Introduction

8 days ago I made this post asking for the most controversial privacy topics. My first post answering a controversial question got so few upvotes that it was almost my worst post to date. I don’t do these for upvotes, though. I do them for fun :)

So, with that, here is the second post demystifying some controversial privacy topics. @TranquilTurbulence@lemmy.zip asked “VPN: essential or snake oil?”

I try to avoid topics that have been thoroughly answered multiple times, or has such a direct answer that it would be too short to make a post about. This topic is a bit of both, but worth writing anyway, because I do have my own insights.

Some people didn’t like that I break the main question down into multiple sub questions. It is valid criticism, but it’s my style of writing, so I will stick to what I’m good at.

What does a VPN do?

A Virtual Private Network (abbreviated “VPN”) is a way of proxying your internet traffic through a third party. There are many reasons why you would want this:

Hiding your IP address: VPNs will replace your IP address with a random IP address assigned by the VPN provider. IP addresses are unique to your router, meaning you can be uniquely identified. IP addresses are usually static, meaning it never changes, but sometimes your ISP may assign you a dynamic IP address, which will change every few months or so. If you open up ports on your router (for various purposes), it can leave your network vulnerable to certain attacks as long as the attackers know your public IP address.

Hiding your location: Your IP address can narrow your location down to the city you live in. In some cases, such as shared Wi-Fi (like on a college campus) or public Wi-Fi, the IP address can be more easily identified to the specific block or building you are in. Any internet connection made can see your IP address, and can automatically use that to attempt to locate you.

Encrypting your traffic: VPNs can allow your traffic to be encrypted, so that your ISP or other people connected to the same network can’t see which sites you visit or (in some cases) what data is sent. The reasons why this is important are too long to list, but you can work it out on your own.

Network based ad blocking: Some VPN providers allow you to block ads before they even reach your device, which can increase your loading times and save you data on metered connections. This can be achieved without a VPN through your own DNS filters, but it is a feature of VPNs too.

Access blocked content: VPNs can be used as a way to bypass censorship if your network regulates your traffic (such as at an office or school). A VPN can bypass these restrictions, allowing you to access content freely.

Accessing region-specific content: Content on streaming services such as Netflix, video sharing sites such as YouTube, or many other services may restrict what content is available to you based on your country. A VPN can allow you to bypass these restrictions in some cases.

Those can all be ways to enhance your privacy, security, anonymity, and freedom while browsing the internet. VPNs do come with some downsides, though.

What are the downsides of using a VPN?

When you browse the internet without a VPN, you are placing your trust in your ISP or cellular provider to uphold your privacy, and placing trust in the network devices such as your router to uphold your security. In practice, that is almost never the case. Using a VPN doesn’t automatically make it more trustworthy, but it does place that trust in the hands of your VPN provider instead. Some VPN providers are more trustworthy than others, but there are good options to choose from. You still have to trust an entity to uphold your privacy and security, but VPNs can be a much better place to keep that trust.

Not everyone may want to use a VPN though. Besides distrust, VPNs have other downsides. VPNs will slow down your internet speeds, may block certain functions such as torrenting, and may incriminate you in some countries. Ultimately, the choice to use a VPN is yours.

If you believe the upsides outweigh the downsides, then a VPN is a good tool to have. If your threat model requires anything a VPN provides, it’s an essential tool. Some functions of a VPN can be achieved through careful setup of a DNS and elite anonymity proxy, but VPNs will always be the easiest option.

Which VPN providers are the best?

There are currently 3 top VPN providers for privacy. All of them are open source, and all of them have their pros and cons. I haven’t listed every feature for each, but here are the notable differences:

Proton VPN

Proton VPN provides a free tier VPN with some functionality limited, as well as a premium tier if you have a Proton subscription. If you already have a Proton subscription already, and don’t mind putting all your eggs in one basket, Proton VPN is a good option.

Mullvad VPN

Mullvad VPN is probably the most private VPN available. It is only paid, but it allows you to pay any way you want, including cash and cryptocurrencies. No signup is required, because you are given a randomly generated account number for payment. You can regenerate the number at any time.

IVPN

IVPN is unique and relatively unknown. The main benefit I see is that it is the only VPN of these three that is available on Accrescent for Android, allowing you to have extra confidence in the integrity of the app. Eventually Mullvad VPN and Proton VPN will be available on Accrescent.

These VPNs will uphold your privacy and security, and won’t log your internet traffic. VPNs in the past have been used to aide law enforcement by handing over those logs, so it is good that these don’t.

Conclusion

VPNs can be an essential tool if you need them, and there are options that respect your privacy. Always be aware of the risks, no matter how trustworthy a VPN provider may be. Thank you for reading!

- The 8232 Project

  • MimicJar@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    11 days ago

    I really appreciate this post since I think many discussions about VPNs are misleading or treat them as a magic solution to all problems.

    I think you’ve given a fair outline of what a VPN.

    But, being the Internet, I have a few thoughts,

    Hiding your IP address: VPNs will replace your IP address with a random IP address assigned by the VPN provider.

    I don’t think the word “random” is needed. The IP address a VPN assigns is no more random than the IP address your ISP assigns. I think someone could see random and assume more security, which would be incorrect.

    IP addresses are usually static, meaning it never changes, but sometimes your ISP may assign you a dynamic IP address, which will change every few months or so.

    Last I knew ISPs still charged for static IP address, so most would be dynamic. Although often times a dynamic IP address is de facto static, since an ISP will never change it.

    If you open up ports on your router (for various purposes), it can leave your network vulnerable to certain attacks as long as the attackers know your public IP address.

    I think this should be a separate bullet point, since this is clearly security and not privacy. I think as a security point it needs further discussion. Really I imagine this only comes up in peer to peer connection scenarios. I don’t know if the denial of service attacks of old are still relevant.

    Encrypting your traffic: VPNs can allow your traffic to be encrypted, so that your ISP or other people connected to the same network can’t see which sites you visit or (in some cases) what data is sent. The reasons why this is important are too long to list, but you can work it out on your own.

    I think it’s important to clarify who you are encrypting your traffic from. Generally your traffic is already encrypted. DNS is often not encrypted.

    • The 8232 Project@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      ·
      10 days ago

      These are very valid points, thank you! I have some thoughts of my own, as well:

      The IP address a VPN assigns is no more random than the IP address your ISP assigns

      I probably should have clarified this. Free versions of VPNs change your IP with nearly every time you disconnect and reconnect, often finding the fastest one. Paid versions may allow you to select one yourself, or choose truly randomly.

      Last I knew ISPs still charged for static IP address, so most would be dynamic.

      I heard the opposite. If you find out any information about this, please let me know!

      I don’t know if the denial of service attacks of old are still relevant.

      Technically yes, but not from just spamming the ping command.

      Thanks!

      • MimicJar@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        10 days ago

        Re random IPs,

        Sure, but my point is there is no such thing as a “truly random” IP address. You receive an IP from your ISP or VPN provider, that provider has a pool of IP addresses. Dynamic means you get one from the pool. Static means you get the one reserved for you, from a similar pool. The security/privacy benefits are nearly zero and not worth highlighting as an advantage.

        Re static IP,

        https://nordvpn.com/blog/static-ip-vs-dynamic-ip-address/ says,

        Costly. Static addresses usually cost more for ISPs and consumers than dynamic IP addresses.