Virtual Private Networks - VPN

[railfancwb]

Periodically receive ads for subscriptions to VPNs.

One I received this morning offered one month free trial, mentioned their “over 5400 servers worldwide” and didn’t mention the monthly after the free trial ends.

How does a VPN work? If I was using one, how would it affect my BoreSite activity, for example? And my emails and texting in general?

Thanks

[pipedreams]

1 hour ago, railfancwb said:

Periodically receive ads for subscriptions to VPNs.

One I received this morning offered one month free trial, mentioned their “over 5400 servers worldwide” and didn’t mention the monthly after the free trial ends.

How does a VPN work? If I was using one, how would it affect my BoreSite activity, for example? And my emails and texting in general?

Thanks

Quick answer is no it doesn't affect your activities.  Longer answer you need to understand it how it works since you will have to get used to it.  Nothing difficult  but if I make an online purchase the vendor will send me a email or text to verify it me since the IP address  location doesn't match the zip code of my  shipping to address.  Also you might notice  slower speeds since the connection is going though additional servers. 

The best simple answer I can give you, maybe others will provide additional info.  I use double VPN most of the time and have very few problems.  Double VPN means your going through two remote servers one usually domestic and the other foreign.

[minderasr]

Simple explanation.  When you connect to any internet site, your internet provider (IP) can see which sites you connected to.  They can then target you with ads based on the sites you visited.

Think of a VPN as a tunnel.  Through that tunnel you connect to your favorite internet sites via a secure encrypted connection.  All your IP can see is the one connection the that VPN node.

VPNs are especially important if you ever connect to public/free Wi-Fi.

If you do decide to go the VPN route, be sure to find one that DOES NOT LOG CONNECTIONS.  They all charge a monthly fee, but sometimes you can land discounts if you purchase a year or more of service at a time.  On the rare occasion you can land a life-time license on the cheap.  But this is rare.

Proton VPN is a strong contender.  I use Proton mail (paid) and I'm very happy with it.  Finally ditched Gmail for Proton Mail.  I don't use their VPN because I was able to land one of those life-time VPN licenses (with Windscribe) I mentioned.

[Eric]

I routinely block access to the server from most of the rest of the world, so most international VPN proxies will not be able to access the site. Most domestic IP numbers will be able to though, unless I have blocked them for suspicious activity.
 

I have nothing against VPN services. I use one occasionally myself. I wouldn’t access the Internet using a public wi-fi hotspot without a VPN connection securing the connection. The VPN provides an encrypted tunnel from your device to whatever VPN access point you are currently using. Traffic to and from you appears to originate and end end up at that point. This gives you protection on untrusted wi-fi networks. Of course, you then have to trust that the VPN service you are using is shooting straight dice, so choose one with a good rep.

VPNs provide you some protection online, but from the perspective of webmasters like me, they are often used for nefarious purposes. A lot of the spam and hacking attempts I have to contend with originate from VPN proxies. When someone screws with my network, I usually block the offending IP number and a chunk of its subnet and since a lot of attempts against my server come from VPN proxies, a lot of even the domestic VPN proxies cannot reach my server. If you choose to use a VPN and can’t reach the site, choose another domestic VPN access node and try again. If it works here at all, it will work fine.

Generally speaking, IP numbers used with VPN access services have bad reputations. They end up on spam RBL lists, hacking lists, etc. If you use a VPN service, you may find that you can’t access sites and systems with higher security, or you may have to jump through additional hoops to do so. Sites like iCloud or Yahoo or GMail, sites for financial institutions etc, are more likely to have security in place that may take issue with VPN IP numbers on watchlists. Apps on mobile devices that log in securely to systems online might take issue as well.

I think that using a VPN is a good idea for someone who spends time on unsecure wi-if networks. Most people need to utilize a VPN service to have access to VPN technology. If you do, choose wisely. You necessarily give a VPN company access to everything you do online. You don’t have to use a VPN service though. VPN is just an encrypted point-to-point tunneling system using one of several protocols, like IPsec or PPTP. A lot of your ISP routers at home or work are capable of establishing a VPN connection and then you don’t have a third-party company camped out in the middle of your connection. When you establish a connection with a VPN at say your home or work, you have local access to that network and your internet traffic comes to and from that point. This local access of course means you can do the things you could do if you were there physically, like access and transfer files, access printers, etc. 

[syntaxerrorsix]

VPN's are good for public wifi and masking your geolocation from streaming services.  The good ones don't store your history, some do.  You are simply trading your ISP's privacy policy for the VPN's privacy policy.  I use ExpressVPN.  One thing that sucks is that Google and other search engines will throw a Captcha at you from time to time because they can't tell the node isn't a robot.

[Ricordo]

I can explain it this way. Suppose you are scheduled to deliver  crates of Belgian tomatos to the Atacama. Your flight plan might look like this. You take-off in Belgium and head to France. From France you head to Denmark and then back to Belgium to load up. After  two or three additional stops somewhere you finally reach your destination where you are not allowed to exit the plane to take a pee.

But the locals were very happy. It seems they were about to celebrate a festival that involved throwing Belgian tomatos at the opposing village. Btw, did I mention that Belgian tomatos are the heaviest in the world? By far.  The plane had a hard time taking off with them onboard.

And that's my story and I'm sticking to it.

[pipedreams]

30 minutes ago, syntaxerrorsix said:

VPN's are good for public wifi and masking your geolocation from streaming services.  The good ones don't store your history, some do.  You are simply trading your ISP's privacy policy for the VPN's privacy policy.  I use ExpressVPN.  One thing that sucks is that Google and other search engines will throw a Captcha at you from time to time because they can't tell the node isn't a robot.

Interesting thing is very few people on public wifi use VPN.  Several times a week after the gym we stop by favorite coffee shop for something to eat.  Very popular place for public wifi since they a good connection and speed.  I have a app on my phone that can detect who is using the wifi and there will always be people with no security.  Many will show with the first name of the person owning the laptop (Karen's Apple Pro) for example.  Good chance the lady sitting at the table with a Apple logo showing is Karen.  People are totally unaware of how they expose themselves.

[railfancwb]

Almost all my computing and internet use is now done using my iPhone. In an area of only public WiFi I use the phone carrier’s service - G3, more usually G4 or LTE. Sometimes says G5 but my phone is too old for that. 

[Eric]

5 hours ago, pipedreams said:

Interesting thing is very few people on public wifi use VPN.  Several times a week after the gym we stop by favorite coffee shop for something to eat.  Very popular place for public wifi since they a good connection and speed.  I have a app on my phone that can detect who is using the wifi and there will always be people with no security.  Many will show with the first name of the person owning the laptop (Karen's Apple Pro) for example.  Good chance the lady sitting at the table with a Apple logo showing is Karen.  People are totally unaware of how they expose themselves.

If she is sitting around in a coffee house drinking a six-dollar cup of coffee and playing on her laptop, she is probable A Karen, anyway.

[LostinTexas]

5 hours ago, pipedreams said:

Interesting thing is very few people on public wifi use VPN.  Several times a week after the gym we stop by favorite coffee shop for something to eat.  Very popular place for public wifi since they a good connection and speed.  I have a app on my phone that can detect who is using the wifi and there will always be people with no security.  Many will show with the first name of the person owning the laptop (Karen's Apple Pro) for example.  Good chance the lady sitting at the table with a Apple logo showing is Karen.  People are totally unaware of how they expose themselves.

Well, since you have to hook up to the WIFI to link into the VPN, it kinda seems counter intuitive for something like that.

I've tried a few, and other than S-L-O-W-I-N-G my internet speed and being a general PITA, they just don't seem all that and a bag of chips. Probably are for some things, I suppose. Stuff like coming here is about the only way I use an outside internet. Good luck cracking my home WIFI, unless you can do it without having a password.

Seems to not work the way many seem to think, and didn't a few of Uncle Sugar's alphabet agencies get caught with their hand in the VPN cookie jar a while back? Wonder how all that shook out? 

Inquiring minds, don't ya know.

[LostinTexas]

1 hour ago, railfancwb said:

Almost all my computing and internet use is now done using my iPhone. In an area of only public WiFi I use the phone carrier’s service - G3, more usually G4 or LTE. Sometimes says G5 but my phone is too old for that. 

If I have a signal, I'm on data when out and about.

[Eric]

23 minutes ago, LostinTexas said:

Well, since you have to hook up to the WIFI to link into the VPN, it kinda seems counter intuitive for something like that.

I've tried a few, and other than S-L-O-W-I-N-G my internet speed and being a general PITA, they just don't seem all that and a bag of chips. Probably are for some things, I suppose. Stuff like coming here is about the only way I use an outside internet. Good luck cracking my home WIFI, unless you can do it without having a password.

Seems to not work the way many seem to think, and didn't a few of Uncle Sugar's alphabet agencies get caught with their hand in the VPN cookie jar a while back? Wonder how all that shook out? 

Inquiring minds, don't ya know.

A VPN connection is an encrypted tunnel from your device to the VPN source. Although it travels over a network and internet, only the machines on either end of the tunnel can see the traffic.

[Maser]

8 hours ago, Eric said:

I routinely block access to the server from most of the rest of the world, so most international VPN proxies will not be able to access the site. Most domestic IP numbers will be able to though, unless I have blocked them for suspicious activity.
 

I have nothing against VPN services. I use one occasionally myself. I wouldn’t access the Internet using a public wi-fi hotspot without a VPN connection securing the connection. The VPN provides an encrypted tunnel from your device to whatever VPN access point you are currently using. Traffic to and from you appears to originate and end end up at that point. This gives you protection on untrusted wi-fi networks. Of course, you then have to trust that the VPN service you are using is shooting straight dice, so choose one with a good rep.

VPNs provide you some protection online, but from the perspective of webmasters like me, they are often used for nefarious purposes. A lot of the spam and hacking attempts I have to contend with originate from VPN proxies. When someone screws with my network, I usually block the offending IP number and a chunk of its subnet and since a lot of attempts against my server come from VPN proxies, a lot of even the domestic VPN proxies cannot reach my server. If you choose to use a VPN and can’t reach the site, choose another domestic VPN access node and try again. If it works here at all, it will work fine.

Generally speaking, IP numbers used with VPN access services have bad reputations. They end up on spam RBL lists, hacking lists, etc. If you use a VPN service, you may find that you can’t access sites and systems with higher security, or you may have to jump through additional hoops to do so. Sites like iCloud or Yahoo or GMail, sites for financial institutions etc, are more likely to have security in place that may take issue with VPN IP numbers on watchlists. Apps on mobile devices that log in securely to systems online might take issue as well.

I think that using a VPN is a good idea for someone who spends time on unsecure wi-if networks. Most people need to utilize a VPN service to have access to VPN technology. If you do, choose wisely. You necessarily give a VPN company access to everything you do online. You don’t have to use a VPN service though. VPN is just an encrypted point-to-point tunneling system using one of several protocols, like IPsec or PPTP. A lot of your ISP routers at home or work are capable of establishing a VPN connection and then you don’t have a third-party company camped out in the middle of your connection. When you establish a connection with a VPN at say your home or work, you have local access to that network and your internet traffic comes to and from that point. This local access of course means you can do the things you could do if you were there physically, like access and transfer files, access printers, etc. 

 

Nerd!

[LostinTexas]

2 hours ago, Eric said:

A VPN connection is an encrypted tunnel from your device to the VPN source. Although it travels over a network and internet, only the machines on either end of the tunnel can see the traffic.

Yea, I understand that, but for what Pipedreams was fevering to, stalking in a public place, he is picking up between the computer and the WIFI. You have to walk into that tunnel before you are encrypted.  If intercepting between the unit and the WIFI is a thing and you don't get the advantage of the VPN.

Just thought about it and still have a subscription. They either got their act together or my new(ish) provider is strong enough it powers through instead of breaking connection of the DSL we used to be stuck with. This is the only site I couldn't get on, and I didn't have to sign in to anything I looked at. Seems like it may not be so hot a commodity, huh? I suppose some sort of credential is going through?

I understand the Readers Digest version of how all that works, but not the finer points.

 

 

[Eric]

18 minutes ago, LostinTexas said:

Yea, I understand that, but for what Pipedreams was fevering to, stalking in a public place, he is picking up between the computer and the WIFI. You have to walk into that tunnel before you are encrypted.  If intercepting between the unit and the WIFI is a thing and you don't get the advantage of the VPN.

Just thought about it and still have a subscription. They either got their act together or my new(ish) provider is strong enough it powers through instead of breaking connection of the DSL we used to be stuck with. This is the only site I couldn't get on, and I didn't have to sign in to anything I looked at. Seems like it may not be so hot a commodity, huh? I suppose some sort of credential is going through?

I understand the Readers Digest version of how all that works, but not the finer points.

 

 

Seeing the computer names of people logged into a wi-fi network isn't the same thing as seeing the data being transferred. VPN encryption is strong as hell and it is seamless. The service you use to log into a wif-fi hotspot is a different system entirely, as is the architecture of the local network you log into. If someone is using a VPN connection on a public wi-fi, others might be able to see a device name of the person logged into the network, but nothing else of any use. There are a lot of apps, like Ethereal, that can sniff network traffic and mine all sorts of useful information. Based on the security of a user's computer or device, there are lots of ways to attempt probe/attack/access a user's system as well. A VPN protects the user's data over that wi-fi connection, the local network and the Internet to the VPN point of origin, but it only protects against one vulnerability.

Most mobile devices are fairly secure when on public networks, if the device hasn't been modded and the security settings haven't been screwed around with. Computers are much more complex, with many more potential points of vulnerability, some more than others. Mac and Linux systems are inherently very secure, as long as nothing stupid was done with security settings. There is no need to worry too much about your system's security even on a Windows system though as long as you take sensible security precautions.

If you couldn't access TBS on your VPN, the IP number of the VPN node you were using must be blocked by my server's firewall. Like I mentioned before, VPNs often get used by hackers, spammers and other neferous types and I have to block a lot of them. Any VPN service should let you choose a different access node, if the one you are using is blocked by some site you want to access, or if the connection is slow.

[LostinTexas]

A few years ago. Recon how many don't get caught?

Busted

Just in case you missed it.

[Eric]

16 minutes ago, LostinTexas said:

A few years ago. Recon how many don't get caught?

Busted

Just in case you missed it.

Oh, that is absolutely a risk with any VPN service. A VPN provider is a classic Man-In-The-Middle. Sharing the information with a government agency is only one possible way a person's privacy and security can be compromised  by a shady VPN service. If a person chooses to use a VPN service, they choose one and choose to trust them. If you deal with a reputable company, you have the best chance that they won't break faith with their customers.

Like I said, a person always has the option of using a VPN portal embedded in the router at your home or work. Then you control both ends of the pipe. A lot of modern routers have VPN functionality built into them. You can also get a simple device that plugs in to your local network that will give you VPN connectivity. Of course, this would not benefit someone looking for anonymity. It would just keep your data safe over an unsecure network.

[Maser]

9 hours ago, Eric said:

Seeing the computer names of people logged into a wi-fi network isn't the same thing as seeing the data being transferred. VPN encryption is strong as hell and it is seamless. The service you use to log into a wif-fi hotspot is a different system entirely, as is the architecture of the local network you log into. If someone is using a VPN connection on a public wi-fi, others might be able to see a device name of the person logged into the network, but nothing else of any use. There are a lot of apps, like Ethereal, that can sniff network traffic and mine all sorts of useful information. Based on the security of a user's computer or device, there are lots of ways to attempt probe/attack/access a user's system as well. A VPN protects the user's data over that wi-fi connection, the local network and the Internet to the VPN point of origin, but it only protects against one vulnerability.

Most mobile devices are fairly secure when on public networks, if the device hasn't been modded and the security settings haven't been screwed around with. Computers are much more complex, with many more potential points of vulnerability, some more than others. Mac and Linux systems are inherently very secure, as long as nothing stupid was done with security settings. There is no need to worry too much about your system's security even on a Windows system though as long as you take sensible security precautions.

If you couldn't access TBS on your VPN, the IP number of the VPN node you were using must be blocked by my server's firewall. Like I mentioned before, VPNs often get used by hackers, spammers and other neferous types and I have to block a lot of them. Any VPN service should let you choose a different access node, if the one you are using is blocked by some site you want to access, or if the connection is slow.

 

Glock loving nerd!

[minderasr]

8 hours ago, LostinTexas said:

A few years ago. Recon how many don't get caught?

Busted

Just in case you missed it.

What exactly did they share?  Dates and times of connections?  Meh.  Besides that, no company is going to go out on a limb to protect anyone once a warrant is involved.

As an aside, a VPN is not the be-all end-all of security.  It's one step, a single layer in the onion that is your effort to be a relatively secure netizen on the interwebs.  If you really want anonymity, then using TOR would be your best bet.  But it's not 100%, nothing is 100% secure other than not connecting at all.

[pipedreams]

14 hours ago, LostinTexas said:

Yea, I understand that, but for what Pipedreams was fevering to, stalking in a public place, he is picking up between the computer and the WIFI. You have to walk into that tunnel before you are encrypted.  If intercepting between the unit and the WIFI is a thing and you don't get the advantage of the VPN.

Your correct, what I was referring to has nothing to do with being able to view their data.  If you are concerned about your privacy while using public WiFi especially a woman, don't name your computer "Susan's Laptop".  Since even though you may be using VPN the name "Susan's Laptop" the manufacture and other information shows including how many time you have logged onto that router.  I guess I should of said personal security not data security.  We talk of beware of your surroundings and know where the exits are while not being aware what's being broadcast by our digital devices.  Like I said "People are totally unaware of how they expose themselves."

[syntaxerrorsix]

On 10/15/2022 at 8:36 PM, LostinTexas said:

Well, since you have to hook up to the WIFI to link into the VPN, it kinda seems counter intuitive for something like that.........

 

Keep the VPN on all the time even when using your data connection.  I've got several hotels and establishments that my phone automatically connects to, and the VPN is always up and running.

[minderasr]

On 11/12/2022 at 11:10 AM, syntaxerrorsix said:

 I've got several hotels and establishments that my phone automatically connects to

Technically this is also a security risk.  The only wi-fi network my phone automatically connects to is the one at my home.

 

[gwalchmai]

13 hours ago, minderasr said:

Technically this is also a security risk.  The only wi-fi network my phone automatically connects to is the one at my home.

 

Word. With the return of unlimited data plans I rarely connect to "foreign" WiFi on my phone. Besides, my phone is 5G so I'm going to hell irregardless. 

[minderasr]

2 hours ago, gwalchmai said:

Word...irregardless. 

I don't want to be that guy but...Not a word!

[gwalchmai]

It's one of my words...