Question about selecting a VPN
I have (gasp!) not been using a VPN because, well, $ and I never knew which one to use. I had read that one needed to look where the servers are located.
Firefox just sent me a notification that they have a VPN. I have been using FF less often as I had heard about some of their security issues. The spam, junk emails, phone calls, and texts are driving me NUTS. While I understand a VPN may not necessarily solve this, the targeted ads right after I discussed a subject with someone is alarming to me.
FF VPN--840 servers. List is mostly innocuous IMHO until I see Hong Kong and Hungary on the list. Aren't those countries pretty likely to have a connection to China (the former) and Hungary's RW government? What about some of the ones in the US in states like TX and FL where privacy is not so important?
Sorry, I am a total noob to this stuff and appreciate any guidance. Thank you.
TreasonousBastard
(43,049 posts)gets to Hong Kong, so that should be small concern. Larger concerns are all the people trying to make money off of you, vpn or not.
My primary browser is still Opera, which includes a vpn of sorts, but I also use Firefox, Vivaldi, and Brave, which all have snooping protections.
Truth is, there is huge argument raging, and aside from some agreement on slowing down due to all this bouncing around servers, not everyone is convinced we all need the protection of a vpn.
AllyCat
(17,102 posts)So I thought about that...I know nothing about the VPN that comes with Opera. Would it have the same issues I had raised about being linked to outside places that are less than transparent.
Do you trust it TB? Sounds like it comes with the browser and I was not sure if a kid should be using it.
Thank you for your response!
I figure a VPN might be useful for banking, health (mychart), and taxes at a minimum. Financial stuff and health stuff. Maybe using DU?
TreasonousBastard
(43,049 posts)vpns, browser based or otherwise. Nothing makes me think they're so great, either. For banking, I use my bank's app. The bank should have better security than I can afford. Taxes the same way. Health I don't know.
Your browser should have some indication that there's some innate security when you're connected to an "https" site. At any rate, I wouldn't lose a lot of sleep over it.
CloudWatcher
(1,923 posts)Just a few below. Buyer beware.
That's exactly what happened earlier this month, when Hong Kong-based VPN provider UFO VPN was found by Comparitech to be keeping detailed information on its users. A database of usage logs -- including account credentials and potentially user-identifying information -- was exposed. To make matters worse, six more VPNs -- all of which were apparently sharing a common "white label" infrastructure with UFO -- were also reportedly logging data, according to The Register.
IPVanish is one of the most popular VPN services available and one of its main appeals is the fact that it claims that it doesnt keep any logs. Unfortunately, recent events indicate that the provider may not live up t its claims. In June 2016, IPVanish was involved in an incident in which logs were handed over to authorities in the United States. Before we move on to the details of the story, it is worth noting that after this happened, IPVanish was acquired by a new company, which states that it can confirm that no logs are kept at all. Still, the revelations have caused concern among VPN users and even before the mentioned incident took place, IPVanish was already saying that it was a no logs VPN solution.
With the growing interest in online privacy and security, there are new VPN services popping up every week, promising 100% online anonymity and a secure and private browsing experience. And of course, youll find plenty of fake reviews on various best VPN websites to tell you theyre legit.
Unfortunately, Ive found that many VPNs are misleading people with false marketing claims, sales gimmicks, and various scams. And because VPNs are often located in overseas jurisdictions, they will probably never be held accountable for dishonest marketing and/or outright fraud.
That last one includes a link to what appears to be a legit review of VPN services by someone that knows: https://restoreprivacy.com/vpn/best/
TreasonousBastard
(43,049 posts)Missing is thr bad thing resulting from all this. Who lost money or reputation?
Is any of these operations worse than what Google, Facebook, or Amazon does on a regular day?
Fwiw, every so often I go online to buy something and the "nearest store" is in NJ or Indiana. How'd it figure thaf?
CloudWatcher
(1,923 posts)Chinese owned companies might be fine. Just not for me. And if you're on a Chinese government hit list, not for you. I'd tell you what I think of China, but I'd probably get tombstoned.
Is any of these operations worse than what Google, Facebook, or Amazon does on a regular day?
Let's see ... Google? I use Duck Duck Go for searching. Kinda hate the rest of their ecosystem. Youtube spreads almost as much mis-info as real. Facebook? I closed my account years ago. Amazon? Pure evil, closed my account years ago as well.
Fwiw, every so often I go online to buy something and the "nearest store" is in NJ or Indiana. How'd it figure thaf?
Well there's Geolocation. There are multiple services that can take your internet address and return a latitude/longitude. They're sometimes very accurate, sometimes no-so-much. Usually they get it to within a few miles. And if you've got a mobile device that has enabled location sharing, it's often accurate within a few meters. They'll use WiFi and cell phone signals to get closer. But I've also seen really bad implementations where fails (and doesn't notice) and places you out in the middle of nowhere. E.g. Null Island : https://en.wikipedia.org/wiki/Null_Island
TreasonousBastard
(43,049 posts)that they turn to Google when they can't find enough stuff on their own.
My point is simply that once you've stepped on to this path, all roads are open. You just can't see most of them.
CloudWatcher
(1,923 posts)Well I've noticed a great improvement in (lack of) targeted ads since I switched to Duck Duck Go.
I'm skeptical that DDG ever queries Google for search results. I've had to manually query Google sometimes when the results from DDG are skimpy. It's a rare thing, but happens occasionally.
And yeah, it's a continuing fight to keep some privacy. I'm very old school and have a long list of things that are just not-their-business. Lol, I don't even do loyalty cards at grocery stores. Guess I'm an edge case.
But with VPNs there can be lives at stake. E.g. activists being hunted down when the VPN they thought was secure was compromised.
mitch96
(14,653 posts)https://www.vpnmentor.com/blog/companies-secretly-own-dozens-vpns/
YMMV I only know what I read on the internets google machine...
m
CloudWatcher
(1,923 posts)Using an untrusted VPN service is adding risk to your environment, not reducing it. I personally would
never trust a VPN service in Hong Kong or any totalitarian state. Hell, I usually don't trust them anyway
and use them only for specific testing.
The VPNs act as a relay for you and cause the remote system (that you're using) to see the VPN address instead of yours.
But as a result, all of your traffic goes to the VPN servers who "see" all of your packets. It's a great single-point of attack for someone that wants to spy on your traffic.
Normally the contents of your traffic will be encrypted until it reaches the final destination. But just the contents, not the envelope containing the "to" and "from" addresses that direct the packet to its destination. The VPN service will know both your real network address and which site you are using.
And they'll also (usually) see your domain-name system lookups. E.g. when your computer looks up the network address for "whistle-blower.com" or "top.secrets.newspaper.com". The VPN service will know when you're connecting with those sites.
And of course, there's the issue that most VPN services want you to install *their* software on your device(s). So who knows what malware it contains if the VPN service is evil or compromised.
And then there is "man in the middle" where if the VPN is seriously evil, it can pretend to be the site you want to connect with and decrypt all of the traffic ... including the contents.
For more a little more info ...
https://security.stackexchange.com/questions/20948/can-a-vpn-decrypt-my-ssl-traffic#20955
Captain Zero
(7,505 posts)for a two year license on one laptop.
I always switch AV when in the second year they want to jack the price to $78 or some such so I was pleasantly surprised by two years and the vpn, and a cleaner utility too.
Now I'm not sure about the locations. Doesn't seem like there a lot in the US, but enough to switch around some, and I have used Toronto too, and it was fine. I'm in a Great Lakes State.