|
Let's talk again about VPN.....
#360385 - 11/14/16 06:10 AM
|
|
|
So I got side-tracked into this tonight, and looked up a bunch of stuff. I'm not certain of some things.
- There was an article about 'rolling your own', as Win7 on up has its own VPN feature. But this covers only those machines on your network, right? So surfing isn't secure.
- Let's say you shut down all your devices at night. When you next - or even firstly - connect to your VPN service, aren't you at risk?
- I think someone here suggested Hola. I haven't tried it. Has anyone?....experience?
- I thought internet service was by definition encrypted, and that providers didn't spy on you. At least, wasn't this originally the case?....wasn't at least early AOL like this?
|
Scifi frauds. SF illuminates.
_________________
Culture General Contact Unit (Eccentric)
|
|
|
Re: Let's talk again about VPN.....
[Re: Traso]
#360386 - 11/14/16 06:55 AM
|
|
|
> - There was an article about 'rolling your own', as Win7 on up has its own VPN
> feature. But this covers only those machines on your network, right? So surfing isn't
> secure.
>
> - Let's say you shut down all your devices at night. When you next - or even firstly
> - connect to your VPN service, aren't you at risk?
>
> - I think someone here suggested Hola. I haven't tried it. Has anyone?....experience?
>
> - I thought internet service was by definition encrypted, and that providers didn't
> spy on you. At least, wasn't this originally the case?....wasn't at least early AOL
> like this?
No technical stuff about it from me, but at this point in time, most VPN services aren't even secure. You need to read their fine print; the one I use advises that your account will be suspended if your found to be torrenting things through any of their servers not specifically designated for P2P. Further, any servers in North America or any British... places are likely not safe for such activity. If they aren't safe for that, I can't see them being safe at all, because it means they can connect you to your activity.
Hola doesn't look safe to me, because they're routing other people's traffic through you. Admittedly, I haven't looked into it beyond what's on their front page, and I haven't used it at all. They only advertise it for browsing it seems.
|
|
|
|
Re: Let's talk again about VPN.....
[Re: Traso]
#360387 - 11/14/16 09:35 AM
|
|
|
> So I got side-tracked into this tonight, and looked up a bunch of stuff. I'm not
> certain of some things.
>
> - There was an article about 'rolling your own', as Win7 on up has its own VPN
> feature. But this covers only those machines on your network, right? So surfing isn't
> secure.
>
> - Let's say you shut down all your devices at night. When you next - or even firstly
> - connect to your VPN service, aren't you at risk?
>
> - I think someone here suggested Hola. I haven't tried it. Has anyone?....experience?
>
> - I thought internet service was by definition encrypted, and that providers didn't
> spy on you. At least, wasn't this originally the case?....wasn't at least early AOL
> like this?
You can get something like an ASUS router or one of the many routers with an opensource package on them and have the whole network go out through a VPN if you want. You can also get pretty much any enterprise class router to do it too.
As TriggerFin points out your as at the mercy of whatever VPN network you choose.
Internet is only as secure as the ISPs lets it be and their upstream providers. They 100% have the capability to inspect all headers of packets. That is by IP/RFC design. Otherwise they would not know where to send your packets to. However, they can also look at the payload. Unless the payload is encrypted they can see everything. Even then the header will not be encrypted. They need to know your destination. Some ISPs have been known to rewrite the data as it comes back into your network so they can serve up advertisements. Now if you use sites that have https you can mitigate somewhat what the ISP and anyone they hand their packets to from seeing or manipulating the data.
The same holds true for the VPN. Except now the ISP can not see your payload as the VPN tunnel will be encrypted. They just see junk all streaming to 1 IP and the payload is encrypted. Remember you need the header to be legible by the ISP to know where to send it. A VPN just nests an IP packet inside of another IP packet as encrypted payload. But after that it is back to normal internet. It is up to you to encrypt your data and not trust your VPN either. VPN in this context only obscures you. It does not 100% hide you. It just changes your exit point onto the internet and removes your ISP from spying on you.
I doubt early dialup AOL had much, if any, encryption going on. They probably relied on the fact that phone companies are legally forbidden from listening in on calls. To listen in you need a warrant. That was merely a legal technicality issue not an actual technical one.
|
|
|
|
Re: Let's talk again about VPN.....
[Re: lharms]
#360458 - 11/18/16 07:29 PM
|
|
|
Quote:
You can get something like an ASUS router or one of the many routers with an opensource package on them and have the whole network go out through a VPN if you want. You can also get pretty much any enterprise class router to do it too.
As TriggerFin points out your as at the mercy of whatever VPN network you choose.
Internet is only as secure as the ISPs lets it be and their upstream providers. They 100% have the capability to inspect all headers of packets. That is by IP/RFC design.
Otherwise they would not know where to send your packets to. However, they can also look at the payload. Unless the payload is encrypted they can see everything. Even then the header will not be encrypted. They need to know your destination. Some ISPs have been known to rewrite the data as it comes back into your network so they can serve up advertisements. Now if you use sites that have https you can mitigate somewhat what the ISP and anyone they hand their packets to from seeing or manipulating the data.
The same holds true for the VPN. Except now the ISP can not see your payload as the VPN tunnel will be encrypted. They just see junk all streaming to 1 IP and the payload is encrypted. Remember you need the header to be legible by the ISP to know where to send it. A VPN just nests an IP packet inside of another IP packet as encrypted payload. But after that it is back to normal internet. It is up to you to encrypt your data and not trust your VPN either. VPN in this context only obscures you. It does not 100% hide you. It just changes your exit point onto the internet and removes your ISP from spying on you.
Okay, so how do I encrypt it? I mean, basically, what is the securest set of methods?
|
Scifi frauds. SF illuminates.
_________________
Culture General Contact Unit (Eccentric)
|
|
|
So what are you using? (nt)
[Re: TriggerFin]
#360459 - 11/18/16 07:30 PM
|
|
|
|
Scifi frauds. SF illuminates.
_________________
Culture General Contact Unit (Eccentric)
|
|
|
Re: So what are you using? (nt)
[Re: Traso]
#360461 - 11/18/16 07:43 PM
|
|
|
I'm not going to say, because I got a very-low-cost lifetime deal that no longer exists, and I'm not sure I'd recommend them, since they've added an extra fee for P2P (still included in my deal) and just changed their name, forcing everyone to make "new" accounts.
|
|
|
|
Re: Let's talk again about VPN.....
[Re: Traso]
#360469 - 11/19/16 03:05 AM
|
|
|
>
> Okay, so how do I encrypt it? I mean, basically, what is the securest set of methods?
That will depend on your VPN provider. They will either give you a password and it will negotiate the session up front using IPSec, PPTP or L2TP. The other way is they give you a file (ovpn for openvpn) with a preshared key and you use that. It looks like some VPN setups have their own router firmware. Not sure I would go with something like that. Some give you a package that you install on your computer and it works only on that computer.
Basically just think of it as a virtual router. That virtual router only talks to another software virtual router. If you setup the IP routing tables correctly all of your traffic will goto the local virtual router. The connection between the virtual routers is encrypted.
What is 'the best' will again depend on your provider. I swiped this from one that sells it 'For L2TP/IPSec it is AES-256. For OpenVPN – 2048 bit SSL encryption. PPTP uses MPPE-128 encryption' OpenVPN is probably the most flexible and most up to date and easy enough to say do not use older methods. It has been awhile but I think it has about 20 different methods it can use. I would defer to the VPN providers which one to pick. As that sort of thing changes pretty quickly.
|
|
|
|
Re: So what are you using? (nt)
[Re: Traso]
#360470 - 11/19/16 04:44 AM
|
|
|
My lifetime account is with VPN unlimited. Granted, I only use it to bypass region restrictions when needed.
For torrents, I use a seed box. dediseedbox has a light plan for $15 a month. I either upload a .torrent file or paste in a magnet link. It often finished in seconds, then I download from it via sftp. By default, my seedbox doesn't actually seed public torrents, but it does seed torrents from private trackers. I've never received a notice or warning since using the service, even when grabbing Game of Thrones...
|
Just broke my personal record for number of consecutive days without dying!
|
|
Index 
Threaded 
Let's talk again about VPN.....
Reply
[Re: 
