• @[email protected]
    link
    fedilink
    English
    5711 months ago

    This article is basically summed up: “VPNs don’t completely eliminate your digital footprint, so don’t use them unless you need to accomplish these specific things.”

    It seems pretty disingenuous to discourage people from taking steps to protect their privacy in this way. It may not be sponsored, but it’s still bullshit.

    • @[email protected]
      link
      fedilink
      English
      2
      edit-2
      11 months ago

      There’s a whole segment of humanity who refuse to do anything. Perfect is the enemy of good in their mind. Better to do nothing than not be perfect.

      You don’t need curtains… most people are polite enough not to watch you, and peeping toms are already illegal. Besides a peeping tom could break into your house at any time, so curtains are pointless.

    • @[email protected]OP
      link
      fedilink
      English
      -711 months ago

      VPNs don’t really protect your privacy though, except in cases where you’ve already eliminated other means of tracking (e.g. fresh incognito browser tab + VPN). Every website and service I use still has a record of my activity if I’m logged in, advertiser networks have other means of tracking you, etc.

      The issue is buying a VPN and thinking that’s the end of it.

      • @[email protected]
        link
        fedilink
        English
        3211 months ago

        It protects your ip address, and your ISP from knowing what you’re doing. It also protects you on public wifi from nefarious actors. VPN’s aren’t meant to protect you from Google advertising while checking your Gmail account…

        • @[email protected]OP
          link
          fedilink
          English
          -811 months ago

          Are there attack vectors through public Wi-Fi in recent history? Now that most sites and services are HTTPS there’s nothing they can do except do network-level blocks.

          • @[email protected]
            link
            fedilink
            English
            -3
            edit-2
            11 months ago

            Unless they intercept the handshake as a proxy and have access to everything after that. The average Starbucks employee is not doing this.

            An Israeli spy tracking down an arms dealer might figure out how to do this at a hotel the target was using, but the arms dealer would know that.

            Edit: I think some vps would notice this happening, fwiw.

            • @[email protected]
              link
              fedilink
              English
              311 months ago

              Unless they intercept the handshake as a proxy and have access to everything after that.

              You’re thinking of a MitM proxy, and generally speaking what you described is not a risk when using public wifi.

              There are two ways you can set up a MitM proxy:

              1. Forward all traffic back to the user unencrypted (over HTTP)
              2. Forward all traffic back to the user encrypted (with HTTPS)

              The first option will result in prominent warnings in all modern browsers. If the sites in question implemented HSTS and the user has visited them before, the browser will outright refuse to load them.

              The second option will result in even more prominent warnings that you have to go out of your way to bypass in all browsers. The only way it wouldn’t would be if one or more of the following is true:

              1. your computer has already been compromised and root certificates were installed, such that the proxy owner could use it to sign the certificates
              2. if a certificate authority was compromised, or
              3. if the site itself was compromised (e.g., if the attacker was able to acquire the SSL cert used for the site or the credentials necessary to generate a new, trusted one).
              • @[email protected]
                link
                fedilink
                English
                111 months ago

                Hence “won’t happen at Starbucks, might if Mossad is after you”. Thanks for adding the details. I feel like most people think vpns are magic but also radically overestimate their personal risk.

      • @[email protected]
        link
        fedilink
        English
        311 months ago

        They certainly increase your privacy.

        Nothing “protects”, that’s an absolute. Everything we do are steps toward increasing privacy.