this post was submitted on 06 Oct 2024
735 points (90.8% liked)

Technology

60033 readers
3130 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 2 months ago* (last edited 2 months ago)

is this saying you can still be fucked on public WiFi even if you connect through a VPN?

The quick and dirty answer is no, unless an attacker can figure out a way to get your VPN to strip it's encryption (doubt you'll ever see this outside something like defcon but you never know lol).

The long answer is that not all VPNs are equal depending on what you are trying to accomplish.

A VPN will simply tunnel your internet traffic over an encrypted channel to a server anywhere in the world.

On a technical level, this means that it will guarantee your internet traffic is unreadable until it hits the destination, which does mean it can make it more secure to use a public wifi/hotspot.

Of course privacy is actually a massive security iceberg, so some caveats in no particular order are:

spoiler

  • Modern protocols like HTTPS are already encrypted, although someone can still mess with stripping and poisoning techniques, so having a VPN running would be peace of mind.

  • Your privacy from companies like Google, Facebook, etc won't be enforced by a VPN if you don't also use a new browser session (incognito) because they can easily track your identity via cookies and accounts.

  • Even if you use a fresh session and dedicated VPN accounts, aforementioned tech companies can still identify you via statistical modeling based on your activity. They don't really care what your IP is unless they need to pay tax for a country or follow some random media block law.

  • Your privacy from the government is nonexistent because most VPN companies will share your info if the government requests it.

  • Lots of VPNs choose to block torrenting so they don't have to deal with protecting their customers (although lots also don't).

  • Even if you setup your own VPN via a VPS in anonymous way, the government can still watch your exit traffic and link the origin back to you by inspecting the VPN packets (which is why Tor exists, a much different solution to the privacy problem).

You should use a VPN if:

  • You want to torrent copyrighted material (yar har piracy)
  • You want to spoof your location to get access to geolocked content
  • You want to negate an attackers ability to mess with your connections on public WiFi
  • You want a secure channel between two of your own locations (make two separate networks accessible to eachother, or VPN to home/work to access resources on that network).
  • ^ same thing but remote access etc.

You should not use a VPN if:

  • You need to hide what you do on the internet from the government (See Tor, journalists stuck in shithole regimes).
  • You want privacy from internet megacorps (you'd have to keep fresh sessions or use them sparingly which you can 90% do without a VPN anyway)
  • You want to hide anything after it reaches the VPN server (public VPN services, doesn't apply if you VPN to something you physically own and access only its local resources).

--

After all that, the use case basically becomes:

  • VPN to within your own country to secure your connection on public WiFi
  • VPN to home or work to access network
  • VPN with a good public service to other countries to watch or torrent media