[Is VPN essential for online privacy & security?]

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Topic Author
Samosa22
Posts: 501
Joined: Tue Dec 31, 2019 9:51 am

[Is VPN essential for online privacy & security?]

Post by Samosa22 »

Edit: Based on feedback/questions, the first question seems to be whether VPN is a requirement for online security and privacy, so I have modified the title accordingly.

I plan to buy a VPN package. A bit of googling suggests that the following three VPN providers are good options. They all seem to have deals expiring soon (hmm). Question to folks who regularly use VPN; which one of these (or any other) provider would you recommend? Thanks!

1. Express VPN -> $6.67/mo, contract length 15mo
https://www.expressvpn.com/order

2. Nord VPN -> $3.71/mo, contract length 27mo
https://nordcheckout.com/?product_group ... f1c8b3c105

3.Surfshark -> $2.21/mo, contract length 27mo
https://order.surfshark.com
Last edited by Samosa22 on Fri Jan 01, 2021 4:13 pm, edited 1 time in total.
Diversification is protection against ignorance - WB.
DoTheMath
Posts: 671
Joined: Sat Jul 04, 2015 1:11 pm
Location: The Plains

Re: Which VPN would you recommend?

Post by DoTheMath »

I use Mullvad and am quite happy with them.

That said, most people don't need a VPN.
“I am losing precious days. I am degenerating into a machine for making money. I am learning nothing in this trivial world of men. I must break away and get out into the mountains...” -- John Muir
bob60014
Posts: 3768
Joined: Mon Jul 31, 2017 8:59 pm
Location: The Land Beyond ORD

Re: Which VPN would you recommend?

Post by bob60014 »

Nord.

What will you be using it for?
exigent
Posts: 1309
Joined: Fri May 07, 2010 8:49 am

Re: Which VPN would you recommend?

Post by exigent »

I use Nord. You can usually get a nice chunk of the cost back via Rakuten (formerly eBates), too.
Soon2BXProgrammer
Posts: 3289
Joined: Mon Nov 24, 2014 10:30 pm

Re: Which VPN would you recommend?

Post by Soon2BXProgrammer »

Nord also has 36 month packages that are cheaper per month.
Earned 43 (and counting) credit hours of financial planning related education from a regionally accredited university, but I am not your advisor.
mkc
Moderator
Posts: 3294
Joined: Wed Apr 17, 2013 2:59 pm

Re: Which VPN would you recommend?

Post by mkc »

We use ProtonVPN
User avatar
ThereAreNoGurus
Posts: 970
Joined: Fri Jan 24, 2014 10:41 pm

Re: Which VPN would you recommend?

Post by ThereAreNoGurus »

DoTheMath wrote: Thu Dec 31, 2020 2:30 pm I use Mullvad and am quite happy with them.

That said, most people don't need a VPN.
I use Mullvad as well.

This is a good site for researching VPN's:
https://www.safetydetectives.com/best-vpns/
Trade the news and you will lose.
User avatar
sunnywindy
Posts: 655
Joined: Sat Jan 18, 2014 3:42 pm
Location: Central California

Re: Which VPN would you recommend?

Post by sunnywindy »

I use Avira Phantom VPN for $4.95 a month. Only need it for a few months to watch the Greatest Sporting Event Ever....The America's Cup!!!
Powered by chocolate!
mjb
Posts: 189
Joined: Sat Nov 30, 2013 10:43 am

Re: Which VPN would you recommend?

Post by mjb »

I use Nord. Great for when I am on public, hotel, etc wifi.
mcraepat9
Posts: 1827
Joined: Thu Jul 16, 2015 11:46 am

Re: Which VPN would you recommend?

Post by mcraepat9 »

Mullvad
Amateur investors are not cool-headed logicians.
angelescrest
Posts: 1730
Joined: Tue May 27, 2008 10:48 am
Location: West Coast

Re: Which VPN would you recommend?

Post by angelescrest »

Soon2BXProgrammer wrote: Thu Dec 31, 2020 2:45 pm Nord also has 36 month packages that are cheaper per month.
+1
mrb09
Posts: 899
Joined: Wed Aug 03, 2016 9:02 am

Re: Which VPN would you recommend?

Post by mrb09 »

Use Nord on IOS and occasionally OS X, no complaints. I have it off most of the time but use it on public wifi.
gtd98765
Posts: 952
Joined: Sun Jan 08, 2017 3:15 am

Re: Which VPN would you recommend?

Post by gtd98765 »

The wirecutter has reviews; https://www.nytimes.com/wirecutter/revi ... n-service/
As more people’s work and personal lives go digital, online privacy and security become increasingly important. A virtual private network, or VPN, can be a useful part of your security toolkit. But the industry is riddled with false promises and shady businesses. After sorting through dozens of VPNs and reviewing six security audits, we think the best option for most people is Mullvad, an open-source VPN that is not only trustworthy and transparent but also fast and reliable.
I recommend reading especially the "trusting a VPN" section - depending on what company you choose, you could just be substituting one eavesdropper for another.
Puzzled777
Posts: 8
Joined: Tue Dec 22, 2020 9:31 pm

Re: Which VPN would you recommend?

Post by Puzzled777 »

ExpressVPN is an in-memory solution, so even if the servers are compromised - there is no logs - as I understand from online reviews.

Also, consider if you can bundle with Kaspersky to save money ( no way affiliated - great parental controls and they have a VPN) - though confusing to purchase ..

I personally use expressvpn from time to time.
go140point6
Posts: 174
Joined: Thu May 07, 2015 3:31 pm

Re: Which VPN would you recommend?

Post by go140point6 »

There is so much biased advertising disguised as "reviews" for VPN solutions. I used to used Nord but didn't renew my sub when it expired in Oct. I ended up going with Trust.Zone... so far it's been fine. I started with this site to help me narrow down a handful that I wanted to take a closer look at (lots of information to comb through here, but fairly up to date and you can get a spreadsheet to filter and sort): https://www.safetydetectives.com/best-vpns/.

I personally look for a VPN that isn't based in a jurisdiction that participates in any "eyes" program (5, 9, or 14 eyes). Next, I try to figure out how or if they log... never know for sure, but you have to start somewhere. The site above helped.

Of your three, only Nord is not an "eyes" jurisdiction (Panama). The other two are in jurisdictions "owned" by other countries (in this case, each appear to be located in the British Virgin Islands, a territory of the UK which is 5-eyes country, so they wouldn't make my cut).
ncook303
Posts: 28
Joined: Fri Dec 20, 2019 5:37 pm

Re: Which VPN would you recommend?

Post by ncook303 »

I use Nord as well and can recommend. Very reliable.
SpaethCo
Posts: 372
Joined: Wed Jan 13, 2016 11:58 pm
Location: Minneapolis

Re: Which VPN would you recommend?

Post by SpaethCo »

go140point6 wrote: Thu Dec 31, 2020 4:10 pmI personally look for a VPN that isn't based in a jurisdiction that participates in any "eyes" program (5, 9, or 14 eyes). Next, I try to figure out how or if they log... never know for sure, but you have to start somewhere. The site above helped.
VPNs typically add a fixed header to your packet flow, so based on packet timing and size matching it's pretty easy to associate flows back to their original source. This isn't special spy stuff, it's part of the standard toolkit of your average enterprise SecOps team.

Here's what VPN does for you, in a picture: Image

If you're just concerned with ensuring your traffic is encrypted, that's almost universally assured these days. TLS is so prevalent that sites like http://neverssl.com need to exist so captive portal redirects can even happen anymore.

The only semi-legitimate use case for VPNs today is if you need to obfuscate your location to circumvent IP-based geolocation restrictions.
User avatar
btq96r
Posts: 556
Joined: Thu Dec 26, 2019 2:46 pm
Location: Nashville, TN

Re: Which VPN would you recommend?

Post by btq96r »

I use Private Internet Access on my home system when I feel the need, and on my mobile devices when connecting to a Wifi outside of the home, or a friend's house. Very happy with the simplicity and value for the cost.

Mullvad and Nord are also good to go based on word from folks I trust, but I've got no direct experience with them.
User avatar
mclvngr
Posts: 47
Joined: Sun May 08, 2011 9:57 am

Re: Which VPN would you recommend?

Post by mclvngr »

TorGuard. You can find their Anonymous VPN service discounted 50% off; the lifetime annual cost will be $29.
User avatar
GerryL
Posts: 3902
Joined: Fri Sep 20, 2013 11:40 pm

Re: Which VPN would you recommend?

Post by GerryL »

bob60014 wrote: Thu Dec 31, 2020 2:37 pm Nord.

What will you be using it for?
I was considering getting a VPN service so I could watch free streaming tv from France. Does anybody else here use a VPN to get access to foreign content?
Montgomery
Posts: 52
Joined: Sun Nov 17, 2019 12:11 pm

Re: Which VPN would you recommend?

Post by Montgomery »

Tunnelbear
User avatar
BolderBoy
Posts: 6755
Joined: Wed Apr 07, 2010 12:16 pm
Location: Colorado

Re: Which VPN would you recommend?

Post by BolderBoy »

btq96r wrote: Thu Dec 31, 2020 4:45 pmI use Private Internet Access on my home system when I feel the need, and on my mobile devices when connecting to a Wifi outside of the home, or a friend's house. Very happy with the simplicity and value for the cost.
My friend swears by them and uses them all the time: https://www.privateinternetaccess.com/

Whoever you use be sure they offer Wireguard as the underlying infrastructure connection method.
"Never underestimate one's capacity to overestimate one's abilities" - The Dunning-Kruger Effect
User avatar
MJS
Posts: 1312
Joined: Sat Aug 05, 2017 10:55 pm

Re: Which VPN would you recommend?

Post by MJS »

SpaethCo wrote: Thu Dec 31, 2020 4:34 pm
The only semi-legitimate use case for VPNs today is if you need to obfuscate your location to circumvent IP-based geolocation restrictions.
Such as access to your Amazon Prime streaming video when outside your home country. I use Nord.
Ipsa scientia potestas est. Bacon F.
User avatar
yangtui
Posts: 545
Joined: Sun Mar 30, 2014 1:32 pm
Contact:

Re: Which VPN would you recommend?

Post by yangtui »

My choice of VPN is usually driven by what I plan to use it for.
Marseille07
Posts: 16054
Joined: Fri Nov 06, 2020 12:41 pm

Re: Which VPN would you recommend?

Post by Marseille07 »

Do you even need a VPN? I might have a need to change my source in the future, but a simple proxy would do, not a VPN.
User avatar
typical.investor
Posts: 5263
Joined: Mon Jun 11, 2018 3:17 am

Re: Which VPN would you recommend?

Post by typical.investor »

GerryL wrote: Thu Dec 31, 2020 5:13 pm
bob60014 wrote: Thu Dec 31, 2020 2:37 pm Nord.

What will you be using it for?
I was considering getting a VPN service so I could watch free streaming tv from France. Does anybody else here use a VPN to get access to foreign content?
Yes. I have found Nord to be excellent.

Some services, Hulu in particular, actively try to detect VPNs and Nords service dept. was quick to find a workaround.

That was for US content though.

Depending on your device(Roku stick, Apple TV), you may need to run the VPN on your router. Nord is responsive and helpful and has good documentation.
Explorer
Posts: 769
Joined: Thu Oct 13, 2016 7:54 pm

Re: Which VPN would you recommend?

Post by Explorer »

My most ignorant question.. why do I need a VPN provider?
User avatar
typical.investor
Posts: 5263
Joined: Mon Jun 11, 2018 3:17 am

Re: Which VPN would you recommend?

Post by typical.investor »

Explorer wrote: Thu Dec 31, 2020 6:46 pm My most ignorant question.. why do I need a VPN provider?
Security on public wifi perhaps.

If you are out of the US, and need to access healthcare.gov to get a policy or access sprint to check your phone bill or access a bank (depends on which one -- Ally has been refusing to connect without it) or try to order a cake for something through a grocery store like Publix, you may find you can't connect without one.

And if you want to watch streaming media from Sling/Hulu/Netflix etc, it's necessary too.
Explorer
Posts: 769
Joined: Thu Oct 13, 2016 7:54 pm

Re: Which VPN would you recommend?

Post by Explorer »

typical.investor wrote: Thu Dec 31, 2020 6:52 pm
Explorer wrote: Thu Dec 31, 2020 6:46 pm My most ignorant question.. why do I need a VPN provider?
Security on public wifi perhaps.

If you are out of the US, and need to access healthcare.gov to get a policy or access sprint to check your phone bill or access a bank (depends on which one -- Ally has been refusing to connect without it) or try to order a cake for something through a grocery store like Publix, you may find you can't connect without one.

And if you want to watch streaming media from Sling/Hulu/Netflix etc, it's necessary too.
Thanks. So, if I am in the US (which I am) and I am at home why would I need a VPN?
Explorer
Posts: 769
Joined: Thu Oct 13, 2016 7:54 pm

Re: Which VPN would you recommend?

Post by Explorer »

typical.investor wrote: Thu Dec 31, 2020 6:52 pm
Explorer wrote: Thu Dec 31, 2020 6:46 pm My most ignorant question.. why do I need a VPN provider?
Security on public wifi perhaps.

If you are out of the US, and need to access healthcare.gov to get a policy or access sprint to check your phone bill or access a bank (depends on which one -- Ally has been refusing to connect without it) or try to order a cake for something through a grocery store like Publix, you may find you can't connect without one.

And if you want to watch streaming media from Sling/Hulu/Netflix etc, it's necessary too.
I watch sling/netflix without VPN... it makes no sense that those services need VPN.
MarkBarb
Posts: 908
Joined: Mon Aug 03, 2009 11:59 am

Re: Which VPN would you recommend?

Post by MarkBarb »

I use HTTPS for my browsing, so I don't need a VPN for that. I don't watch Netflix and such when traveling, so I don't need a VPN for that. So for me, nothing.
User avatar
typical.investor
Posts: 5263
Joined: Mon Jun 11, 2018 3:17 am

Re: Which VPN would you recommend?

Post by typical.investor »

Explorer wrote: Thu Dec 31, 2020 7:25 pm
typical.investor wrote: Thu Dec 31, 2020 6:52 pm
Explorer wrote: Thu Dec 31, 2020 6:46 pm My most ignorant question.. why do I need a VPN provider?
Security on public wifi perhaps.

If you are out of the US, and need to access healthcare.gov to get a policy or access sprint to check your phone bill or access a bank (depends on which one -- Ally has been refusing to connect without it) or try to order a cake for something through a grocery store like Publix, you may find you can't connect without one.

And if you want to watch streaming media from Sling/Hulu/Netflix etc, it's necessary too.
I watch sling/netflix without VPN... it makes no sense that those services need VPN.
Again, that's if outside the US.

In your case being at home, I don't really see a need. Some worry about their ISP selling their data, and that might be a reason. But then again, you have to have a reputable VPN who wouldn't do the same thing.
SpaethCo
Posts: 372
Joined: Wed Jan 13, 2016 11:58 pm
Location: Minneapolis

Re: Which VPN would you recommend?

Post by SpaethCo »

Explorer wrote: Thu Dec 31, 2020 7:24 pm Thanks. So, if I am in the US (which I am) and I am at home why would I need a VPN?
Mostly for accessing geo-restricted content, like being able to access the BBC iPlayer by making you appear to be a UK Internet customer, or sidestepping sports blackouts for out-of-market streaming packages. (ie, MLB.tv policy won't let you watch your home team using that service, but if you appear to be a Mexican Internet user you can)

There are also some corner cases where ISPs block or restrict certain types of traffic (P2P, outbound port 25, etc) that the VPN will allow you to side-step.

Most of the security applications (ie, public wifi) are snake oil. The traffic you care about is already encrypted, and using a VPN actually hurts you because it invalidates security measures like "infeasible travel" detection. (ie, if your bank sees you log in from Ohio one minute, and Russia the next minute)
HawkeyePierce
Posts: 2352
Joined: Tue Mar 05, 2019 9:29 pm
Location: Colorado

Re: Which VPN would you recommend?

Post by HawkeyePierce »

Unless you're trying to spoof your location, a VPN is a waste of your time and money and a net *negative* for your personal security. You've added a party you have a trust.

Your traffic is already encrypted by HTTPS. The exact same encryption used by a VPN. All you've done is pour money down the drain.
softwaregeek
Posts: 951
Joined: Wed May 08, 2019 8:59 pm

Re: Which VPN would you recommend?

Post by softwaregeek »

Explorer wrote: Thu Dec 31, 2020 7:24 pm
typical.investor wrote: Thu Dec 31, 2020 6:52 pm
Explorer wrote: Thu Dec 31, 2020 6:46 pm My most ignorant question.. why do I need a VPN provider?
Security on public wifi perhaps.

If you are out of the US, and need to access healthcare.gov to get a policy or access sprint to check your phone bill or access a bank (depends on which one -- Ally has been refusing to connect without it) or try to order a cake for something through a grocery store like Publix, you may find you can't connect without one.

And if you want to watch streaming media from Sling/Hulu/Netflix etc, it's necessary too.
Thanks. So, if I am in the US (which I am) and I am at home why would I need a VPN?
So you can pirate stuff off piratebay without the cable company knowing, or course!
User avatar
OldOne
Posts: 199
Joined: Sat Jun 25, 2011 7:02 pm
Location: Texas

Re: Which VPN would you recommend?

Post by OldOne »

Thanks. So, if I am in the US (which I am) and I am at home why would I need a VPN?
You don't. OK?
Topic Author
Samosa22
Posts: 501
Joined: Tue Dec 31, 2019 9:51 am

Re: Which VPN would you recommend?

Post by Samosa22 »

bob60014 wrote: Thu Dec 31, 2020 2:37 pm What will you be using it for?
Marseille07 wrote: Thu Dec 31, 2020 6:31 pm Do you even need a VPN? ...
SpaethCo wrote: Thu Dec 31, 2020 4:34 pm VPNs typically add a fixed header to your packet flow, so based on packet timing and size matching it's pretty easy to associate flows back to their original source. This isn't special spy stuff, it's part of the standard toolkit of your average enterprise SecOps team...

If you're just concerned with ensuring your traffic is encrypted, that's almost universally assured these days...
HawkeyePierce wrote: Thu Dec 31, 2020 9:20 pm Unless you're trying to spoof your location, a VPN is a waste of your time and money and a net *negative* for your personal security. You've added a party you have a trust.

Your traffic is already encrypted by HTTPS. The exact same encryption used by a VPN. All you've done is pour money down the drain.
Thanks everyone (quoted above and others) for your responses. I am not looking to circumvent location-based restrictions for streaming or other purposes. Online privacy and security is the goal here.

I don't have IT background but I am trying to learn and implement ways to enhance online security and privacy. Thanks to many wonderful BH posters such as HawkeyePierce and others, I am already using a password manager and 2FA where possible. Now I have read on multiple websites that VPN is an essential tool for online privacy and security so I thought why not use it. Here is a copy and paste from one such website arguing in favor of VPN.

VPN is simply a must for everyone today, but especially cryptocurrency users. Why?

As we surf the internet, there are unfortunately a lot of eyes on us at all times. One very big set of eyes watching us is our internet service provider (or 'ISP'). They see and hear everything we do on the internet. And they often share that information with third parties. But our ISP and its friends are not the only people watching. Anyone using the same wifi network that we are using can also see what we are up to online.

A VPN solves this problem. When we use a VPN, our computer's IP address is not connecting to any website directly. Instead we are communicating to another IP address over an encrypted connection. Then that IP address makes website requests on our behalf and send us back that data. This helps keep onlookers onto our connection locked out so that only one party knows what we are doing (the VPN).

The reason VPNs are important for cryptocurrency users especially is that we use Bitcoin to keep as much data hidden as possible. However, when we expose our IP address, we might give away that our IP address is connected to someone who owns and uses cryptocurrency, merely because of the websites we visit.

Long story short: everyone should be using a VPN regardless of whether or or not they use Bitcoin. It's for your own safety.
Diversification is protection against ignorance - WB.
HawkeyePierce
Posts: 2352
Joined: Tue Mar 05, 2019 9:29 pm
Location: Colorado

Re: Which VPN would you recommend?

Post by HawkeyePierce »

That blurb is just wrong.
As we surf the internet, there are unfortunately a lot of eyes on us at all times. One very big set of eyes watching us is our internet service provider (or 'ISP'). They see and hear everything we do on the internet. And they often share that information with third parties. But our ISP and its friends are not the only people watching. Anyone using the same wifi network that we are using can also see what we are up to online.
Your ISP can see which domains you connect to but nothing beyond that if the site uses HTTPS (when you see the lock icon in your URL bar).

If you use a VPN, you're now just exposing that data to the VPN provider instead. That's not really an improvement.
Topic Author
Samosa22
Posts: 501
Joined: Tue Dec 31, 2019 9:51 am

Re: Which VPN would you recommend?

Post by Samosa22 »

HawkeyePierce wrote: Fri Jan 01, 2021 3:50 pm That blurb is just wrong.
As we surf the internet, there are unfortunately a lot of eyes on us at all times. One very big set of eyes watching us is our internet service provider (or 'ISP'). They see and hear everything we do on the internet. And they often share that information with third parties. But our ISP and its friends are not the only people watching. Anyone using the same wifi network that we are using can also see what we are up to online.
Your ISP can see which domains you connect to but nothing beyond that if the site uses HTTPS (when you see the lock icon in your URL bar).

If you use a VPN, you're now just exposing that data to the VPN provider instead. That's not really an improvement.
Thanks. Since ISP knows (and sells) which domains we connect to, isn't following a reasonable concern? And VPN the solution?
The reason VPNs are important for cryptocurrency users especially is that we use Bitcoin to keep as much data hidden as possible. However, when we expose our IP address, we might give away that our IP address is connected to someone who owns and uses cryptocurrency, merely because of the websites we visit.
Diversification is protection against ignorance - WB.
Marseille07
Posts: 16054
Joined: Fri Nov 06, 2020 12:41 pm

Re: Which VPN would you recommend?

Post by Marseille07 »

Samosa22 wrote: Fri Jan 01, 2021 4:03 pm Thanks. Since ISP knows (and sells) which domains we connect to, isn't following a reasonable concern? And VPN the solution?
I'm not aware that they sell such information. Even if they do, it's not like they're selling "Mr. X at street address Y visited bogleheads.org." The logs would not be specific to a person; it'd be more like "www.cnn.com received 57K hits from our ISP" kinda thing.

If you are really worried about something like this then go ahead and get a VPN.

EDIT #1: The crypto bits - well, I don't do crypto. But the concern described there is more of a flaw on crypto itself, not so much about the internet. Maybe one shouldn't pay 29K per coin if unmasked IP address can put their assets in danger.

EDIT #2: Also, as I stated earlier, even this concern can be mitigated by a proxy, as the ISP would see you connecting to the proxy, not the destination site.
Last edited by Marseille07 on Fri Jan 01, 2021 4:49 pm, edited 1 time in total.
HawkeyePierce
Posts: 2352
Joined: Tue Mar 05, 2019 9:29 pm
Location: Colorado

Re: Which VPN would you recommend?

Post by HawkeyePierce »

Samosa22 wrote: Fri Jan 01, 2021 4:03 pm
HawkeyePierce wrote: Fri Jan 01, 2021 3:50 pm That blurb is just wrong.
As we surf the internet, there are unfortunately a lot of eyes on us at all times. One very big set of eyes watching us is our internet service provider (or 'ISP'). They see and hear everything we do on the internet. And they often share that information with third parties. But our ISP and its friends are not the only people watching. Anyone using the same wifi network that we are using can also see what we are up to online.
Your ISP can see which domains you connect to but nothing beyond that if the site uses HTTPS (when you see the lock icon in your URL bar).

If you use a VPN, you're now just exposing that data to the VPN provider instead. That's not really an improvement.
Thanks. Since ISP knows (and sells) which domains we connect to, isn't following a reasonable concern? And VPN the solution?
The reason VPNs are important for cryptocurrency users especially is that we use Bitcoin to keep as much data hidden as possible. However, when we expose our IP address, we might give away that our IP address is connected to someone who owns and uses cryptocurrency, merely because of the websites we visit.
No, that's not a concern. Your IP address alone doesn't identify you.
SpaethCo
Posts: 372
Joined: Wed Jan 13, 2016 11:58 pm
Location: Minneapolis

Re: Which VPN would you recommend?

Post by SpaethCo »

Samosa22 wrote: Fri Jan 01, 2021 4:03 pm Thanks. Since ISP knows (and sells) which domains we connect to, isn't following a reasonable concern? And VPN the solution?
The reason VPNs are important for cryptocurrency users especially is that we use Bitcoin to keep as much data hidden as possible. However, when we expose our IP address, we might give away that our IP address is connected to someone who owns and uses cryptocurrency, merely because of the websites we visit.
The VPN service has Internet transit providers. You reach the VPN provider over the Internet, and your traffic leaves the VPN provider over the Internet.

Just like your ISP can see all your traffic, the transit providers can see the tunneled flows between you and the VPN service, and all of the traffic going back out to the Internet to reach your ultimate destination. There's a little more work to tie those flows together, but it's all easily automated.

In the end, it's still you connecting to sites on the Internet. All you're doing is paying money to shift the discovery point a little further away from you.

In general, if obscurity is a major component of your security posture, you probably have much bigger issues to worry about.
MBB_Boy
Posts: 899
Joined: Sat May 12, 2018 4:09 pm

Re: Which VPN would you recommend?

Post by MBB_Boy »

mkc wrote: Thu Dec 31, 2020 2:57 pm We use ProtonVPN
+1
gtd98765
Posts: 952
Joined: Sun Jan 08, 2017 3:15 am

Re: [Is VPN essential for online privacy & security?]

Post by gtd98765 »

Samosa22 wrote: Fri Jan 01, 2021 4:03 pm Thanks. Since ISP knows (and sells) which domains we connect to, isn't following a reasonable concern? And VPN the solution?
In the US ISPs have privacy policies on line. If your ISP is a big name like Comcast or AT&T, it probably really follows its privacy policy, at the risk of expensive lawsuits if being caught disobeying it. So you can read the policy and know what they do with your info - basically only the Domain, like CNN or Wikipedia - as noted above, if there is a lock icon in the address bar, the ISP does not know which page at CNN or Wikipedia you are looking at.

Your VPN also knows which domain you are looking at (but just as above, not the specific page). It may have a privacy policy too - did you look? - but if it is based outside of the US or EU it may not be in legal jeopardy from not following a policy. Many VPNs do not even clarify exactly where they are based, or who owns them. Could it be a foreign government intelligence service? Often there is no way to tell. And of course, it could sell your data to other companies just like your ISP could. How would you know?

Using a VPN just shifts the company that knows what domains you are visiting on the internet from your ISP to another company. I would rather take my chances with AT&T following its policy, than with Joe's Lobster Shack and VPN, based who-knows-where, doing so.
Cruise
Posts: 2750
Joined: Mon Nov 21, 2016 6:17 pm

Re: Which VPN would you recommend?

Post by Cruise »

Montgomery wrote: Thu Dec 31, 2020 5:16 pm Tunnelbear
+1

TB is one of the few services that have independent audits done to confirm that your data remains private.
acljump
Posts: 86
Joined: Sun Feb 09, 2020 8:00 am

Re: [Is VPN essential for online privacy & security?]

Post by acljump »

Here is a useful page which lists three VPN services that have been independently audited to respect your privacy: https://www.privacytools.io/providers/vpn/

I sometimes use ProtonVPN myself but find that certain websites (like banks and financial services) won't work if you're connected via a VPN.

I still think having a VPN for general web browsing is useful to have because ISPs can track what websites you visit and sell that to third party advertisers.
nordsteve
Posts: 1104
Joined: Sun Oct 05, 2008 9:23 am

Re: [Is VPN essential for online privacy & security?]

Post by nordsteve »

I'd encourage you to read the VPN thread from 2019.

viewtopic.php?t=274601

Very little has changed since then.

I use VPN in two situations - getting in to the work network (happens less and less often these days) and getting in to my home network when I'm away.
User avatar
UncleLeo
Posts: 257
Joined: Wed Jul 12, 2017 12:43 am

Re: Which VPN would you recommend?

Post by UncleLeo »

ncook303 wrote: Thu Dec 31, 2020 4:15 pm I use Nord as well and can recommend. Very reliable.
Reliable would be the last word I'd use - https://krebsonsecurity.com/2019/10/ava ... -accounts/
Northern Flicker
Posts: 15363
Joined: Fri Apr 10, 2015 12:29 am

Re: [Is VPN essential for online privacy & security?]

Post by Northern Flicker »

A VPN service aggregates all of your connection data at the VPN service. Is that want you want? Of course without a VPN services, it likely already is aggregated with ad companies.
Marseille07
Posts: 16054
Joined: Fri Nov 06, 2020 12:41 pm

Re: [Is VPN essential for online privacy & security?]

Post by Marseille07 »

OP's use case doesn't warrant a VPN, unless they're generous to sign up for an unnecessary service and give them business. As other posters said, HTTPS is already encrypted; not much point encrypting again. If they're still concerned, a simple proxy would do.
Post Reply