Originally Posted by
PaperQueen
A little paranoia isn't a bad thing.
About a year ago, I was updating a website over what I thought was a secure FTP connection. Turns out it wasn't--my bad for clicking the wrong box. Within 24 hours, every page of our site was littered with reams of text advertising black market pharma, as was the subdomain on the same account/server. The break in occurred overnight, from an IP in Ukraine.
And where was I during my update? In a Delta Skyclub--the only connection I'd made to the server from outside the office in six months.
Doesn't take much to get my attention--better to be overly cautious than under-informed.
Thanks to everyone here who so kindly cleared things up with answers.
"A little paranoia" is like saying you're partially pregnant. There's a difference between prudent security and being paranoid.
Certainly, I'd only use SSL connections or SSH tunnels to my home router for anything remotely sensitive on a public network. But just getting a conflicting IP is not a cause for concern. You may very well get a similar occurrence on your next flight while using VPN. It won't mean your VPN is compromised or anything.
As has been mentioned, VPN won't make your logins more secure for sites that use SSL anyway. It will prevent people on open wifi networks from hijacking your session cookies on sites that do not use SSL. But VPN is also only as secure as your VPN provider. Remember that they will see all your traffic. I trust AT&T or Comcast much more than some random hosted VPN provider, which is why I do SSH tunnels back through my home router. This also has the advantage of being free.
As far as your website editing story...spooky! This is why we use SSL/SSH, as you're well aware.
Apparently someone in the Delta club had a compromised computer.
My $0.02.