Comment Re:My comment from yesterday (Score 1) 58
Is especially relevant here, You shouldn't be using a VPN that neither you nor your employer control. The attack vector of compromise of the VPN provider (or it being plain malicious as it is here) is far worse than the near-useless-in-2024 security benefits of using a commercial VPN provider.
Still, marketing persists and tech people cling to their NordVPN!
Third party VPNs are fine, as long as you understand they are a security risk not a security mitigation. They're a minor security/privacy risk, on par with the security/privacy risk posed by your ISP. If all of your traffic is end to end encrypted (e.g. TLS), then that's not a serious problem. If some of it isn't encrypted... you should fix that ASAP, and using a third party VPN is not a fix.
Third party VPNs are good for region shifting and that's about it.