this post was submitted on 01 Jan 2024
-40 points (23.0% liked)

Technology

34815 readers
56 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
all 13 comments
sorted by: hot top controversial new old
[–] [email protected] 27 points 10 months ago (2 children)

The article is correct that most VPN ads are full of lies, but that doesn't mean that people don't still need them.

[–] [email protected] 13 points 10 months ago

Exactly.

Yes, it hides your IP, but that's not all that important if you have a competent ISP or firewall on your router in terms of security (it's more important for privacy). Yes, it (usually) encrypts your traffic, but so does pretty much every website, and adding a second layer doesn't meaningfully improve things.

VPNs are important for privacy, that's it. They change where your traffic appears to come from so people (attackers and servers alike) can't tell where you're accessing it from. That's it, and that's a pretty important thing, especially in this day and age with swatting and whatnot.

[–] [email protected] 4 points 10 months ago

I happen to agree, but want to add that the thesis is "most people don't need a VPN," which is arguably true. Most people simply aren't that interesting, and aren't at risk of being individualky targeted by a motivated adversary or hostile nation state. As long as they're using HTTPS while doing so, most people no more at risk shopping online, reading email, doing Social Media, or conducting banking at a Starbucks than they are in their own living room. That threat picture looks like DNS profiling, MAC address harvesting, maybe browser user agent fingerprinting, or DHCP device fingerprinting. Just run-of-the-mill data harvesting, and usually only for market research. Most apps rely on TLS or SSL which is generally secure, but leak info at the lower level utility protocols like DNS and DHCP. If you didn't disable DNS over HTTPS (DoH) on your device and otherwise follow reasonable online hygiene, your data and gour identity is likely secure¹.

Now: be a journalist, activist, organizer, politician even of local school board stature, dissident, expat or artist/performer of any notoriety, and congratulations! You have a complicated threat picture! Proceed to Go, retain a trustworthy IT firm, and work with them to furnish and maintain a private OpenVPN or Wireguard service on your behalf at a public VPS, also being sure to do your diligence and ask for a copy of their certificate of insurance from their cyber insurance underwriters.

Anyway, unless a person has a technical reason to access private resources, or has a more-than-mundane threat picture in their life, a VPN is just a waste of overhead.

-- ¹ Not you, T-Mobile user.

[–] [email protected] 14 points 10 months ago

VPNs are not the security panacea that marketers would have you think they are. Using a VPN does provide some obfuscation as to your origin, but it does change your trust model. The VPN service provider may tunnel your traffic through your ISP to hide data from the ISP, but now it's visible to the VPN service provider instead.

There are plenty of use cases for a VPN, but just like any other technology or service, you need to know what it actually does so you know what it actually achieves or doesn't achieve.

[–] [email protected] 11 points 10 months ago (1 children)

Whenever I hear this argument

"Most people are not interesting enough to profile, so they don't need this XYZ privacy tool.."

I always have this ready as a counter argument

"Only a stupid person would not care about pickpockets just because his wallet does not have much cash - a pickpocket will not ask you how much cash you have before picking your wallet, and even if your wallet turns up to be empty, the pickpocket is not going to be a gentleman and return that to you.

Tracking/profiling for Ads on the internet happen en masse; you are just one of a million data points that build a profile - it doesn't care whether you as an individual are interesting or not".

[–] [email protected] 2 points 10 months ago

Also, most "interesting" people were once not interesting at all. It's naive to think that data gathered on us in the past cannot be used in the future.

[–] [email protected] 2 points 10 months ago (1 children)

Tor Browser is both free, and a hell of a lot more secure.

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago) (1 children)

Tor browser is not free. The cost is externalized. It is run by people who see value in the community.

If you use mullvad, or safing spn, your paying directly to support the network without externalized costs. Both are good options.

If you have the means, and ability, I highly recommend donating to run a Tor node or running one yourself.

https://donate.torproject.org/

[–] [email protected] 2 points 10 months ago

Makes sense. I don't use Tor for much of anything, just have an awareness of it, but I do donate money to lemmy.world and SDF for pretty much exactly this reason.

[–] [email protected] 1 points 10 months ago

The big issue right now is that VPN services servers IP are getting massively banned from multiple platforms. There should something new araise to help on this.

[–] [email protected] 1 points 10 months ago

A good use for a VPN is getting around CGNAT, however what most VPN providers have is useless for that because they don't allow client to client or inbound connections.