Computer Help and Support

douglas9

(4,474 posts) Sun Jan 2, 2022, 05:13 PM Jan 2022

Here's why you probably don't need to rely on a VPN anymore

VPNs, or virtual private networks, continue to be used by millions of people as a way of masking their internet activity by encrypting their location and web traffic.

But on the modern internet, most people can safely ditch them, thanks to the widespread use of encryption that has made public internet connections far less of a security threat, cybersecurity experts say.

“Most commercial VPNs are snake oil from a security standpoint,” said Nicholas Weaver, a cybersecurity lecturer at the University of California, Berkeley. “They don’t improve your security at all.”

It’s a development that highlights how the cybersecurity landscape has changed: Hackers are less likely to target people’s individual devices and instead focus on the login information to their most important accounts.

For years, experts warned it was dangerous for average people to use the Wi-Fi at a public place like a coffee shop without taking steps to obscure their internet traffic. Someone sharing a Wi-Fi network with strangers was essentially sharing all their traffic with others who were using it. If someone decided to check their bank balance, for example, they ran the risk of a nearby hacker being able to steal sensitive information.

https://www.nbcnews.com/tech/internet/vpns-encryption-wifi-rcna9348

8 replies

= new reply since forum marked as read

Highlight:

Here's why you probably don't need to rely on a VPN anymore (Original Post) douglas9 Jan 2022 OP

VPNs also prevent the ISP from logging of all domains visited. TheBlackAdder Jan 2022 #1

DNS over HTTPS CloudWatcher Jan 2022 #2

I've been a donor to EFF for years. AT&T is the number 1 NSA collaborator, followed by Microsoft. TheBlackAdder Jan 2022 #5

Ah, what??? CloudWatcher Jan 2022 #7

This article is close to no redeeming tangible value Tetrachloride Jan 2022 #3

Yep. IrishAfricanAmerican Jan 2022 #4

You know what they say about experts: X is an unknown quantity and a SPIRT is a drip under pressure TheBlackAdder Jan 2022 #6

Yeah ... no, I disagree CloudWatcher Jan 2022 #8

TheBlackAdder

(28,910 posts)

1. VPNs also prevent the ISP from logging of all domains visited.

Reply to douglas9 (Original post)

Sun Jan 2, 2022, 05:37 PM

Jan 2022

.

VPNs also mask where you are connecting.

And if done right, in conjunction with proper virtual OS builds the identity of the machine too.

.

CloudWatcher

(1,923 posts)

2. DNS over HTTPS

Reply to TheBlackAdder (Reply #1)

Sun Jan 2, 2022, 05:49 PM

Jan 2022

The latest domain-name lookup software can use encrypted connections to your DNS server so that the ISP's can't sniff what domains you are looking up.

It's not the default yet, but it's becoming more common.

How to enable it with Chrome:
https://www.digitalcitizen.life/dns-over-https-secure-dns-lookups/

And in Windows-11
https://www.bleepingcomputer.com/news/microsoft/windows-11-includes-the-dns-over-https-privacy-feature-how-to-use/

TheBlackAdder

(28,910 posts)

5. I've been a donor to EFF for years. AT&T is the number 1 NSA collaborator, followed by Microsoft.

Reply to CloudWatcher (Reply #2)

Sun Jan 2, 2022, 06:11 PM

Jan 2022

.

And then it's Google.

I'll stick with 3rd Party for now.

.

CloudWatcher

(1,923 posts)

7. Ah, what???

Reply to TheBlackAdder (Reply #5)

Sun Jan 2, 2022, 06:19 PM

Jan 2022

DNS over HTTPS is not Google, nor AT&T, nor Microsoft.

It's a security standard and you can pick whatever secure DNS server you want to be on the other end of your connection.

If you want to be really paranoid, consider where some of the major VPN's are located (I forget which one, but one (more?) of the majors is based in Hong Kong.. Yeah I want **ALL** my traffic going to China).

Tetrachloride

(8,447 posts)

3. This article is close to no redeeming tangible value

Reply to douglas9 (Original post)

Sun Jan 2, 2022, 05:53 PM

Jan 2022

i can name 15 people in my contact list for whom a
VPN is important if not vital.

The article is empty calories.

For tangible information of value, see a local consultant.

IrishAfricanAmerican

(4,171 posts)

4. Yep.

Reply to Tetrachloride (Reply #3)

Sun Jan 2, 2022, 06:02 PM

Jan 2022

TheBlackAdder

(28,910 posts)

6. You know what they say about experts: X is an unknown quantity and a SPIRT is a drip under pressure

Reply to Tetrachloride (Reply #3)

Sun Jan 2, 2022, 06:13 PM

Jan 2022

CloudWatcher

(1,923 posts)

8. Yeah ... no, I disagree

Reply to Tetrachloride (Reply #3)

Sun Jan 2, 2022, 06:43 PM

Jan 2022

The focus of the article is that most web traffic now uses HTTPS and not HTTP. So the
content of that traffic is no longer subject to sniffing. That's true.

It does mention the other uses of VPN (location hiding, et al). And that those reasons persist.

It doesn't mention DNS lookups, but that's not uncommon in articles like this.

It also doesn't mention that HTTPS traffic hides the content but not the addresses of the
traffic. If it did that, then they'd also have to mention that more and more of the content
of the Internet is now hosted by CDNs (content delivery network), so even knowing the IP
address of who you're talking with is often not the same as knowing what "host" you are
talking with.

It also mentions that the ads for VPNs are garbage. That's absolutely true. It's astonishing
how much fear they try and instill and how inflated they say their value-added is.

Sadly I've rarely read a good review of the risks of using a VPN. You're putting a lot of
trust in that vendor.

Reply to this discussion