I’ve been using one but I’m not sure what benefits I’m getting from it. I feel like the only thing happening is I’m adding a little bit of latency to all my requests for no reason.
Pros:
- Websites can’t see your real IP and thus can’t figure out your real location that easily
- You might also be able to blend in with other users who use the same VPN server
- Your ISP can’t see what you’re websites you’re connecting to
- Your Network operator (e.g. a coffee shop offering public wifi) and you’re ISP can’t see your unencrypted connections (e.g. HTTP, Telnet)
- You can bypass regional censorship or other forms of content unavailability
Cons:
- Your VPN provider can see everything you’re connecting to (but not the content if you use HTTPS, which thankfully has become very common), so you need to be able to trust them
- A good and trustworthy VPN usually costs money
- Slightly slower connection and higher latency
Things to look out for when choosing a VPN provider:
- No-log policy
- Regular security audits
- Open source client applications
- Private/anonymous payment options (crypto currency)
- Monero is the best option if you want to stay fully anonymous
- Minimal information required for signing up, ideally none (some providers don’t even require an email address, they just give you a random generated Account ID)
Mullvad is the gold standard for VPNs in my book
In the cons there’s also an increase of the attack surface since you’ll be using a program to run the VPN
On the pros, some offer DNS blocking
Wireguard and openvpn both have open source clients.
- Websites can’t see your real IP and thus can’t figure out your real location that easily
Most people in the US use it to avoid getting letter from their ISP from downloading illegal content.
Some people use to access other country content.
Some people use it to avoid ISP snooping their browsing habits
Genuine question: How can an ISP detect that someone is downloading illegal material if the actual content is encrypted using SSL/TLS? Is it all approximated based on the domains/IPs and the amount of data that is sent? If they can’t tell with a 100% certainty, can it be used as proof when trialed in court?
I’m not an expert but I’m guessing unencrypted DNS requests and potentially monitoring IPs of different torrents. DNS requests would show what websites a user is going to, and then you can always see peer IPs when connected to a torrent.
The links themselves are not encrypted, only the data packets
A few ways I’ve used it.
Odd, a site seems to be non-functional. (Enable VPN). Site begins to work. Oh, my ISP was fucking with me.
A site is stuttering. (Enable VPN). Magically works. Oh, my ISP was fucking with me.
The most annoying, my family’s Internet over the holidays was blocking my laptop from updating Ubuntu, enabled VPN, udpate went just fine.
In general, it stops ISPs from dictating if they approve or disapprove of your behavior. Hide what you’re doing and all traffic is just anonymous bits and bobs.
As it fucking should be by law… but in the US the conservative party continually repeals the law that enforces non-interference. So for now, we need VPNs.
I don’t think it’s the isp intentionally fucking with you and it’s probably more incompetence on their side.
My isp will occasionally have this issue and then after a few month everything is OK.
I’ve never felt the need to use a VPN at home. I’m not really trying to hide from my own ISP, nor obfuscate where my connections come from.
I do host my own VPN from my home network though. This allows me to access my self-hosted services without exposing them directly to the internet, as well as keeps my mobile devices behind my pihole dns servers so they always receive dns adblocking and access to private dns records (self-hosted stuff). This also keeps mobile traffic a bit more secure from snooping, particularly on public/corporate wifi networks.
Eli5 VPN: https://dnsleaktest.com/ Visit this site unsecured and it will display your general geographic location (county/region). Connect to your VPN and try again incognito and under most circumstances it will display the VPN location instead.
Example scenario: you are in Canada and connect to Netflix and are incredibly disappointed with the Canadian selection. You connect toa VPN from New York a few miles away and you get access to the full United States catalogue. (Netflix is fighting this)
Example 2: you setup your smart vacuum on your home network and being concerned about security, you disabled access outside your home. You can connect to a personal VPN you configure to “spoof” being inside the house while on vacation to modify your vacuum settings.
Vpns are also commonly used as “public transit” for users to obfuscate their identity.
Benefit: When you make a request against a website, they often put trackers on you including your operating system, browser application, and store data like your geographic location. Advertisers are tracking your history, sites are using cookies to charge more with dynamic pricing when you revisit, data brokers are selling that data. There have been use cased where whistle blowers are identified off that purchased data from known journalist meetings. There’s a lot of reasons to have a VPN, but never use a free one. Adding an extra jump to your VPN location is definitely adding latency, if you don’t need one, it’s just extra weight.
Tried it, it’s a couple of belgiums off, but not bad
i enjoy not getting threatening letters from my ISP about downloading shit.
It hides details on your traffic from your ISP, that’s about it.
Your ISP can really only see the domain names you visit, as HTTPS encrypts the other info like the path and actual content.
I find this Tom Scott video (YouTube) to be pretty good at explaining why you would want a VPN and why most marketing arguments are BS.
I’m not smart enough to explain the privacy benefits, but what I can say is that a vpn is so useful for getting access to region-locked websites. People usually mention that you’ll get access to exclusive Netflix content, but if you’re the sort to use a vpn at all, you’re probably not the sort to use Netflix anyway. With a vpn, I can use Tubi despite living outside the US, and novel-translation sites that refuse traffic from my country don’t even give those ‘verify you’re a human’ prompts.
Also, I can switch locations to a place with better upload/download speeds, so things that would before take at least 5 minutes get done in seconds.
You should consider your threat model first before using something without being unsure of the benefits.
If you’ve never thought about threat models, here are some questions to get you started.
- List the assets that require protection. (Like credit card info)
- Who might want to gain access to those assets? (e.g. Hackers)
- How can you mitigate the risks? (Updates)
You may have a lot to say, so write things down to clarify your thoughts. Once your threat model document is complete, it will be easier for you to figure it which tools you really need, and which ones are only nice to have.
If you don’t use VPN all your traffic will flow through ISP. That doesn’t mean ISP can see your passwords or anything. They can only see which website you’re connecting to given that you are using unencrypted DNS if you are using encrypted DNS with TLS Hello they can only see IP. The claims that VPN protects you from hackers in public WiFi is dead since all websites switched to HTTPS and HSTS.
By using VPN all of these details now won’t be visible to your ISP but they will be visible to VPN provider.
If you live in a place where LEA can’t kick down your door and arrest you for visiting website it deems illegal then using VPN doesn’t give you anything.
Of course even a lot of first world country have strict laws against piracy in that case VPN is good but if you aren’t pirating and live in a free country I’d suggest don’t bother with VPN unless you have other reasons.Another reason could be to access geo restricted content on Netflix and stuff
Another thing to keep in mind, if you are committing/suspected of any crime then LEA will definitely go through your search history, they can get this through your device if you’ve cleaned that up but use google account then they can ask google, or go to ISP and ask this, obviously if you’re in this category then there are better solutions like Tor I2P
There are other extreme examples where a cheap ad friendly VPN with no registration comes in handy. If you want to create a zero knowledge email. Most email provider will block you if you are trying to create account with ProtonVPN or from Tor, but if your route your traffic through Tor and then to an ad friendly VPN they mostly allow it cuz they think you’re a dumb dumb. Note - it is generally not recommended to use VPN over Tor.
Why is it not recommended to use a VPN over Tor? Doesn’t that mean the ISP can’t see you are connected to Tor?
No VPN over Tor means you first connect to Tor and then to VPN. This is highly discouraged because if someone can tie the VPN to you then they can bypass Tor entirely and get what websites you were visiting.
What you are suggesting is Tor over VPN, here you’ll first connect to VPN and then to Tor, this is less risky but still not recommended as using Tor is not illegal in most countries (remember US Navy built it initially and they and many other spy agencies still use it) also there are other better ways to achieve hiding from ISP. bridges were designed specifically for that.
Ok, so the ISP can see that I’m connected to the Tor network? Using Tor over VPN just adds one more layer of privacy, right? Tor isn’t illegal here; what I’m trying to achieve is anonymity on the internet.
You’re losing anonymity, when you log into your VPN through TOR
TOR gives you anonymity, but if you connect through TOR to your VPN, which you probably registered with some of your data (or maybe your real IP), all the hops through TOR are useless, because your VPN connection is associated with you.
It really depends on who you want to hide from.
If it’s your ISP, then connecting over VPN to TOR could make sense, when your ISP is restrictive regarding TOR. But that’s pretty much the only usecase I can come up with at the moment
Nice try FBI
you joke but even the FBI encourages vpn use
A VPN is something that, was created to let you remotelly access another network.
Say for example that you want to connect to your LAN from a coffee shop. That’s why they were created in the first place.
Now, they were popularized as something else.
The benefits of the nowadays VPNs are mainly privacy and piracy related.
The reasons most people use a VPN are essentially:
-
Hide your traffic from your ISP. (By doing so, you are allowing your VPN provider to see everything you do while connected. Just like your ISP would, if you weren’t)
-
Hide your real IP behing one of your VPN’s server. (Usefull for torrenting and keeping anonymity)
-
Bypass geolocation restrictions. (e.g Watching U.S Netflix from Europe)
Do note that, if ypu are going to route your traffic through a VPN, you are giving your provider access to your online activities.
Choose your provider wisely!
Choose a VPN with a strict no logs policy, RAM only servers and strong privacy policies. (Open Source if you can).
Reputable names in the VPN world are Mullvad and Proton VPN.
Avoid the traps of budget VPN or highly advertised ones!
The benefits of the nowadays VPNs are mainly privacy and piracy related.
Piracy is actually not the reason to use a VPN, pirates use a VPN to be anonyme and not to pirate content.
Similar as you would not say a hammer is a tool that can be used to hit something and not a hammer is used by construction wormers and burglars.
Agree to disagree.
It is a main reason to use a VPN, that’s for sure.
It is not the only one, but any pirate in countries like Germany that does not use a VPN is cooked.
But other solutions work also. And all of those provide anonymity and are not a VPN. For example I2P, TOR and Seedboxes in other countries may even be paid anonymously.
Pirates use anonymity in order to avoid being detected, and those tools provide anonymity.
-
Just for privacy reasons?
I can decouple the traffic fingerprinting of some sites, like amazon, youtube, reddit, etc.
And because I have a squid proxy router through the vpn set up via a couple of docker containers, I have a firefox container to always send the traffic over the proxy which allows me to easily search for stuff outside and inside the vpn.Aside from that I also use the proxy to send requests in scripts over the vpn so my real IP doesn’t get rate limited.
And what VPNs are actually for: looking for geo-blocked content.i don’t want ppl to know my business, is what i tell most ppl to keep it short and sweet, haha