I can enumerate the ISPs that have will-hand-your-traffic-over-for-general-vacuuming-up deals with the American government, and the ISPs worldwide that do some form of traffic editing on behalf of differently-repressive-than-the-US regimes, and I can go to Starbucks tomorrow and we can compare that proportion of ISPs to the proportion of people I find actively tampering with my traffic from the cafe.
You need to compare “everybody who has ever done anything malicious at a cafe” if you want to make a valid comparison to “all the ISPs in the world”. In the US nobody would be using an ISP that would be doing anything malicious in a cafe. “has deals with the American government” paranoia notwithstanding.
I am comparing the question, is my traffic being spied on by the ISP (in practice, passed off from the ISP to the NSA for sure and in practice maybe whoever else) actively as I’m running my connection, versus is my traffic being spied on by my fellow patrons. I would describe harvesting all my traffic and giving it to the government as “malicious.” That, to me, is more likely (I mean, more or less 100% chance, within the US) than someone randomly being at the cafe acting maliciously to the point of setting up a spoof DHCP server randomly during the time that I am there.
(Part of the Snowden revelations were that the NSA had deals with more or less every major data carrier to harvest in bulk more or less everything that goes over the long-distance internet.)
What percentage of people in the world do you imagine set up spoof DHCP servers at cafes? 1%? And what percent of their time do you imagine they spend doing it? I cannot possibly make the math work out to make it make sense unless the cafe literally has at bare minimum thousands of people in it at all times. I mean, sure, it’s worth making sure your VPN is secure against it.
I don’t really want to argue continuously back and forth about this for too too long. I feel like I’ve said what I needed to say to communicate my piece about it at this point.
I’m going to go ahead and say we just differ in what we consider to be “malicious behavior”. Yes, the NSA spying is bad, but they’re not “stealing credit cards bad”.
Okay, how much?
I can enumerate the ISPs that have will-hand-your-traffic-over-for-general-vacuuming-up deals with the American government, and the ISPs worldwide that do some form of traffic editing on behalf of differently-repressive-than-the-US regimes, and I can go to Starbucks tomorrow and we can compare that proportion of ISPs to the proportion of people I find actively tampering with my traffic from the cafe.
You need to compare “everybody who has ever done anything malicious at a cafe” if you want to make a valid comparison to “all the ISPs in the world”. In the US nobody would be using an ISP that would be doing anything malicious in a cafe. “has deals with the American government” paranoia notwithstanding.
What?
I am comparing the question, is my traffic being spied on by the ISP (in practice, passed off from the ISP to the NSA for sure and in practice maybe whoever else) actively as I’m running my connection, versus is my traffic being spied on by my fellow patrons. I would describe harvesting all my traffic and giving it to the government as “malicious.” That, to me, is more likely (I mean, more or less 100% chance, within the US) than someone randomly being at the cafe acting maliciously to the point of setting up a spoof DHCP server randomly during the time that I am there.
(Part of the Snowden revelations were that the NSA had deals with more or less every major data carrier to harvest in bulk more or less everything that goes over the long-distance internet.)
What percentage of people in the world do you imagine set up spoof DHCP servers at cafes? 1%? And what percent of their time do you imagine they spend doing it? I cannot possibly make the math work out to make it make sense unless the cafe literally has at bare minimum thousands of people in it at all times. I mean, sure, it’s worth making sure your VPN is secure against it.
I don’t really want to argue continuously back and forth about this for too too long. I feel like I’ve said what I needed to say to communicate my piece about it at this point.
I’m going to go ahead and say we just differ in what we consider to be “malicious behavior”. Yes, the NSA spying is bad, but they’re not “stealing credit cards bad”.