Are VPN services a scam? (nordVPN, expressVPN, dashlane VPN)

I want to apologize in advance for any grammar/spelling mistakes, I am not an English speaker.

Lately, a lot of YouTubers are getting sponsored by these big VPN-companies. In these ads, the companies make a big deal about not getting hacked on public networks and just protecting you from being hacked overall.

In these youtube ads, they claim to protect your passwords on public networks. For example, they claim that they protect your banking information or whatever while shopping online. But if you are on a public network and you are using a website with SSL/TLS (I don’t know the difference) nobody can see your password am I right? They can see what sites you’re going to and stuff but not your passwords correct?

They also make a big thing about websites not being able to track you. Of course, they can’t track you by your IP but if you have an account on a website they can still track you and if you don’t delete your cookies and that kind of stuff they can still track you via cookies/local storage if I’m not mistaken. So the claim about not being tracked isn’t 100% true.

I’m definitely not a hacker or an expert on this stuff that’s why I came here. I know a little bit about the web en its security so every time I see these ads I feel like they are selling half a lie to people who don’t know better. I to get your opinion on this, not everything they try to sell you is false or a lie but still.

As I said, I’m not an expert on this please prove me wrong!

A VPN does improve your security and will hide your location and IP. Since it provides a secure tunnel, makes it so someone can’t sniff your traffic. But it utilizes the same security measures as you would without one as far as SSL/TLS goes. If you click a wrong link, or download something malicious, you’re still in trouble.

vpn is just a layer , more layer you have more security you add .

No,VPN is not a scam. It provides security via obscurity for your personal data. There are a few other things you should do like

- Install noscript

- Install Adblocker(Ublock)

​

​

As far as keeping your PC safe from hacking, no, it will not do anything for that.

​

Come visit us at /r/StopTheBlock

There are a some good questions and theorems in your post. I really appreciate some “good” content in this sub!

First: SSL vs. TLS. For everyday use you can use them as a synonym and everyone will understand what you want to say. If you want to be correct, you would use TLS, because SSL is the “old” name (before some specification it went through I guess). Versioning is a little tricky, though: There was SSL 1, 2 and 3, but TLS 1.0, 1.1, 1.2 and now 1.3, but TLS is “generally” newer than SSL.

As for the VPNs:
I think this is mostly “main stream advertising”, which is not plain false, but also just some oversimplification of the real problem. Take the credentials sniffing: I don’t have any untrusted root CAs installed (at least I’m not aware of any, haha) and I expect my smartphone to transfer like 95% of my data encrypted using some “good practices”. So I’m likely not being sniffed (or at least not an easy target). I use an auto-on VPN in unknown networks because, honestly, I have no idea what the remaining unencrypted 5% include. So the advertising of being “100% unsniffed” is not generally false, but if you don’t have/use it, you would still be at a very high percentage.

Here comes trust into play: When using VPN you’re just moving the problem. If you don’t trust your VPN provider or use a shitty free one, they will still be in the situation to gain access to the remaining unencrypted traffic. Also the more you use it, the more they can make tracking profiles and collect data about you and your surfing behavior. Even though everything is encrypted, without TLS 1.3 you will likely use SNI and still tell everyone what webpages you access unencrypted.

Next thing about tracking: There are some VPNs blocking connections to tracking companies altogether. This is a really cool thing, because they will do it on a very low level (OSI Layer 3 I guess) and it’s possible to block ads and trackers in places you usually can’t use an AdBlocker (such as In-App Ads). So yes, while you’re probably being way less tracked, you are still connecting to a shady VPN maybe, which still will collect lots of data about you and sell them.
Another problem is your “friendly social networks”. Since most users still want to be able to post some cute cat pics to their already-annoyed friends, you will probably end up with your favorite social networks being not blocked. It’s also those networks that probably track the most out of you and collect as much data as they can.

In the end you can say: There are shady VPNs, I even suspect most of them are shady, but there are probably not much scam VPNs out there. There is just a lot of bullshit advertising to get digital strangers to buy their services, even though they only get limited benefits out of it.

Depends on the VPN… Some are truer to their pledge of no logging than others. Hard telling which ones might have deals with FBI, etc…

So far i can tell, after looking for a VPN for weeks, i just see 2 VPNs i would recommend: Mullvad and Cryptostorm. Both are Open Source and dont need any personal information at all.

If we consider how the NSA used a self owned VPN service offered worldwide (shell company under false name), to catch shadowcrew member Max BUtler (AKA Iceman) through the snitch/turncoat Albert Gonzales

NSA makes fake vpn service to catch shadowcrew - ONe member called ‘Max’ escaped the net. Always keeping a low profile in the ShadowCrew site, Max felt something was changing for the worse. The site had added a new administrator who was offering a VPN, virtual private network, where members communicate in private for a price. “But VPNs have one well-known weakness: everything transpiring over the network has to be funneled through a central point, unencrypted and vulnerable to eavesdropping.” (Poulsen 113) Max had written a program called Privmsg that could reconstruct an IRC chat on a hacked honeypot. This looked very close to Max and he didn’t trust the new administrator Albert “Cumbajohnny” Gonzalez. Max was right, Cumbajohnny was an informant for the Secret Service. The VPN was their equipment and were able to track down several of the other carders. Cumbajohnny even managed to take down the rival site CarderPlanet and even his own site was now closed.

NSA List of fake VPN’s (omitting their own shell companies of course, whichare also fake, honeypots to catch nefarious people with)

https://ddanchev.blogspot.com/2022/01/exposing-currently-active-free-rogue.html

​

If the Shadow Brokers’ leak of NSA files is legit, as is now all but confirmed, they have offered a glimpse into how the intelligence agency exploited security systems created by American tech vendors. And one of the vulnerabilities has offered proof of just how the US’ finest digital spies were able to snoop on encrypted communications, in particular those provided by Virtual Private Networks (VPNs).

I rolled my own VPN, but not for security or privacy, but to connect my home, work, and mobile (latop, phone) to the same network.

I consider the VPN ads that claim public wifi to leave you vulnerable to be nothing more than FUD. If you’re using TLS/SSL to do your banking or whatever, no one is going to sniff your stuff unless you’re REALLY bad about ignoring security warnings.

VPN are not scams but as far as you need paid ones are only if you really need them. Every here is expected to be a white hat. In this case get a free one because so long as you have consent it’s not illegal. I can’t advocate for black hats here but if you were one get a paid one. They are better in general. I prefer the ones that reset every minute or so, that way traces are next to impossible. Vpns are only a part though. Make sure your settings are okay. Also don’t click links and have a good anti virus. Malwarebytes is a decent one for being free but it’s not perfect. If you need a paid one I can’t offer suggestions as I am poor as well.

I agree with other commenters that VPNs do provide increased security on a public network. However, I don’t see any real answers to the poster’s question about SSL/TLS.

​

Suppose I use an unencrypted wifi network at a local coffeeshop. I open my browser and navigate to mybankwebsite.com. My bank is using modern TLS encryption over https. I enter my username and password, and browse my account. What are the risks of this behavior?

I think this would be pretty safe, though not 100% risk free. It’s possible the bank website has a bug so it handles encryption incorrectly. The bank website could be behind on installing the latest security patches for TLS or its web server. I might have not upgraded my browser to the latest release, or it might have a known security bug. Or there could be a flaw in TLS which is not yet widely known, but which an attacker can use to intercept my password. Using a VPN could protect against these risks from anyone snooping on the wifi traffic, so it’s a good idea to use. But practically speaking, I think that the odds of any of these flaws being used by an attacker at the coffeeshop are extremely low.

I lived in China where VPN is a must. 2 years ago, purchased PANDA VPN subscription. It did not work, so I deleted the account, emailed Panda VPN and requested refund. Not only I did not get any refund but Panda VPN kept charging me for 2 years. I lost about USD200 already. I kept contacting them but they don’t care

vpns are probably a failed liberal policy. I’m serious. Ever since norton added vpns to their service we’ve been having problems with having to turn the vpn off because on my computer I can’t connect to most sites because they detect the vpn is on and woln’t open the page except to explain “we detected you’ve got a vpn on… turn it off”.

Also I just had to do the same to my moms laptop because it was jockeying her entire internet connnection on the device by turning the norton vpn on and off repeatedly. I think my mom reported like 100 dollars more charge on her internet and I bet it was because the vpn was turning on and off.

My mom had a health problem and is currently walking on a walker due to a stroke or seizure or something(I’m not a doctor I don’ know this stuff and I’m not gonna ask her for the word.

Point is VPN’s are TOTALLY a scam. You’re not legally supposed to track someones connection like a vpn does it should have never been a thing to have a vpn because vpns as a concept just don’t work. Republicans like trump should totally shut down the vpn service industry and repeal the digital millenium copywrite act because its just more Democrat grifting.

Please don’t take this down I need to vent about this stuff and I feel everyone is ignoring this issue.

No, they are not a scam as they provide a legit service.

Yes in the form that they provide security or privacy.

It just provide one form of privacy, any server can still see your screen size, fonts installed, user agent, extensions installed, language, etc

And may use webRTC to see your internal ip ( CIDIR 24 ) .

Qua security its a little mixed, protocols like IKE can be MITM’d by tools like fiked ( fake ike ), and they are often blocked on public networks by a sysadmin.

Of course it does nothing on intercepting payloads unless they use a dns blocklist, which can easily be skipped by DGA tools.

It’s good if you want to watch Geo-Restricted content on for example Netflix (or if you live in Russia or some other Chinese state), also its good for the public WiFi as you already said (even though everything is going through HTTPS today).

The thing is, the VPN company is just another middle man that can sniff your data / information and can sell it to third parties. There are some VPNs that claim that they don’t log anything, but if you trust them you may get fucked.

I thought using a VPN goes through their servers
So a professional hacking group would probably be interested in all those using that server

dont go to websites that are bad(porn, executions, etcetera) and that will lower your chances of being hacked or receiving malware. Its not 100% foolproofbut it definitely helps. Vpns are good, but nothing is completely safe

Vpns can help with security. But https does almost the same thing. If the site uses https, then they cannot see anything you do on that site from just network packet sniffing. Sites already use newer methods like fingerprinting and cookies to track users. All a vpn does is hide your connection inbetween your computer and the vpn service. So the vpn service can be required by law to share user data with the government. So vpns arent a magical solution to any security problem. They just make your connection a bit more anonymous.

Not to mention that most websites use this thing called “fingerprinting” now which doesn’t use your IP to identify you.

Ok why does it show your location on google then😂

Why never sign into google?