VPNs, proxies and privacy
-
Thanks for a very informative article and interesting discussion. I will reread several times as head spins more slowly... For now, I have a question.
a VPN service on your computer encrypts the data, sends it over via the Internet to the destination VPN server
Suppose I'm connecting to a bank over hotel wifi, and I don't care who knows; of course, I don't want anyone to see my data. If the connection is https and the certificate checks out, then am I correct in thinking that a VPN adds little in terms of data security (tunnel within a tunnel)?
-
@quhno said in VPNs, proxies and privacy:
- "disconnected"
Nah, sounds like "offline browsing window"
- "isolated" because it has (almost) nothing to do with other windows?
I think this pretty much nails it. It use it mostly if I
- want to avoid extensions getting in the way (some sites I really want to use get me to disable duck and hide mode...)
- want other sites to not be able to get or give information to/from other sites
So for me, isolated is good. I like the ring :-p
-
@lonm said in VPNs, proxies and privacy:
"Temporary Browser Profile Window". That describes exactly what it's doing
I disagree. All my profile settings are still there, I even have access to saved passwords and extensions if I so like.
On the other hand, starting Vivaldi with a temporary browser profile (without touching my actual profile) might have some benefits, too...
-
@morg42 Good point. I hadn't considered the use case where you might want to use your bookmarks in a private window.
-
@wognath: In such a case, the VPN-as-a-proxy or secure web proxy would not really offer you much in terms of privacy. Yes, without it, other hotel guests (and the hotel, and governments) could see that your IP is connecting to the bank website, and they could therefore assume (correctly) that you have a bank account there. But maybe you choose not to care, so in such cases, HTTPS is enough.
Of course, if the bank insists on only allowing you to connect from [country] and you are in [another country], then a VPN-as-a-proxy or an anonymising secure web proxy could allow you to connect via [country] and allow the website to work, so there is a functional benefit if needed.
-
@tarquin Additionally, if - like so often - the hotel WLAN is not encrypted, any traffic not secured by (verifiable) certificates can essentially be read or manipulated...
Open WLAN are my main VPN use cases; getting into my home network from remote places is the other.
As both scenarios need more than just browser functionality, this always will be a system function, not a browser-related one.
-
@morg42: It really doesn't matter whether or not the WiFi is encrypted (after all, other guests are already using the same network as you and can normally see the same traffic). If you are using an insecure connection to a website, then an attacker can always intercept the connection. A VPN doesn't prevent that. It just means that the attacker needs to sit somewhere along the connection between the VPN and the website (see the diagrams above), rather than snooping on the WiFi. The most serious attackers are the ones operating at a national level or hosting provider level, not the ones on your WiFi.
Certificates cannot be manipulated unless the manipulator has access to a signing certificate which is trusted by your system (if they have that access, the entire trust system breaks down, and no connections are safe, with or without a VPN).
-
@wognath said in VPNs, proxies and privacy:
am I correct in thinking that a VPN adds little in terms of data security (tunnel within a tunnel)?
Yeah, but conversely, with a VPN then once you complete your high-level international financial shenanigans, you can relax & watch Netflix rather than the lousy/expensive hotel service.
-
Very good article! Comprehensive, yet not over-simplified.
-
NIce article
-
@dragon-sails2 In short there's an increased "ping" time when using WebRTC because the IP is not broadcast so it has to request it, but it's more of an overhead than a constant operation. Meaning it will start slower, but again, it's just when using WebRTC that very few sites use.
But broadcasting leaks your real IP if you are under a VPN, so it has to be disabled on VPNs.
-
@rafiki
Hi, first start with a private window as all extensions are disabled there.
If it work it is one of your extensions.
Get back to default window and disable all extensions, better delete them but is may a lot of work.
Enable extensions ono v´by one.Cheers, mib
-
This post is deleted! -
This post is deleted! -
This post is deleted! -
This post is deleted! -
This post is deleted! -
@zoeyalex , try Proton VPN, not the fastest (due to double encryption and tunnel split) but good enough for streaming (~ 30-40 Mb / s), also in free version. Free version-no bandwith limit, no ads and no logs.
Swiss Made by científics of the CERN -
@Gwen-Dragon , I have not looked at the link that this user has put, sorry
-
This post is deleted!