top | item 37061185

(no title)

Up front, I believe Mullvad is the best commercial VPN solution and is doing a great job at making good privacy more accessible.

However, a lot of the comments here seem to be hailing VPNs in general as the solution to privacy on the internet.

I would like to remind people that VPNs only really protect you against two things: your ISP and the endpoint. And that's assuming that your ISP isn't doing some shady analytics.

That being said, knocking those two things off the board is a huge benefit to privacy and absolutely should be done.

discuss

morjom|2 years ago

>..a lot of the comments here seem to be hailing VPNs in general as the solution to privacy on the internet.

..where?

jtriangle|2 years ago

Literally every youtube ad spot for any vpn that advertises on youtube heavily.

Which realize, is 100% of what most people think about VPN's, a nasty side effect of dishonest marketing.

wwfredrogersdo|2 years ago

> that's assuming that your ISP isn't doing some shady analytics

Can you elaborate on this? So ISPs often engage in tactics that thwart VPN usage? Which ISPs? What tactics?

trevyn|2 years ago

It is my understanding that many ISPs and backbone providers sell or otherwise disclose full detailed packet metadata, including precision timestamps, and that there are companies that aggregate this data across the entire Internet.

At which point your VPN becomes just another hop in the trace.

VPNs, no matter how secure they themselves are, are effective for accessing lightly geo-locked content and defeating unsophisticated analytics and tracking. They are really not a serious privacy solution in any sense, unfortunately.

bippihippi1|2 years ago

the reason the uk wants an encryption backdoor is because it's expensive to do statistical analysis of encrypted traffic. there's ways to make it more difficult, but if you own the certificate that a tls endpoint uses you can just open it and reencrypt it for the destination. this is called break and inspect. if a vpn uses different certificates and is built well, there would have to be a flaw (spyware, vulnerability, etc) on one of the endpoints for anyone other than you and the vpn to read the encrypted data.

rvnx|2 years ago

Why would they even do so ? Large ISPs are public, so this activity would appear as extra revenue (if they sell traffic data) in their financial reports and annual reports.

The most likely is that ISPs are just respecting the local laws, and doing the minimum retention as required by the law (because more data storage = more costs),

and that their actual fear is that someone leaks this data and causes reputation damage, so they'd avoid storing anything if they can.

axus|2 years ago

https://en.wikipedia.org/wiki/Room_641A

stjohnswarts|2 years ago

those two are huge though, and part of any multilayered approach to security. I doubt if most people think "VPN and done"