With DefCon almost here I'm seeing a lot of discourse around using burner phones and laptops while there. While I'm not going (one day) I am interested about the reasons for doing so other than peace of mind. Googling has shown me lots of examples of people asserting that you should bring burner devices, but never specifically why, other than rouge phone towers set up by attendees. I can get this one, but outside of sms and calls, shouldn't the rest be fine? Taking wifi for example, which is something I've only seen being told to turn off for 'obvious reasons'. From what I know, DefCon provide their own pre-authenticated network with proper certs in place, and if you don't like putting all your trust in tls (and you probably can't be blamed), surely a VPN would cover you for the rest? I'm not sure if this is a very stupid question or not, but as I understand if you're using a VPN it doesn't matter if attackers can somehow MITM you.
The only other point I've seen made are 0days on propietary hardware and software, and if we wanna assume hackers will burn their 0days for that then sure, I can understand a burner phone, as for laptops though if I run a full FOSS setup (libreboot+linux) then do I have anything to fear on this front either?