VPN - a Very Precarious Narrative

Discussion in 'privacy technology' started by mood, Apr 8, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    12,928
    VPN - a Very Precarious Narrative
    April 8, 2019
    https://schub.io/blog/2019/04/08/very-precarious-narrative.html
     
  2. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    380
    Mullvad accepts payments in cash and does not require you to enter a password or even an email. Instead, they use really long unique user names.

    Also, I feel the article is being kind of misleading on this logging critique. The only question that matters is: Can the VPN connect an action to an account? With OVPN for example, the answer is no, since they are not legally forced to store any information of this.

    Also, only the police could hope to have a chance at getting your true IP/identity in cases like these. This means if you're only into sharing culture, a VPN is anonymous in the sense that getting extortion letters has a 0% risk of happening.
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,644
  4. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,842
    Location:
    Stockholm Sweden
    Good info there for not so tech savvy people, if it is right. I for one was under the impression that VPNs DID encrypt the traffic.
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,644
    Huh? Of course VPNs encrypt traffic. But only as far as the VPN exit, of course. The rest is up to the site being accessed.
     
  6. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    635
    It's not bad writing. Most of the stuff are correct.

    VPN was originally meant to just connect two private networks (often home and/or corporate LANs) over unsecure, unencrypted network (aka Internet).

    So in that way, the VPN salesmans are kinda perversing the original idea.
    We had proxies, even encrypred ones (like SSH tunnel and HTTPS CONNECT method), long before VPN came along.

    It's also true that many nowadays are behind NAT even if they are not aware of it.
    It would be very hard for mobile operators to handle subscribers otherwise.

    Windows folks with USB modem plugged in can just start cmd and give "ipconfig /all" command and check the adapter IP address and then google "whats my ip" and compare them. If any NATin is in operation the two are different.

    Linux folks can do ifconfig or any other zillion ways of finding the adapter IP.

    And like @mirimir above mentions VPN is not end-to-end encryption scheme. Neither is Tor. When doing ordinary web surfing (not instant messaging with your WhatsApp, Signal, etc...) only the HTTPS is the only true end-to-end encryption scheme currently in the big bad Internet that we have. Everything else have the last mile unencrypted link problem (Tor, VPN, SSH, encrypted DNS etc...).
     
  7. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,136
    A minor point/comment from several posts on this thread. The assumption that when using TOR the "last mile" thing is a problem. Many sites I use are TOR all the way using 6 servers where my browser controls the first three and the site controls the final three. There is NO open road on such a connection and the two ends of the tunnel will never know who the other is. Just saying!
     
  8. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    635
    Can you give more details of that setup ? I always thought that ordinary Tor network uses just 3 hop circuit (entry/guard node, middle node and finally the exit node) o_O
    I don't understand how could you conceal your traffic out of the exit node, except of course, if the site you are visiting is itself inside Tor network (aka hidden service)
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,644
    He's talking about using onion services. Users and servers both have standard three-relay circuits, which meet at rendezvous relays. So seven relays total. That is, unless the server opts for one-relay circuits. That gives better performance, at the cost of zero anonymity. For the server, that is. Users still have normal three-relay circuits.
     
  10. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,310
    Location:
    Here, There and Everywhere
    Some pretty good discussion there. But I have to scream when I read people talk about loading up on extensions while using a VPN to block this and block that, and another to cook breakfast, it drives me crazy. They need to go back to basics. Is there a bigger risk to accept that cookie - or hand over everything an extension has access to (real data, filenames and all)? Too many just accept all those permissions "needed" for an extension while paying money to remain private with a VPN. Keep it simple or realize that many of these extensions have absolute spying abilities while in use on a VPN. Of course, I don't need to tell the above to you, Mir, but so many in that discussion just let that go by with nary a word.
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,644
    @LockBox - True. But I'd never rely on a VPN service at all if I were also using the same machine (let alone, the same browser) without the VPN. As you say, there are too many ways to leak.
     
  12. BriggsAndStratton

    BriggsAndStratton Registered Member

    Joined:
    Aug 28, 2018
    Posts:
    53
    Location:
    A Galaxy Far Far Away.
    He did not mention that ISPs (in the U.S at least) have a horrible record of tracking and selling the sites you navigate until he was called on it. VPNs are a great way to stifle them from doing that.

    VPNs should be forced to let consumers know what they protect against and what they don't protect against. I use a VPN simply to encrypt my traffic at the local level knowing that once it leaves the vpn services that everything is normal again, duh.

    On a normal computer, for example you have services that will ID you, like an email app, will ping its servers for mail, and by doing so, it will identify you after the vpn endpoint, so what? As long as you know that is going on.

    My use case is just mainly to stifle my ISP, and public WiFi, beyond that, I have not taken any measures to assert my anonymity.
     
  13. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,310
    Location:
    Here, There and Everywhere
    Couldn't have said it better.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.