- You’ve definitely came across many posts/videos telling you to use a VPN to be safer and to protect your private life or use NordVPN because they’ve got your back with 50% off promo code 😅. Nonsense!, many people have really no idea what they are talking about and they’re simply trying to gain money out of non tech savvy people.
Alright so what’s actually a VPN and why is it falsely used ?
1. What’s a VPN
A virtual private network (VPN) is service that provides proxy server to bypass
MITM attacks and hides the users actual public IP address.
While that’s partially true, there is a lot of misinformation around it.
In the good old days man in the middle attack “
MITM” used to be a thing …
but not anymore.
MITM is a cyberattack where the attacker secretly relays
and possibly alters the communication between two parties.
Most cryptographic protocols include some form of endpoint authentication
specifically to prevent
MITM attacks. For example, TLS can authenticate one or
both parties using a mutually trusted certificate authority. HTTPS is the
secure version of HTTP (which is primary protocol used to send data between
browser and website), HTTPS is always
encrypted and most websites
HTTPS (Make sure you force in your browser setting too). So
practically you don’t need a VPN if you are worried about MITM or
to simply encrypt your traffic! Even a hostile ISP (Internet service provider)
cannot do anything against your connection or see what you are doing (intercept)
on that website.
- Alright so you’re thinking maybe it makes me more private ? Wrong, The VPN provider can see all your traffic, and do whatever they want with it.
Users must consider that when the transmitted content is not encrypted before entering the proxy, that content is visible at the receiving endpoint (usually the VPN service provider’s site) regardless of whether the VPN tunnel itself is encrypted for the inter-node transport.
- So it doesn’t matter if you pay for it in crypto and your are absolutely sure
it’s not revealing your identity. Your
IP addressis still Visible to the VPN and even in a perfect scenario you can be tracked down easily by whoever got interested in your traffic.
There is no such a thing as a 0 log policy. All VPN providers have to keep certain logs of your activity in one way or another to make sure the service is maintained. Not to say that many VPN providers WILL forward your logs/identity to law enforcements when questioned.
VPNs do not protect you from fingerprinting
- If your are concerned about your privacy use Tor instead and please DON’T even consider using VPN on the top of it, Tor by design is already secure. A VPN in this case will add just a bonus attack vector to deanonymize you. Even if you know what you are doing a small missconfiguration in the VPN … And you are piece of cake 😋.
What is it used for then ?
The real intended purpose of a VPN; that is, as a virtual private (internal)
network. A mechanism for creating a secure connection between a computing
device and a computer network, or between two networks, using an insecure
communication medium such as the public Internet. It is created by
establishing a virtual
point-to-point connection through protocols over
Alright got it 😃 ! But i still need to use it to bypass Geo-blocking or access popcorn 😁 ... without letting my ISP or network admin see which sites i visited right ?
Yes, you can use a VPN to achieve that. But not from a VPN provider (unless you don’t care about privacy/security), you can easily create your own. Pick a good VPS (Virtual private server) and always go with open source options that have been thoroughly audited by the community. Transparency is key! And again do not assume your are private! YOU ARE NOT so don’t ever think of doing anything Illegal while using a VPN.
How can I then be secure ?
Before going through VPNs and other solutions you should first of all consider the followings: Use a password manager (Open source one) I recommend keepassxc
- Choose strong and unique passwords for your Masterpassword (To open keepassxc)
- Never store your Masterpassword unencrypted and better not in your Computer (just memorize it or write it down somewhere safe)
- Another great option for CLI users is to use pass (Each password lives inside of a GPG encrypted file)
- Always use a 2FA (2 factor authentication method)
- Force HTTPS in each website … ( you can find that in your browser settings )
- end-to-end encryption or P2P applications.
- Learn about gpg and how to properly encrypt stuff. Here is the full tutorial to do that.
- Maybe change your spyware Os (operating system) Windows or MacOs. Linux is always the best option for freedom and security
- Take some network security measures (such as firewalls IDS etc)
- ALWAYS encrypt your stuff. It doesn’t matter if it’s your home desktop or your USB stick.
- Be cautious with links and attachments (email, sms or downloading stuff from unknown sources)
Let me know if you need more through guide on “How to be secure/private and anonymous” I’ll write a post for that!
- Most VPN providers are a SCAM
- If you need one, set one yourself (Purchase a VPS and set up your own) for that you can find many open source options!
- VPN is no privacy/anonymity tool. If you are concerned about surveillance/fingerprinting use Tor instead! (I will write a post on that too 🙂!)
</ Enjoy 🤓!>