Right now I’m in China and need to access things like financial investing accounts and tools, some of which are blocked by China’s Great Firewall.
The only VPN services that work reliably and are fast are from small Chinese or Russian companies. European or North American VPN companies always have unreliable connections.
Every time I use an online financial tool it’s after I’m logged in and through HTTPS, but all this internet traffic is sent through these Chinese or Russian VPN servers.
Do I have anything to worry about sending this potentially sensitive information through HTTPS encryption and having it land (or even stored unbeknownst to me) on these foreign servers?
HTTPS keeps your data encrypted, so it’s generally safe, but an untrustworthy VPN could still log metadata or traffic patterns. If possible, stick to reputable VPNs and use two-factor authentication for extra security. Always keep an eye on your accounts just in case!
This VPN would be used on a Windows computer. The particular Chinese VPN that I’m using uses their own Windows software client to connect to their VPN servers, BUT when I launch it, it doesn’t ask for administrative privileges.
Given this… does that mean it should be safe to use?
Gotcha. So even if the VPN service is *actually malicious* - they collect all the internet traffic on their servers for the purposes of stealing info - they won’t be able to decrypt any of the information that was sent through HTTPS (provided the certificate is valid)?
Ok, I was wrong. When I open their VPN app it asks if I want to let it make changes to the computer, so I need to grant it admin rights for it to work.