I mean without TOR/Proxies, what could a person (from their home PC) more safely do, and what ends up being not protected?
Lets ignore VPN provider logs and canary clauses, and lets ignore social engineering and/or using repeat passwords. I’m more interested in the limitations of the technology.
your browser may develop a recognizable fingerprint that a vpn will not obfuscate alone without additional help from various apps.
your hardware itself also has a signature even through a VPN, so you should consider using VM sessions to further obscure yourself.
WHERE a VPN provider is based is critical, as any 14 eyes country could be “legally” tapping or logging you at the provider itself.
VPN’s can and do drop - so you also need a client or separate tool that cuts off all IP traffic from whatever app you are making private.
never use PPTP as your VPN protocol.
now that I've made you paranoid - just keep the following in mind;
99.9% of posters here are protecting themselves from copyright infringement notices, not the nsa's counter terrorism division. since that's your concern as well, all you really need is ANY paid VPN which does a perfect job of masking your activity from your ISP - which is how any copyright troll is going to have to find you to try to shake you down for money. if such a notice does NOT come through your ISP, then it's being fabricated based on pirated data or email mining - so just ignore it. my 80yo grandmother get's trolled by name to pay fees presumably by "MicroSoft" every Month (thanks to god knows which major commercial database hack we read about in the news every quarter), and the only thing she's ever stolen online was a recipe for brownies.It won’t protect you from yourself. Your browser may still willingly give your information away. You might give it away yourself. Depending on the client used, you might be unaware that the VPN actually isn’t on anymore.
It may not be the same, but it includes what you’re asking for
Edit: I skipped the talk and linked you to the security talk
When using a VPN you send/receive packages through your VPN’s server. Assuming everything is set up correctly, even DNS requests should land with your VPN and no one else. That means, your ISP, router and other 3rd parties on your network (LAN) don’t know what IP addresses you connect to. They also don’t know the content of your packages since VPN connections are encrypted (so are many VPN-less connections - SSL/TLS).
What is that good for?
If you happen to use a lot of public wifi and don’t want the wifi provider to know what you are doing. Same goes for your ISP. This is even more important to many since ISPs sometimes have to log your usage (see the recent British law - happens in many more countries).
A VPN can circumvent blacklists and geo-restrictions, too.
By giving you a shared IP, your destination also does not know your real IP, it just sees the VPN one (this depends on your VPN’s setup).
However, VPN is relatively simple compared to TOR (which, via its layers, provides more anonymity)
A VPN will not protect you from most things. Basically, it prevents your ISP from spying on you and serving you ads and anything else, because your ISP only sees an encrypted connection to your VPN. So that’s good.
BUT your VPN now sees everything that your ISP would have seen. And they know who you are because they know your real IP address.
Instead of going you>ISP>internet, you’re going you>ISP>VPN>internet, and the “you>ISP>VPN” connection is encrypted, so the ISP can’t see shit other than that you’re connecting to the VPN.
So VPN’s are good for getting around region blocks and ISPs that block adult content, or for just having a secure connection on a public wifi – all of those things are good things. But you aren’t really “protected” in the same way that something like Tor protects you. Your VPN still knows everything about you that your ISP would know if you weren’t using a VPN. It’s just that most VPN’s claim to not log or monitor, and they usually don’t restrict anything.
I love my VPN. I use it on public wifi so I know I have a secure connection and am not being MITM’d with websites I visit. I use it at home because my ISP injects ads into unencrypted web content, throttles video streaming, and does some other shitty stuff. But I do NOT expect it to keep me anonymous or be private in any real tangible manner. My VPN provider claims to not log or monitor traffic, but I’m merely taking their word for that, I have no way to actually verify it.
I learned a lot reading this thread.
If used right, it will obfuscate the content of your traffic between you and the VPN server, so the peers on your network, and every node on the way to the VPN server.
In the server’s network, it could either be obfuscated or revealed, with chance pointing to the latter.
Past the VPN server, traffic will be revealed.
The above applies to all traffic going through the VPN. Does that serve as an answer?
I mean without TOR/Proxies, what could a person (from their home PC) more safely do
An internet relay service accessed over VPN will not really protect you at home; No matter what relay service you use, your traffic’s going to wind up on the Internet at some point.
Your major attack type that a relay service helps with is someone in physical proximity to you on your LAN could sniff your traffic or hijack your non-HTTPS connections, or track what domains/web servers you are accessing.
Assuming the VPN service itself is secure; the Relay service moves your local LAN into your provider’s datacenter.
All your connections are still subject to the potential of the same kind of attacks, even when using a Relay service over a VPN. If you access non-HTTPS websites, then your traffic can still be monitored.
However, if your connections are secure (HTTPS), you get a measure of privacy ---- since nobody should know what your IP address corresponds to.
This is what the VPN provider does for you ------- your Website browsing will come from an IP address that is not known to people around you physically, and only your VPN provider, Law enforcement, or someone with a Court order (Such as the type obtained to ID copyright infringers), should be able to trace the IP to your physical location…
This is just an outstanding https://play.google.com/store/apps/details?id=com.maw.proxy.vpn
Came across this from a post in /r/ukpolitics.
My concern is that I want to be protected from the UK from mass data gathering on me and to by pass the new censorship deal they are pushing onto ISPs. So a VPN won’t protect me from that?
99.9% of posters here are protecting themselves from copyright infringement notices, not the nsa’s counter terrorism division.
I think your estimation is low. id say more like 99.999% Myself included.
Exactly. I don’t give a damn about the NSA. But what about all these other folks with encryption? Who are they hiding from?
Remember, there are government agencies besides the NSA out there… Also, USA is not the only government that tracks internet users… (if it was, we wouldn’t care about 5/9/14 eyes…)
Let’s say it’s OpenVPN client (Linux/Unix/OSX) and you use Firefox (or heck, even Safari or Opera), and you use a firewall as a killswitch (let’s assume hypothetically it lets zero packets out when the connection drops).
I’m a bit confused about who knows what, and why I would do something like TOR>VPN>TOR or similar… Lets assume I’m Snowden, but I’m new to all this, k? Will a good VPN protect my location when people see my end activity? They can trace it back to the VPN, and they can find who has used that VPN (possibly in the specified time frame) which narrows the list and my name is on it. Bad news, but is that where it ends, or is there more?
Sounds like anyone who feels like they seriously need a VPN might as well not bother… Scary times…
I would add that you definitely should use a VPN on public Wi-Fi As most of them are open/un-encrypted and therefore if the application you are using isn’t using encryption the data being sent received can quite literally be sniffed out of thin air by anyone in range.
It’s also possible to do man in the middle style attacks to trick you into disclosing information such as a password.etc.
Thanks for this reply. Do you think a VPN would anonymise one’s traffic under the UK’s new data retention measures?
Except if the TOR nodes are controlled by a non-friend, and there are only 3 people using them at a given time, they can get your name on a short list…
I imagine it’s the same with VPN servers?
I get public wifi passwords when not using HTTPS (always dual authenticate anyway), but people use VPN on desktop computers and I almost don’t see the point, unless you want anon to the world but not to the govt, I guess?
My ISP throttles video, but my VPN experiences have been slower than unencrypted connections. I’m surprised to hear you can stream faster with VPN than without…