So why do VPN services exist? Surely they must serve some purpose?īecause it's easy money. Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be. But how is that any better than a VPN service?Ī VPN provider specifically seeks out those who are looking for privacy, and who may thus have interesting traffic. I will not recommend any specific providers (diversity is good!), but there are plenty of cheap ones to be found on LowEndTalk. If you absolutely need a VPN, and you understand what its limitations are, purchase a VPS and set up your own (either using something like Streisand or manually - I recommend using Wireguard). However, in practice, just don't use a VPN provider at all, even for these cases. In the second case, you'd probably just want a regular proxy specifically for that traffic - sending all of your traffic over a VPN provider (like is the default with almost every VPN client) will still result in the provider being able to snoop on and mess with your traffic. You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters.a public airport WiFi access point, or an ISP that is known to use MITM), and you want to work around that. You are on a known-hostile network (eg.There are roughly two usecases where you might want to use a VPN: That can be anything from a useragent to a fingerprinting profile. Marketers will almost always use some kind of other metric to identify and distinguish you. Marketers have gotten wise to these kind of tactics, and combined with increased adoption of CGNAT and an ever-increasing amount of devices per household, it just isn't a reliable data point anymore. Your IP address is a largely irrelevant metric in modern tracking systems.
But I want to confuse trackers by sharing an IP address! And remember, the VPN provider can see and mess with all your traffic. From the VPN provider onwards, it is the same as it would have been without a VPN. When using a VPN, the only encrypted part of the connection is from you to the VPN provider. If the endpoint expects plaintext, there is nothing you can do about that. VPNs can't magically encrypt your traffic - it's simply not technically possible. Use SSL/TLS and HTTPS (for centralized services), or end-to-end encryption (for social or P2P applications). when your traffic leaves the VPN server). If somebody wants to tap your connection, they can still do so - they just have to do so at a different point (ie. VPNs don't provide privacy, with a few exceptions (detailed below). You're still connecting to their service from your own IP, and they can log that. But I pay anonymously, using Bitcoin/PaysafeCard/Cash/drugs!ĭoesn't matter. The reality is that most of their customers will either not care or not even be aware of it. They gave up their users years ago, and this was widely publicized. I'll believe that when HideMyAss goes out of business. But a provider would lose business if they did that! The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over. In short: the only safe assumption is that every VPN provider logs.Īnd remember that it is in a VPN provider's best interest to log their users - it lets them deflect blame to the customer, if they ever were to get into legal trouble. There is no way for you to verify that, and of course this is what a malicious VPN provider would claim as well. The VPN provider can see all your traffic, and do with it what they want - including logging. There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.īecause a VPN in this sense is just a glorified proxy.A Turkish translation can be found here, contributed by agyild.A Russian translation of this article can be found here, contributed by Timur Demin.It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does. Note: The content in this post does not apply to using VPN for their intended purpose that is, as a virtual private (internal) network. You're probably reading this because you've asked what VPN service to use, and this is the answer.
0 kommentar(er)
