You probably don't need a VPN
(www.spacebar.news)
from corbin@infosec.pub to technology@lemmy.ml on 01 Jan 2024 19:23
https://infosec.pub/post/6674165
from corbin@infosec.pub to technology@lemmy.ml on 01 Jan 2024 19:23
https://infosec.pub/post/6674165
threaded - newest
The article is correct that most VPN ads are full of lies, but that doesn’t mean that people don’t still need them.
Exactly.
Yes, it hides your IP, but that’s not all that important if you have a competent ISP or firewall on your router in terms of security (it’s more important for privacy). Yes, it (usually) encrypts your traffic, but so does pretty much every website, and adding a second layer doesn’t meaningfully improve things.
VPNs are important for privacy, that’s it. They change where your traffic appears to come from so people (attackers and servers alike) can’t tell where you’re accessing it from. That’s it, and that’s a pretty important thing, especially in this day and age with swatting and whatnot.
I happen to agree, but want to add that the thesis is “most people don’t need a VPN,” which is arguably true. Most people simply aren’t that interesting, and aren’t at risk of being individualky targeted by a motivated adversary or hostile nation state. As long as they’re using HTTPS while doing so, most people no more at risk shopping online, reading email, doing Social Media, or conducting banking at a Starbucks than they are in their own living room. That threat picture looks like DNS profiling, MAC address harvesting, maybe browser user agent fingerprinting, or DHCP device fingerprinting. Just run-of-the-mill data harvesting, and usually only for market research. Most apps rely on TLS or SSL which is generally secure, but leak info at the lower level utility protocols like DNS and DHCP. If you didn’t disable DNS over HTTPS (DoH) on your device and otherwise follow reasonable online hygiene, your data and gour identity is likely secure¹.
Now: be a journalist, activist, organizer, politician even of local school board stature, dissident, expat or artist/performer of any notoriety, and congratulations! You have a complicated threat picture! Proceed to Go, retain a trustworthy IT firm, and work with them to furnish and maintain a private OpenVPN or Wireguard service on your behalf at a public VPS, also being sure to do your diligence and ask for a copy of their certificate of insurance from their cyber insurance underwriters.
Anyway, unless a person has a technical reason to access private resources, or has a more-than-mundane threat picture in their life, a VPN is just a waste of overhead.
– ¹ Not you, T-Mobile user.
.
Depending on your local laws it might not be an issue at all.
VPNs are not the security panacea that marketers would have you think they are. Using a VPN does provide some obfuscation as to your origin, but it does change your trust model. The VPN service provider may tunnel your traffic through your ISP to hide data from the ISP, but now it’s visible to the VPN service provider instead.
There are plenty of use cases for a VPN, but just like any other technology or service, you need to know what it actually does so you know what it actually achieves or doesn’t achieve.
Whenever I hear this argument
I always have this ready as a counter argument
Tracking/profiling for Ads on the internet happen en masse; you are just one of a million data points that build a profile - it doesn’t care whether you as an individual are interesting or not".
Also, most “interesting” people were once not interesting at all. It’s naive to think that data gathered on us in the past cannot be used in the future.
The big issue right now is that VPN services servers IP are getting massively banned from multiple platforms. There should something new araise to help on this.
Tor Browser is both free, and a hell of a lot more secure.
Tor browser is not free. The cost is externalized. It is run by people who see value in the community.
If you use mullvad, or safing spn, your paying directly to support the network without externalized costs. Both are good options.
If you have the means, and ability, I highly recommend donating to run a Tor node or running one yourself.
donate.torproject.org
Makes sense. I don’t use Tor for much of anything, just have an awareness of it, but I do donate money to lemmy.world and SDF for pretty much exactly this reason.
A good use for a VPN is getting around CGNAT, however what most VPN providers have is useless for that because they don’t allow client to client or inbound connections.