benefit of hiding a user’s Internet Protocol address — which includes their general location — from the websites they visit.
Correct, but they go on to
But that’s no longer the problem it once was. Most browsers have quietly implemented an added layer of security in recent years that automatically encrypts internet traffic at most sites with a technology called HTTPS.
Uh, that's not how HTTPS works. Definitely does not hide a users IP address from websites they visit.
I'm as much interested in VPN use as anything to keep the nosy ISP data loggers out of my traffic. Because I trust the VPN provider to not log and sell my data more so than my ISP. Misplaced trust? Perhaps. I don't use VPN for everything anyway.
VPNs, or virtual private networks, continue to be used by millions of people as a way of masking their internet activity by encrypting their location and web traffic.
But on the modern internet, most people can safely ditch them, thanks to the widespread use of encryption that has made public internet connections far less of a security threat, cybersecurity experts say.
The author seems to be generalizing from the specific (you don't need a VPN to not have your data stolen by some asshole on the coffee shop WiFi) to a much wider issue (you don't need a VPN for privacy).
What should make us even more skeptical of this article is that NBC's parent company Comcast stands to lose from widespread adoption of VPNs, because even with HTTPS connections they can still harvest data about what sites people visit and sell that data unless people opt out.
“Most commercial VPNs are snake oil from a security standpoint,” said Nicholas Weaver, a cybersecurity lecturer at the University of California, Berkeley. “They don’t improve your security at all.”
Yeah, there are a lot of shitty VPNs. The takeaway shouldn't be don't use VPNs but instead do your research as it should be with any major purchase.
As to the last point, there are websites you can use to check if your IP or other browser data is "leaking". If they can't get your information then your VPN is working as promised. Use double-VPN if you're really paranoid.
I saw an article claiming this within the past month or two. This may or may not be the same article. The claim it's making is that is that the defense VPNs provide against hackers on public Wi-Fi networks is made redundant by HTTPS. I don't know enough about the technical stuff to evaluate that claim, but it doesn't mention the privacy risk of your ISP monitoring your browsing habits. It's a significant omission, even if the author isn't necessarily lying.
VPN is basically a virtual router: you send all your traffic through the VPN server, and it makes it appear as though the traffic originated from there rather than your computer. The only thing the VPN secures is the traffic to and from your computer to the VPN server.
The main benefit of course is that this somewhat obscures the origin of network traffic. So if you access a glowie website the glowies have to find out from the VPN provider which of their customers was accessing it. So you would need some level of assurance/trust that the VPN provider was more trustworthy than your ISP.
However your browser also has ways of uniquely identifying your computer, so for the VPN to truly work you have to make sure you only access glowie websites using the VPN. If you ever access them using just your ISP you pretty much give the game away.
The original big market for VPNs was people who wanted to watch TV shows and movies that were available on foreign versions of Netflix. Or BBC stuff that was region-locked to the UK. People would find a VPN in the "correct" country and the service wouldn't know the difference (until they started blacklisting known VPN IP addresses).
If you ever access them using just your ISP you pretty much give the game away.
I don't trust any of the "big tech" sites either, and assume they share data with intelligence agencies. If you are logged in to those sites on any browser tabs while connected to VPN, they've already profiled you and can follow you across VPN/ISP connections. They can't read from your end but the website knows what you did.
Yes true: the "big tech" sites also have ways to track what you do on other sites.
If I were going to do something nefarious, it would be with a dedicated computer that I never connected to my home network and never logged into "big tech" sites using my primary account. And when I wasn't using it would be unplugged with the battery removed.
And even then there's the possibility they do some underhanded shit like try to fingerprint mouse movements or the way you type. Ever since I took this online quiz 20 years ago that asked regional dialect questions and tried to guess where you grew up and it accurately did so within 50 miles (and the runner-up guess was were my mom grew up) I've wondered just how much hidden information there is to be gleaned from how simply how we interact with the computer.
Hell you could probably fingerprint people with a bunch of "what color is the dress?" style questions asked as part of a captcha.
This has actually been common advice for some time now, but for some reason over the past couple days a couple news articles have been written about it and now everyone's acting like it's a conspiracy. It doesn't help that the articles are written poorly and don't really explain the situation well, in addition to coming from not trusted sources.
The best thing to do is to get an understanding of what a VPN does and doesn't do, and the pros and cons.
If your concern is your banking passwords being grabbed while you use public wi-fi, you don't need a VPN. This information is already encrypted.
If your concern is your ISP knowing which genre of porn video you watch on pornhub, you don't need a VPN. This information is already encrypted.
If your concern is Facebook reading your messages on Facebook Messenger, you don't need a VPN. They can read these messages whether you use a VPN or not.
If your concern is your ISP knowing that you go to pornhub, defensedistributed, etc. (any domain), then a VPN may be beneficial to you.
If your concern is your ISP seeing the files you torrent, then a VPN may be beneficial to you.
If your concern is websites knowing your rough location, then a VPN may be beneficial to you.
But the biggest thing people need to realize about using a VPN is that it does not completely hide you and what you're doing, it only shifts who has access to it. Anything that the ISP can see when your VPN is turned off, your VPN provider can see when your VPN is turned on. So if you have a reason to distrust your ISP and to trust whichever VPN provider you choose, then go for it, but remember that this information is still available somewhere, it's just a matter of where.
If your concern is your ISP knowing which genre of porn video you watch on pornhub, you don't need a VPN. This information is already encrypted.
...
If your concern is your ISP knowing that you go to pornhub, ..., then a VPN may be beneficial to you.
These two don't quite match because without a VPN your ISP can still see your URLs and that's enough to know what you you're looking at, even if they cant see the specific images you've accessed.
Without a VPN, your ISP can see the base level domain that you visit, but nothing further (assuming https is used).
So it the latter example, if your concern is the ISP knowing that you view porn at all, then a VPN will be prevent your ISP from seeing that you went to "pornhub(dot)com"
But if you don't care that your ISP sees that you watch porn, but really don't want them to know that you watch interracial tranny porn, then you don't need a VPN, like the former example. Your ISP will see that you went to pornhub(dot)com, and they'll see how much data you streamed from there, but they wont' know what you streamed from there, or the exact URL to the videos you watched. This information is already encrypted as is (https).
But again, anything that the ISP sees can now be seen by the VPN provider when you use it. So if your concern is nobody being able to find out that you watch porn on pornhub(dot)com, a VPN won't do you any good.
EDIT: I reread your response and I think I see where you confusion is:
With https and no VPN, your ISP can see that you went to "https://www.youtube.com" but cannot see that you went specifically to "https://www.youtube.com/watch?v=GHoqIa1TJ9w" That part after the slash is not visible to your ISP as long as https is used. They can only see the base level domain.
The correct takeaway isn't that news media is stupid. It's that news media is evil. They don't get the story exactly backwards because they are confused. They inverted the story on purpose because they are satanists.
Correct, but they go on to
Uh, that's not how HTTPS works. Definitely does not hide a users IP address from websites they visit.
I'm as much interested in VPN use as anything to keep the nosy ISP data loggers out of my traffic. Because I trust the VPN provider to not log and sell my data more so than my ISP. Misplaced trust? Perhaps. I don't use VPN for everything anyway.
The author seems to be generalizing from the specific (you don't need a VPN to not have your data stolen by some asshole on the coffee shop WiFi) to a much wider issue (you don't need a VPN for privacy).
What should make us even more skeptical of this article is that NBC's parent company Comcast stands to lose from widespread adoption of VPNs, because even with HTTPS connections they can still harvest data about what sites people visit and sell that data unless people opt out.
Yeah, there are a lot of shitty VPNs. The takeaway shouldn't be don't use VPNs but instead do your research as it should be with any major purchase.
As to the last point, there are websites you can use to check if your IP or other browser data is "leaking". If they can't get your information then your VPN is working as promised. Use double-VPN if you're really paranoid.
i only use china vpn, you can say anything you want about politicians as long as you only criticise trumpf
Do you have a specific VPN you recommend?
Mullvad
I saw an article claiming this within the past month or two. This may or may not be the same article. The claim it's making is that is that the defense VPNs provide against hackers on public Wi-Fi networks is made redundant by HTTPS. I don't know enough about the technical stuff to evaluate that claim, but it doesn't mention the privacy risk of your ISP monitoring your browsing habits. It's a significant omission, even if the author isn't necessarily lying.
VPN is basically a virtual router: you send all your traffic through the VPN server, and it makes it appear as though the traffic originated from there rather than your computer. The only thing the VPN secures is the traffic to and from your computer to the VPN server.
The main benefit of course is that this somewhat obscures the origin of network traffic. So if you access a glowie website the glowies have to find out from the VPN provider which of their customers was accessing it. So you would need some level of assurance/trust that the VPN provider was more trustworthy than your ISP.
However your browser also has ways of uniquely identifying your computer, so for the VPN to truly work you have to make sure you only access glowie websites using the VPN. If you ever access them using just your ISP you pretty much give the game away.
The original big market for VPNs was people who wanted to watch TV shows and movies that were available on foreign versions of Netflix. Or BBC stuff that was region-locked to the UK. People would find a VPN in the "correct" country and the service wouldn't know the difference (until they started blacklisting known VPN IP addresses).
I don't trust any of the "big tech" sites either, and assume they share data with intelligence agencies. If you are logged in to those sites on any browser tabs while connected to VPN, they've already profiled you and can follow you across VPN/ISP connections. They can't read from your end but the website knows what you did.
Yes true: the "big tech" sites also have ways to track what you do on other sites.
If I were going to do something nefarious, it would be with a dedicated computer that I never connected to my home network and never logged into "big tech" sites using my primary account. And when I wasn't using it would be unplugged with the battery removed.
And even then there's the possibility they do some underhanded shit like try to fingerprint mouse movements or the way you type. Ever since I took this online quiz 20 years ago that asked regional dialect questions and tried to guess where you grew up and it accurately did so within 50 miles (and the runner-up guess was were my mom grew up) I've wondered just how much hidden information there is to be gleaned from how simply how we interact with the computer.
Hell you could probably fingerprint people with a bunch of "what color is the dress?" style questions asked as part of a captcha.
This is why I use IPoAC to connect to my VPN.
11 minutes round trip is a very good IPoAC rate. Who's your ISP?
Bob Stroud
Lying by Omission is very much a real, legal-term thing…
Not sure if that’s what they were definitely intentionally doing, here, but it stands...
Lol.
Anyone who trusts the news megacorps for information will end up medically retarded.
This has actually been common advice for some time now, but for some reason over the past couple days a couple news articles have been written about it and now everyone's acting like it's a conspiracy. It doesn't help that the articles are written poorly and don't really explain the situation well, in addition to coming from not trusted sources.
The best thing to do is to get an understanding of what a VPN does and doesn't do, and the pros and cons.
If your concern is your banking passwords being grabbed while you use public wi-fi, you don't need a VPN. This information is already encrypted.
If your concern is your ISP knowing which genre of porn video you watch on pornhub, you don't need a VPN. This information is already encrypted.
If your concern is Facebook reading your messages on Facebook Messenger, you don't need a VPN. They can read these messages whether you use a VPN or not.
If your concern is your ISP knowing that you go to pornhub, defensedistributed, etc. (any domain), then a VPN may be beneficial to you.
If your concern is your ISP seeing the files you torrent, then a VPN may be beneficial to you.
If your concern is websites knowing your rough location, then a VPN may be beneficial to you.
But the biggest thing people need to realize about using a VPN is that it does not completely hide you and what you're doing, it only shifts who has access to it. Anything that the ISP can see when your VPN is turned off, your VPN provider can see when your VPN is turned on. So if you have a reason to distrust your ISP and to trust whichever VPN provider you choose, then go for it, but remember that this information is still available somewhere, it's just a matter of where.
...
These two don't quite match because without a VPN your ISP can still see your URLs and that's enough to know what you you're looking at, even if they cant see the specific images you've accessed.
Read them carefully.
Without a VPN, your ISP can see the base level domain that you visit, but nothing further (assuming https is used).
So it the latter example, if your concern is the ISP knowing that you view porn at all, then a VPN will be prevent your ISP from seeing that you went to "pornhub(dot)com"
But if you don't care that your ISP sees that you watch porn, but really don't want them to know that you watch interracial tranny porn, then you don't need a VPN, like the former example. Your ISP will see that you went to pornhub(dot)com, and they'll see how much data you streamed from there, but they wont' know what you streamed from there, or the exact URL to the videos you watched. This information is already encrypted as is (https).
But again, anything that the ISP sees can now be seen by the VPN provider when you use it. So if your concern is nobody being able to find out that you watch porn on pornhub(dot)com, a VPN won't do you any good.
EDIT: I reread your response and I think I see where you confusion is:
With https and no VPN, your ISP can see that you went to "https://www.youtube.com" but cannot see that you went specifically to "https://www.youtube.com/watch?v=GHoqIa1TJ9w" That part after the slash is not visible to your ISP as long as https is used. They can only see the base level domain.
and if the isp is selling to google... that can also be a concern for some people.
I mean, a lot of the claims from VPNs aren't any better.
What we need is far more options for high-speed internet, globally.
NYT ran a story encouraging people to give up their VPNs as well:
https://archive.fo/tooQH
The correct takeaway isn't that news media is stupid. It's that news media is evil. They don't get the story exactly backwards because they are confused. They inverted the story on purpose because they are satanists.