VPNs, proxies and privacy
Steffie last edited by Steffie
@tbgbe Amnesiacs Anonymous?
Oops, no obviously that's incorrect.
"Temporary Browser Profile Window". That describes exactly what it's doing and fits it into 4 words. You could probably just shorten it to "Temp Profile Window" or "Temp Browsing Window".
wognath last edited by
Thanks for a very informative article and interesting discussion. I will reread several times as head spins more slowly... For now, I have a question.
a VPN service on your computer encrypts the data, sends it over via the Internet to the destination VPN server
Suppose I'm connecting to a bank over hotel wifi, and I don't care who knows; of course, I don't want anyone to see my data. If the connection is https and the certificate checks out, then am I correct in thinking that a VPN adds little in terms of data security (tunnel within a tunnel)?
Morg42 last edited by
Nah, sounds like "offline browsing window"
- "isolated" because it has (almost) nothing to do with other windows?
I think this pretty much nails it. It use it mostly if I
- want to avoid extensions getting in the way (some sites I really want to use get me to disable duck and hide mode...)
- want other sites to not be able to get or give information to/from other sites
So for me, isolated is good. I like the ring :-p
Morg42 last edited by
"Temporary Browser Profile Window". That describes exactly what it's doing
I disagree. All my profile settings are still there, I even have access to saved passwords and extensions if I so like.
On the other hand, starting Vivaldi with a temporary browser profile (without touching my actual profile) might have some benefits, too...
@morg42 Good point. I hadn't considered the use case where you might want to use your bookmarks in a private window.
@wognath: In such a case, the VPN-as-a-proxy or secure web proxy would not really offer you much in terms of privacy. Yes, without it, other hotel guests (and the hotel, and governments) could see that your IP is connecting to the bank website, and they could therefore assume (correctly) that you have a bank account there. But maybe you choose not to care, so in such cases, HTTPS is enough.
Of course, if the bank insists on only allowing you to connect from [country] and you are in [another country], then a VPN-as-a-proxy or an anonymising secure web proxy could allow you to connect via [country] and allow the website to work, so there is a functional benefit if needed.
Morg42 last edited by Morg42
@tarquin Additionally, if - like so often - the hotel WLAN is not encrypted, any traffic not secured by (verifiable) certificates can essentially be read or manipulated...
Open WLAN are my main VPN use cases; getting into my home network from remote places is the other.
As both scenarios need more than just browser functionality, this always will be a system function, not a browser-related one.
@morg42: It really doesn't matter whether or not the WiFi is encrypted (after all, other guests are already using the same network as you and can normally see the same traffic). If you are using an insecure connection to a website, then an attacker can always intercept the connection. A VPN doesn't prevent that. It just means that the attacker needs to sit somewhere along the connection between the VPN and the website (see the diagrams above), rather than snooping on the WiFi. The most serious attackers are the ones operating at a national level or hosting provider level, not the ones on your WiFi.
Certificates cannot be manipulated unless the manipulator has access to a signing certificate which is trusted by your system (if they have that access, the entire trust system breaks down, and no connections are safe, with or without a VPN).
Steffie last edited by
am I correct in thinking that a VPN adds little in terms of data security (tunnel within a tunnel)?
Yeah, but conversely, with a VPN then once you complete your high-level international financial shenanigans, you can relax & watch Netflix rather than the lousy/expensive hotel service.
netwolf last edited by
Very good article! Comprehensive, yet not over-simplified.
franco23034565 last edited by
dragon.sails2 last edited by
Thank you for an article that explains VPN and is not marketing material.
What the disadvantage of disabling "Broadcast IP for Best WebRTC Performance" ?
@dragon-sails2 In short there's an increased "ping" time when using WebRTC because the IP is not broadcast so it has to request it, but it's more of an overhead than a constant operation. Meaning it will start slower, but again, it's just when using WebRTC that very few sites use.
But broadcasting leaks your real IP if you are under a VPN, so it has to be disabled on VPNs.
rafiki last edited by
"Disable any plug-ins which might reveal your IP address via other means."
Could you give us an indication of how to know if a plug-in might be doing this? What should we look for?
mib2berlin last edited by
Hi, first start with a private window as all extensions are disabled there.
If it work it is one of your extensions.
Get back to default window and disable all extensions, better delete them but is may a lot of work.
Enable extensions ono v´by one.
rafiki last edited by
@mib2berlin: Thank you. It was worth a try but my location is somehow still leaking out. I have been in discussion with my VPN provider and it's not certain that its the browser at all but perhaps my ISP. They are working on it, allegedly.