BeneCollyridam

Well, that is true. But to say that it does not protect against MITM at all is false. You cannot do simple MITM attacks anymore like you used to with HTTP.

If I remember correctly HTTPS does protect against MITM. It would require: Either a CA Authority to be compromised for a MITM to be possible. Or the administrator (or someone who has compromised your computer) to leak your keys Edit: I think this explains it better - https://security.stackexchange.com/a/8309

I usually love LTT videos but while watching this I had a few concerns: If this is an ad I think it should be stated clearly in the video, which I don't think it was? Your connection is already encrypted! (as long as you use HTTPS, which most websites do after let's encrypt). As someone said in a YouTube comment the only thing your ISP can see is the first part of the URL (e.g. "www.lttstore.com") UDP does not automatically mean that the connection will be faster as what TDP does is nessecary for a stable connection. You simply have to move the error correcting code to another "layer" Wireguard: you should always be sceptic about new programs that have to encrypt your data. It has been shown time and time again that obscurity is not a security measure and therefore you need to rely on tested methods e.g. OpenVPN. I'm not saying that wireguard can't do what it does, but simply that it is a new protocol and therefore more likely to have flaws. See these links for some opinions that aren't mine: https://restoreprivacy.com/wireguard/ or https://news.ycombinator.com/item?id=16326438 Cloudflare does not support EDNS - if this is good or bad I don't know. What I know is that some websites are not resolvable with 1.1.1.1 like archive.is Finally some concerns have been raised as to how much control we give Cloudflare. If you decide to use this now Cloudflare has this information instead of your ISP. If you trust them more, great. If not... well.