I’ve been using one but I’m not sure what benefits I’m getting from it. I feel like the only thing happening is I’m adding a little bit of latency to all my requests for no reason.
Most people in the US use it to avoid getting letter from their ISP from downloading illegal content.
Some people use to access other country content.
Some people use it to avoid ISP snooping their browsing habits
Genuine question: How can an ISP detect that someone is downloading illegal material if the actual content is encrypted using SSL/TLS? Is it all approximated based on the domains/IPs and the amount of data that is sent? If they can’t tell with a 100% certainty, can it be used as proof when trialed in court?
Isn’t that mainly just torrent trackers that publish your IP address and then the ISP gets a request for who was using that particular IP address. I don’t think an ISP would itself be interested in detecting whether their customers download illegal content - there is no business case for them to do that.
Pros:
- Websites can’t see your real IP and thus can’t figure out your real location that easily
- You might also be able to blend in with other users who use the same VPN server
- Your ISP can’t see what you’re websites you’re connecting to
- Your Network operator (e.g. a coffee shop offering public wifi) and you’re ISP can’t see your unencrypted connections (e.g. HTTP, Telnet)
- You can bypass regional censorship or other forms of content unavailability
Cons:
- Your VPN provider can see everything you’re connecting to (but not the content if you use HTTPS, which thankfully has become very common), so you need to be able to trust them
- A good and trustworthy VPN usually costs money
- Slightly slower connection and higher latency
Things to look out for when choosing a VPN provider:
- No-log policy
- Regular security audits
- Open source client applications
- Private/anonymous payment options (crypto currency)
- Monero is the best option if you want to stay fully anonymous
- Minimal information required for signing up, ideally none (some providers don’t even require an email address, they just give you a random generated Account ID)
No port forwarding BTW for anyone looking at this.
They recently gave up the fight against groups (copyright groups) accusing them of aiding with CSAM so they stopped port forwarding
Yeah. Proton, Mullvad and IVPN are the three best providers out there. That’s also why they’re recommended by privacy/security enthusiasts: https://www.privacyguides.org/en/vpn/?h=vpn#recommended-providers
It matches all the criteria I outlined. IVPN too btw: https://www.ivpn.net/
They’re also on Mastodon, which is also a plus in my opinion (not really significant though) @ivpn@mastodon.social
In the cons there’s also an increase of the attack surface since you’ll be using a program to run the VPN
On the pros, some offer DNS blocking
WireGuard is now even part of the Linux kernel. The protocol and the reference implementation are fully open source, you can just download a WG profile from your provider and you won’t even have to use their application.
On the pros, some offer DNS blocking
You can also set that up without a VPN, or independently of your VPN. The standard WireGuard client doesn’t interfere with your DNS setup.
A few ways I’ve used it.
Odd, a site seems to be non-functional. (Enable VPN). Site begins to work. Oh, my ISP was fucking with me.
A site is stuttering. (Enable VPN). Magically works. Oh, my ISP was fucking with me.
The most annoying, my family’s Internet over the holidays was blocking my laptop from updating Ubuntu, enabled VPN, udpate went just fine.
In general, it stops ISPs from dictating if they approve or disapprove of your behavior. Hide what you’re doing and all traffic is just anonymous bits and bobs.
As it fucking should be by law… but in the US the conservative party continually repeals the law that enforces non-interference. So for now, we need VPNs.
i enjoy not getting threatening letters from my ISP about downloading shit.
You should consider your threat model first before using something without being unsure of the benefits.
If you’ve never thought about it, here are some questions to get you started.
- List the assets that require protection. (Like credit card info)
- Who might want to gain access to those assets? (e.g. Hackers)
- How can you mitigate the risks? (Updates)
You may have a lot to say, so write things down to clarify your thoughts. Once your threat model document is complete, it will be easier for you to figure it which tools you really need, and which ones are only nice to have.