• Donate
    TheWindowsForum.com needs donations to stay online!
    Love TheWindowsForum.com? Then help keep it alive by sending a donation!

VPNs: should you use them?

WELCOME TO THEWINDOWSFORUM COMMUNITY!

Our community has more than 63,000 registered members, and we'd love to have you as a member. Join us and take part in our unbiased discussions among people of all different backgrounds about Windows OS, Software, Hardware and more.

ThumperTM

La Patróna
Aug 18, 2010
13,675
9,403
VPNs: should you use them?


VPNs: should you use them?
We are going to talk today about something you’ve likely heard of before: VPNs, or Virtual Private Networks. We at Malwarebytes have delved into these tools in greater depth, and we’ve literally discussed them on the digital airwaves.
But we want to answer a question we’ve been getting more and more. Folks aren’t as curious about what a VPN is anymore, as they are about whether they should use one.
The answer is: it depends. For that, we’re here to help.

How a VPN works
To understand how a VPN works and whether you should use one, it is best to first understand what happens when you’re browsing the Internet. Whenever you open up a web browser and go to a website, you’re connecting to that website and exchanging information with it. This is your Internet “traffic,” and it can reveal quite a bit of information about you, including what websites you visit, your IP address, and more.
A VPN acts like a “tunnel” for your Internet traffic. Your traffic goes into the tunnel, and emerges out of one of the exit nodes of the VPN service. The tunnel encrypts your data, making it undecipherable to your Internet Service Provider (ISP). At best, your ISP can see that some encrypted traffic is going to a VPN service, but not the contents of that traffic, and not where it comes out of.
The interesting thing to note here is that, with this basic functionality, a VPN can actually serve many different needs. As we wrote before:
Depending on who you ask, a VPN is any and all of these: [1] a tunnel that sits between your computing device and the Internet, [2] helps you stay anonymous online, preventing government surveillance, spying, and excessive data collection of big companies, [3] a tool that encrypts your connection and masks your true IP address with one belonging to your VPN provider, [4] a piece of software or app that lets you access private resources (like company files on your work intranet) or sites that are usually blocked in your country or region.
Without a VPN, your Internet Service Provider, or ISP, can see almost everything you interact with online. Who you connect to, what type of traffic, where you are geographically. No bueno.

Obscuring your traffic with a VPN
If you use a VPN, your ISP knows you’ve connected to a VPN, but it cannot inspect the content of your traffic, and does not know where it comes out at the other end.
Also, despite the recent surge in popularity for VPNs, these tools have been in use for businesses for a long time now. They are typically used to access resources remotely as if you were at the office.
In some cases we have even seen performance boosts by using a VPN, where artificial throttling is circumvented by the use of a VPN. Because you’re tunneling your connection, your ISP can’t peek at your traffic and throttle it, based on the kind of traffic. Believe it or not, this is a real issue, and some ISPs throttle users’ traffic when they see file sharing for example.

Consumer recommendations
There are several paths you can take when deciding to implement a VPN. Not only do these tools works on your personal devices like your laptops and mobile phones, but, in some cases, you can insert your own router into the mix.
In many cases, the router provided by your ISP is not a device that you fully control, and using it for your networking needs might open you to possible security issues.
These devices sometimes have administrative functions that aren’t accessible to subscribers. Some mid to higher range routers offered on the market today allow you to put the VPN on the router, effectively encapsulating all your traffic.

The hardware route
A possible solution would be to get such a router and install the VPN on it, rather than on your individual machines. This has the added bonus that it provides VPN protection to devices that don’t support VPNs, like handhelds, consoles, and smart devices.
In the past, we have seen ISP hardware breached by hard coded accounts on the modem/routers they offer to their subscribers.
Sadly, ISP customer support often balks at helping out if you insert your own equipment in the mix. (In fact, they might make you remove it from the equation before they’ll provide support.)
This solution is specific to each router, and a bit more advanced.

The software route
You can also use a VPN application provided by the VPN provider. This application will provide VPN tunneling to the computer it is installed on, and only that, so keep that in mind.
One of the strongest options to consider for your software solution is a “kill switch” functionality. This ensures that if anything happens to the VPN application, it doesn’t “fail open” or allow internet traffic through if the VPN is broken. Think about it. You’re installing this application for the explicit functionality that it can tunnel your traffic. If the app malfunctions, there might be privacy risks in the app still allowing you to connect to the Internet, but letting your traffic go un-tunneled.
More than anything, a kill switch prevents the chance that you’re operating with a false sense of security. What you say online, and the chance that it was you who said it, can draw attention in some countries with far stricter laws on free speech.
Another factor that makes a VPN really perform is when they have a lot of exit nodes. These exit nodes are locations that can be used to circumvent geolocation. The more that are available, and the greater the variety, the more versatile and useful the VPN service is.
Speed is also a factor for VPN exit nodes. There’s not much point in having a ton of exit nodes unless they’re fast. One of the drawbacks of using a VPN is that by adding all these “hops” between nodes, your traffic will take longer to route. If the nodes are reasonably fast, the end user shouldn’t notice significant slowdowns.
You should have a VPN provider that doesn’t discriminate the type of traffic that flows through their network. Some smaller VPNs don’t have the necessary infrastructure to handle large volumes of Peer-to-peer or bittorrent traffic, and either ban it outright or have actual data caps.

Final thoughts
Remember, when you’re thinking about adopting one of these tools, you’re transferring trust: When you use a VPN you transfer access to your traffic to a 3rd party, the VPN provider. All that visibility that users balk at relinquishing to their ISP has now been handed over to their VPN provider. Careful consideration should be given to the trustworthiness of said VPN provider.
There are documented cases where a VPN provider revealed that their users could be de-anonymized and that the VPN provider did in fact keep logs and was willing to turn them over.
Remember, VPNs should not be viewed as shadowy tools. They are, in all actuality, business and privacy tools. They let the researchers who fight malware find out what that malware actually does. They let employees connect to company resources away from the office—which is of the utmost importance today. And they allow you, the user, to reclaim a measure of privacy.
It is therefore important to choose carefully. Most VPNs offer a service where they promise not to log or inspect your traffic. In many cases, though, this claim is impossible to verify.


Source: Malwarebytes Blog
 
Nice review that covers up much, i guess VPNs are useful if you live in an oppressive country or you want to bypass regional restrictions from services like Netflix etc


VPNs give nearly no security benefit as around 90% of websites already use HTTPS which encrypts your connection. VPNs will only ever give a security benefit when you're browsing a site lacking HTTPS which is rare.

When using a VPN, you send all of your internet traffic to a single server and they can do whatever they want with it. You have to trust them fully not to do anything malicious. There is no way for you to verify that your VPN provider doesn't log. Many VPNs have lied about their no logging polices before such as IPVanish.

VPNs are also very vulnerable to traffic analysis attacks.

If you want privacy and anonymity, use Tor instead.

Also see "Don't use VPN services" and "You want Tor Browser... not a VPN".


Source: Madaidan's Insecurities
 
I have a couple of VPN services, both paid. A couple of things to keep in mind. Don't keep doing the same old, same old. Habits and patterns that become unique to you well do the math. Mix it up, locations and providers. I will add one of my premium services is bundled with another subscription.
My biggest problem with VPNs and especially TOR is they get blacklisted. These are favorite tools for DDOSing and malicious attacks on sites so they and their IPs are denied access for security. That's why a hardware VPN implementation has a couple of drawbacks. Blacklisting and control of what site you use. Note too that some of these VPN "remote" sites are virtual sites and just that. The IP may be registered to a geographic location but located somewhere else. They can even fool some traceroute software.
That being said for P2P and unofficial KODI add-ons you wouldn't find me revealing my IP for either one. DNS leakage is another consideration make sure your service and software guard against this as well.
 
the best is to use a VPN which does not log.

And adding TOR behind it.... well... for me, it's enough.
 
VPNs: should you use them?


VPNs: should you use them?
We are going to talk today about something you’ve likely heard of before: VPNs, or Virtual Private Networks. We at Malwarebytes have delved into these tools in greater depth, and we’ve literally discussed them on the digital airwaves.
But we want to answer a question we’ve been getting more and more. Folks aren’t as curious about what a VPN is anymore, as they are about whether they should use one.
The answer is: it depends. For that, we’re here to help.

How a VPN works
To understand how a VPN works and whether you should use one, it is best to first understand what happens when you’re browsing the Internet. Whenever you open up a web browser and go to a website, you’re connecting to that website and exchanging information with it. This is your Internet “traffic,” and it can reveal quite a bit of information about you, including what websites you visit, your IP address, and more.
A VPN acts like a “tunnel” for your Internet traffic. Your traffic goes into the tunnel, and emerges out of one of the exit nodes of the VPN service. The tunnel encrypts your data, making it undecipherable to your Internet Service Provider (ISP). At best, your ISP can see that some encrypted traffic is going to a VPN service, but not the contents of that traffic, and not where it comes out of.
The interesting thing to note here is that, with this basic functionality, a VPN can actually serve many different needs. As we wrote before:

Without a VPN, your Internet Service Provider, or ISP, can see almost everything you interact with online. Who you connect to, what type of traffic, where you are geographically. No bueno.

Obscuring your traffic with a VPN
If you use a VPN, your ISP knows you’ve connected to a VPN, but it cannot inspect the content of your traffic, and does not know where it comes out at the other end.
Also, despite the recent surge in popularity for VPNs, these tools have been in use for businesses for a long time now. They are typically used to access resources remotely as if you were at the office.
In some cases we have even seen performance boosts by using a VPN, where artificial throttling is circumvented by the use of a VPN. Because you’re tunneling your connection, your ISP can’t peek at your traffic and throttle it, based on the kind of traffic. Believe it or not, this is a real issue, and some ISPs throttle users’ traffic when they see file sharing for example.

Consumer recommendations
There are several paths you can take when deciding to implement a VPN. Not only do these tools works on your personal devices like your laptops and mobile phones, but, in some cases, you can insert your own router into the mix.
In many cases, the router provided by your ISP is not a device that you fully control, and using it for your networking needs might open you to possible security issues.
These devices sometimes have administrative functions that aren’t accessible to subscribers. Some mid to higher range routers offered on the market today allow you to put the VPN on the router, effectively encapsulating all your traffic.

The hardware route
A possible solution would be to get such a router and install the VPN on it, rather than on your individual machines. This has the added bonus that it provides VPN protection to devices that don’t support VPNs, like handhelds, consoles, and smart devices.
In the past, we have seen ISP hardware breached by hard coded accounts on the modem/routers they offer to their subscribers.
Sadly, ISP customer support often balks at helping out if you insert your own equipment in the mix. (In fact, they might make you remove it from the equation before they’ll provide support.)
This solution is specific to each router, and a bit more advanced.

The software route
You can also use a VPN application provided by the VPN provider. This application will provide VPN tunneling to the computer it is installed on, and only that, so keep that in mind.
One of the strongest options to consider for your software solution is a “kill switch” functionality. This ensures that if anything happens to the VPN application, it doesn’t “fail open” or allow internet traffic through if the VPN is broken. Think about it. You’re installing this application for the explicit functionality that it can tunnel your traffic. If the app malfunctions, there might be privacy risks in the app still allowing you to connect to the Internet, but letting your traffic go un-tunneled.
More than anything, a kill switch prevents the chance that you’re operating with a false sense of security. What you say online, and the chance that it was you who said it, can draw attention in some countries with far stricter laws on free speech.
Another factor that makes a VPN really perform is when they have a lot of exit nodes. These exit nodes are locations that can be used to circumvent geolocation. The more that are available, and the greater the variety, the more versatile and useful the VPN service is.
Speed is also a factor for VPN exit nodes. There’s not much point in having a ton of exit nodes unless they’re fast. One of the drawbacks of using a VPN is that by adding all these “hops” between nodes, your traffic will take longer to route. If the nodes are reasonably fast, the end user shouldn’t notice significant slowdowns.
You should have a VPN provider that doesn’t discriminate the type of traffic that flows through their network. Some smaller VPNs don’t have the necessary infrastructure to handle large volumes of Peer-to-peer or bittorrent traffic, and either ban it outright or have actual data caps.

Final thoughts
Remember, when you’re thinking about adopting one of these tools, you’re transferring trust: When you use a VPN you transfer access to your traffic to a 3rd party, the VPN provider. All that visibility that users balk at relinquishing to their ISP has now been handed over to their VPN provider. Careful consideration should be given to the trustworthiness of said VPN provider.
There are documented cases where a VPN provider revealed that their users could be de-anonymized and that the VPN provider did in fact keep logs and was willing to turn them over.
Remember, VPNs should not be viewed as shadowy tools. They are, in all actuality, business and privacy tools. They let the researchers who fight malware find out what that malware actually does. They let employees connect to company resources away from the office—which is of the utmost importance today. And they allow you, the user, to reclaim a measure of privacy.
It is therefore important to choose carefully. Most VPNs offer a service where they promise not to log or inspect your traffic. In many cases, though, this claim is impossible to verify.


Source: Malwarebytes Blog
Seems like a in depth article about VPNs.
 
Back