You disable the VPN, they show “unprotected”, come on, I’m not really unprotected, why such a dramatic word, I just disabled the thing a little, I’m “disconnected” but it doesn’t mean I’m actually unprotected, the same way it doesn’t mean I’m actually protected if I’m using a VPN.
It all depends on what you’re supposed to be protected from. Vpns protect your Communications from being intercepted and keeps your location anonymous.
So you are in fact unprotected from being located identified and tracked. You are also unprotected from having your Communications intercepted by a man in the middle.
If you’re on a public unsecured Wi-Fi network you are totally exposed. If you are on your own router connected through an isp, the ISP knows everything you’re doing, and attaches your billing information to that data and uses it.
So I really don’t think unprotected is a scare word. It is an accurate description of your situation.
VPNs don’t prevent a device from announcing its real location. And they protect you from a MITM at the ISP but not at the VPN provider, so you just switch who you trust. VPNs also don’t do anything to help with the browser fingerprinting that companies use to track you around the web. From the point of view of the services and sites you connect to, all a VPN does is change your IP address, and the IP address may not be a big part of how they track you in the first place. VPNs alone do not improve privacy much at all.
What VPNs do is shield your traffic metadata from inspection by the network hops between your client and the VPN provider (though the content is almost always enxrypted even without the VPN), and change your apparent location for any service that is exclusively using IP-based geolocation.
You don’t need a vpn to protect yourself over a public wifi network. All modern website have HTTPS with certificates so the website can’t get spoofed and no one knows what your doing on that website. Modern browsers will warn you before entering a website without https or a certificate. Using an encrypted DNS like nextdns further protects you so no one even knows what websites your visiting.
Ok I’m not 100% sure if using an encrypted DNS does fully protect you from outsiders finding out which website your visiting, hopefully someone can correct me if I’m wrong.
The only problem I see with public wifi is the peer-to-peer nature of it. You no longer have the protection of a gateway if somebody is trying to be nefarious. They won’t sniff https traffic, but might attempt to connect to open services like an unsecured listener for the cat feeder.
In that instance, locking down the internet connection with a VPN would prevent an attack.
I’ve actually never really considered that. I guess all other apps also need to be secure or sandboxed or lack permissions to do anything although even then it seems like apps can just escalate permissions on there own without you doing anything.