lock. Needed? That's your call.

The VPN masks your location. The https keeps the internet in general from messing with your banking transaction.