VPN Inquiry

[Lucky]

This is a tech question more than a Boytoy comment. But I have never used a Virtual Private Network and have no idea as to how to use one. Can anyone educate me? Do sites refuse people who use it? Is it really private?

[RA1]

VPN's do provide some protection.  Just sign up and enter the access information on your choice of VPN site.  

I have noticed two problems with them.  One, for some unknown to me reason, they drop your device.  Just access the site to quickly get back on.  Two, a cell phone paired with your car will lose that hand shake with a VPN in use.

Best regards,

RA1

[Lucky]

Thanks, RA1.

[RichPhilly]

Any recommendations for a free VPN?  

[nycman]

I’ve used PIA and I like it.

https://www.privateinternetaccess.com

[Lucky]

8 hours ago, nycman said:

I’ve used PIA and I like it.

https://www.privateinternetaccess.com

Can you tell me how you use it? What situations is it best for? Thanks.

[Latbear4blk]

Rather than to protect my privacy, I use it to dodge filters. For instance, if you hide you are from the USA, you can read the narrative reviews in Rentmen and see the escorts fees in other countries. 

[JKane]

Here's the thing Lucky, most of the promises the VPN providers give about making you safer are bullshit.  

Damn near every web page you go to is encrypted these days.  See that lock next to boytoy.com?  Means this text could not be intercepted on the way between me and the site, and restrictions are even stronger if you're dealing with passwords and especially CC numbers.  Somebody hacks boytoy (or a ecomerce site that has my info) they'll get my info regardless of if I used a VPN to connect to initially give them that data.  

Most importantly, almost all EMAIL is now encrypted too, if you go to gmail or mac.com you'll see the same lock.  Just make sure you're not using some old setup relying on pop3 or IMAP.  Their app on your phone or the web page will be fine.  

This wasn't the case before, but it is now, so as far as security, VPN doesn't do much at all.  Even when you're on a fishy network, now that almost everything from your browser is encrypted.  The only way to realistically defeat this encryption would be to have something installed on your computer (maybe a shady VPN app?).  

Privacy, on the other hand... it helps a bit.  Your ISP knows you went to boytoy.com, and most likely, so does your government.  However, I believe it's just the top-level site.  That you went to youtube (or youporn), yes, what you searched and watched, no.  Also, your ISP, your government, and many companies will impose restrictions based on location.  Netflix's selection is different here vs. Thailand.  You can't watch BBC content from their page in the US.  Can't search for Tienanmen Square in China.  

So a VPN takes all your traffic, encrypts it (usually again) and it comes out the other end at some other point you've set in the world, your local ISP can't read it at all, and it appears to come from whatever country you've chosen as the endpoint for this session.  

There's a problem here though... it costs real money to make possible on any scale and so how exactly is the VPN provider making a profit?  Turns out some are fronts for the NSA and similar.  If they have *all* your traffic, and especially if they got you to install something...  they have you.  

Also, your ISP can see you're sending data through a VPN tunnel, and may not allow that.  Many of the public networks the VPN tells you it's protecting you from... might not allow VPN traffic at all, hotel, aircraft and public wifi networks often have this restriction.  

And it slows your data down a lot, mostly because of the extra trip halfway around the world all your data goes on.  

Those endpoints are somewhat easy to detect and there aren't a lot of spare public IP addresses.  So some of the things you're trying to access (say BBC.uk) may have already blacklisted many of the enpoints in the UK.  

 

[speeddagger1]

On 4/14/2020 at 8:18 AM, RichPhilly said:

Any recommendations for a free VPN?

Touch VPN is good enough.

[petite4sian]

I'd recommend any VPN that has independent reviewers that audit the source code separately (PIA or NordVPN).

JKane is correct in majority of his comments;  however a good VPN will be able to encapsulate that data with valid headers that ISPs will not filter out while going upstream (multiple servers/proxies). VPNs also do help with security, in the form of encrypting data en-route and *can* prevent MITM attacks. Faulty networks without proper encryption (whether in the form of easily cracked WPA2-PSK keys, or an SSL/TLS downgrade attack) can give up sensitive data; don't be fooled by that security icon. One can easily use mitmproxy, sslsplit, or burpsuite and utilize trusted certificates to snoop data,. VPNs help against that.

I'd also suggest looking into the tor project. Another layer of security but don't think of it as a tool that will keep you 100% safe - only your judgment and tech savvy will prevent it.

[JKane]

Whatever VPN project you choose, you are giving them access to all your data, so be sure you actually trust them more than your ISP.  Free?  How exactly do you think they're monetizing providing you connectivity around the world plus servers in other countries...?  If you really want it, PAYING for an audited and well reviewed one IS your best bet.  Just as it is hackers' and especially governments' best bet to compromise that single point somehow and get all kinds of interesting stuff a lot easier than otherwise... 

 

Perfect illustration of VPN, do you trust the woman's mouth more than going directly?  

 

 

 

 

 

 

TOR is fairly secure but hard to use and easy to wander into places you don't want to be.  If you do at some point receive enhanced government scrutiny its presence will be a big red flag for further investigation.  

 

 

 

[tassojunior]

I'm not tech enough for crude VPN's but Newegg sells AVG's VPN for $10/yr for 5 machines and it's incredibly simple to use. My Czech friends can use my Netflix which automatically reroutes via VPN set to Europe to Netflix Europe with a choice of Czech subtitles or dubs, which are not available in the US. A big benefit is you escape US copyright rules so many seasons of shows that cost in the US are free and you can watch seasons that haven't even been shown in the US yet. 

A quirk is because of cookies, for a while you'll get ads from the country you were set to on everything. 

[petite4sian]

Jkane, not sure if you truly understand how most authentic VPNs operate using public and private key encryption from a certificate on the local network. It would essentially keep the data private, and some VPNs are known to have denied access to federal authorities by the law of plausible deniability. You can't read what you don't store in your database after the fact. That's the point of the independent audits, to ensure that there is no collection of metadata or anything else that would compromise your security.

I wouldn't trust any free VPN service, it's only a few bucks a month if you do value your privacy or need to flout geolocation blocks.

Government scrutiny wouldn't really matter because if you were being scrutinized, they would probably install malware remotely using RATs and using the top of the edge zero-days to exploit your system. Unless you were using Live CDs like Tails or Qubes, even then there are tons of different methods.... The NSA are a bunch of wizards.

It's specifically designed for researchers and political dissidents but people use it for bad stuff. As long as you don't do truly illegal and immoral shit, you don't have to worry about anything.