Often I hear from people in my circle, and on the web, about the efficacy of VPNs in protecting personal data and digital identity. I am skeptical! The thing I learned is that as long as you are online, your data is exposed. So, can any cyber-security professional helps me to understand the concept of VPNs, from a technical POV, and whether they are really what people assume them to be? Thanks!
VPNs solve a few specific and important types of threats, but they’re not the be-all and end-all of network security.
The biggest thing that VPNs do is that they prevent eavesdropping and tampering of your traffic from actors on your local network and provide a layer of indirection to hide the origin of your network traffic from the host you’re communicating with. They don’t provide strong anonymity (the VPN provider itself still knows your location and knows what sites you visit), but if you don’t trust the network you’re on, they can be a good control to frustrate a specific adversary. Similarly, if for some reason you don’t want the remote site to know your origin, a VPN masks that and lets you appear to be coming from the VPN endpoint rather than your home IP.
There are some other advantages (e.g. can make your traffic flows resistant to metadata anlysis and things like that), but those are the two major ones.
I will note, that if you don’t care about where your traffic seems to come from, then Tor is pretty much better than a VPN in all cases and it’s free. And, if you need to have a specific traffic source, you can always connect to Tor and then route your traffic through a VPN afterwards.
The main use is changing your geolocation so you can access sites and media that are not available in your country. In terms of security it could prevent a man in the middle attack on public wifi from seeing unencrypted pages, but if it’s an unencrypted page it’s probably not super important. It could also help if your ISP throttles data to certain sites like YouTube. If that’s the case you could get better speeds since your ISP wouldn’t know which site you’re visiting. In theory it makes it more private when you are logged by a site but if someone really wants to find you they can despite using a VPN.
Allot more needs to be done now with our changing world to be anonymous. Any hacker worth their salt can find your address, I’m not even a hacker anymore I could still crack through a vpn
There are loads of vpns that keep your data and sell it to third party’s they either have it in small print or don’t inform you about it .
Then there is weather they report your name as a VPN user depending on local government rules .
Then there is how effective the VPN is do to how many servers you can bounce from .
I went into the rabbit hole a bit and had to take a break .
I think I’m going rabbit hole diving again
If you have 100,000,000 influencers trying to get you to buy something, that should be an indicator that thing is totally useless and frivolous. If you had a good reason to get a VPN, you wouldn’t need to ask this question.
Agree with most of what you said. Would add:
If you’re using HTTPS, you already have some protection. But who knows if all the background services (updaters, cron jobs, etc) and non-browser apps in your system are using HTTPS (TLS) ? Occasionally you will have to turn off the VPN to access some site, but that’s pretty rare in my experience.
Some benefits of using a VPN:
-
hide some info from your ISP, a company which already knows far too much about you
-
hide info from other devices on your LAN, and your router, which is especially important if you’re on public Wi-Fi
-
make it a little harder for web sites to track you, by hiding your home IP address from them
-
defeat geo-locking by some sites
-
some VPNs provide malware-site blocking, ad-blocking, parental controls features
-
maybe add multiple jurisdictions/countries in the way of anyone who wants to DMCA or sue you
Sign up for the VPN without giving ID (easy to do), always use HTTPS for all sites, and use OS’s generic VPN client.
But I disagree with:
Tor is pretty much better than a VPN in all cases
Except Tor/onion is more likely to be blocked by web sites, has lower performance, and doesn’t support UDP.
Two things: Can you kindly confirm the notion that using the web will always reveal user’s data, in some form or another? If that’s so, the web can never be completely safe, right? Then why all this hard work and protestation over privacy?
Also, what is Tor? Is it a browser or a specific web protocol implementation client which needs to be installed and works on any browser? Much appreciated, thanks!
Thanks, but my experience with using TunnelBear or Windscribe, or most VPNs as a trial before deciding to buy, is that they actually slow-down the speed of the internet. How can I get better speed in VPNs?
That is exactly the thing that worries me about the sanctity of so-called safe VPNs! What I believe is that as long as you are online, your data is exposed at all times - in some form or another. Am I right?
Sorry, I should have been more clear. I was speaking specifically about security. To rephrase: if you specifically care about the security (and privacy) of your connection, in almost every case Tor is as good or better than a VPN.
No, you can absolutely use the web without revealing data. It’s gotten harder on the modern web, but it’s possible. It involves care and using the right tools, but it’s possible.
One other thing to consider is that “privacy” is not a yes-or-no thing. Privacy is a spectrum. For instance, there’s a lot of things I’m happy to share with my doctor or my lawyer that I wouldn’t share with my friends. But there’s a lot of things I’ll share with my friends that I wouldn’t share with my doctor or lawyer. Privacy is about control over your data and how much you choose to disclose.
To answer your second question, Tor is network of proxies that most people connect to using the Tor browser (https://www.torproject.org/download/). It works by routing your connection through three proxies in sequence.
The entry (or “guard”) node knows who you are, but not what site you’re trying to visit. The middle node knows the entry node and the exit node, but knows nothing about your identity or the destination of your traffic, and the exit node knows what site you’re trying to visit, but nothing at all about where your traffic came from.
One advantage of using the Tor browser is that it also does several other privacy-preserving things, such as turning off Javascript by default and blocking media content that might send information about your browser or connection to someone else.
If someone is educated enough yes but it’s not like the movies finding the hackers capable often work for the government or you would just know. White hat hacking is a lot more common bc it’s gotten much more lucrative. Not everyone is attacking you anymore you have to be a specific target
I was specific about the daily web traffic by many users, regardless of a selected celebrity. That traffic is also subjected to a hacker’s attention, right?
Say you are a target by someone. How can i protect myself or find out who they are?
They seem to know where i am and what i do on my phone