This question is asked every day in the privacy and cybersecurity subs.
It’s fine. I’ve had a nice time ranting about this on the Internet a lot this week lol. Go wild, use public WiFi. There is a very very very small risk that there may be some sophisticated person targeting you specifically who’s going to follow you to a café in the hope you’ll use their WiFi so they can see what website you visit. Is it likely? No. Been yonks since it’s been an easy or effective attack vector.
Use public WiFi.
Only caveat is if you are on company time, on their devices, use their company VPN to access their data or you won’t get in.
But otherwise? Use public WiFi, it’s fine.
Risk likelihood is low.
Once you connect to a public wifi you’ll be assigned with an IP and anyone on the same wifi can see your IP and reach it. Let’s say your device uses an outdated service e.g. chrome or safari or any service and there’s a zero day associated with that service then you’ll be easily compromised.
As long as you don’t have venerable programs (or OS) listening on the network interface, you’re generally pretty safe.
Sounds like you’ve been listening to too many express VPN ads IMO.
One of the things I love about my UniFi dream machine is the easy client vpn setup. Any concerns with the network I am on I just turn that guy on. No need to pay for nord or anyone else.
As long as you’re using https and you don’t accept any certificates from it, you’ll generally be fine. There is risk of course. But it’s not as high as has been made out to be. VPN makes it a lot safer. There was a whole thing with lots of security experts talking about how the risk has been blown out of proportion for the general population.
You’re more likely to have your banking info stolen with malware from an app you installed on a whim than from a scary hacker running a pineapple at the local Starbucks.
Download Wireshark and take a look at the packets being sent on a public network, you’re extremely unlikely to see anything that isn’t encrypted and Chrome will have a big red line through the “http” in the URL bar if you’re on a site where your traffic isn’t.
The destination of your packet is public, though, so if you’re going to imdoingsomethingillegal.com someone can see that and they’ll also see your MAC address attached to the request.
I knew a guy who used to hang out at panera an use their free wifi and use cookiecadger on wireshark to log into people’s facebook and post that they shouldnt connect to panera’s wifi
It’s high risk, not recommended without additional protections.
I never use public WiFi I turn my WiFi off everytime I leave my house
Never unless you have nothing to lose.
While using HTTPS helps protect your data, it’s not foolproof on public Wi-Fi.
Be aware of DNS hijacking, where hackers can redirect you to malicious websites.
For better security, use a VPN. Avoid sensitive transactions on public networks to minimize risks.
If you have VPN it’s usually safe.
No it’s actually even more dangerous than in the past because of new types of tools and attacks. Use a VPN.
As safe as a bar of soap and socks
While you’re on the right track by using encrypted DNS and using port 443 HTTPS they’re still security implications you should mitigate if possible. Man in the Middle (MitM) and rouge AP (evil twin) are still a risk. Adversaries can intercept your traffic (DNS and HTTPS) and capture metadata of your activities. Attackers can also force your traffic to downgrade to HTTP (HTTPS Striping). DNS Leaks is also possible downgrading to the less secure DNS protocol.
Also connecting to a rouge AP introduces other vulnerabilities not related to HTTP and DNS.
TLDR: Just use a trusted VPN or don’t go to sensitive sites. Avoid auto connecting as well.
Yes 
I also have some land on sale in Arendale that has amazing views of fjords