VPN ... some questions.

[easysurfer]

Still waiting and seeing what happens with possible internet privacy changes in the news to see if I want to go the Virtual Private Network (VPN) route or not. In the meantime, got a few questions that maybe folks who are on a VPN can answer.

1) Is there set up required on the user's side? For example, would I have to make some settings on my router?

2) Does a VPN handle recognized sites transparently? For example, if I use a VPN and the IP has me in the UK instead of USA, does that confuse current sites like Amazon and Vanguard and others with 2FA?

3) Does having a VPN cut down on ads?

Thanks

 

[MichaelB]

So far, the only changes I'm aware of are some regulations that were going to be implemented and have been rolled back. So, today's privacy rules continue.

Here's an informative article on VPNs by Brian Krebs https://krebsonsecurity.com/2017/03/post-fcc-privacy-rules-should-you-vpn/

 

[Just_Steve]

The bill that was passed only rolls back a bill passed in 2016 but was not yet implemented therefore the new bill only keeps things the way they are now. The sky is not falling.

MichaelB posted as I was typing.

 

[easysurfer]

That's a really good article. Didn't answer the basic questions I had like how easy to set up and use. But, Lots of information.

--------
Maybe if the rules change, the ISPs will offer a VPN service for about $9.95 a month (me just being sarcastic)?

 

[Hyperborea]

Still waiting and seeing what happens with possible internet privacy changes in the news to see if I want to go the Virtual Private Network (VPN) route or not. In the meantime, got a few questions that maybe folks who are on a VPN can answer.

1) Is there set up required on the user's side? For example, would I have to make some settings on my router?

You need to make changes to some bit of equipment to connect to the VPN. You can do it at the router level if your router supports it. If it doesn't you might be able to flash open source router firmware to support it - DD-WRT or Tomato. If you do this on the router then you cover every device in the house using the router.

The other option is to do it on a device by device way. This means that you will likely do it to your computers, phones, and tablets but not the TV, PlayStation, XBox, etc.

Even if you set it up at the router level putting the VPN service access on your phone is a good idea so that when you travel and use random WiFi sites you can't be hacked as easily.

2) Does a VPN handle recognized sites transparently? For example, if I use a VPN and the IP has me in the UK instead of USA, does that confuse current sites like Amazon and Vanguard and others with 2FA?

You can pick an "exit" point with most VPN services and have your traffic exit the VPN in many different countries. When you set it up on the router or when you turn it on for the computer you can choose the exit point. As a side note, if you set it up at the router level you will need to set up exclusions from the VPN connection for your streaming services. They are actively looking for VPN usage and will block it because many people use VPNs to try and get around geo-fencing.

3) Does having a VPN cut down on ads?

Thanks

No. The sites you visit will still show ads. Depending on where you appear to be this may change some of the ads. Also, the cookies on your computer will also be used to target the ads. These cookies can be used to build up a bit of profile to target the ads. I.e. you visit a Facebook page about camping then you might see ads for tents or sleeping bags.

 

[easysurfer]

Thanks Hyperborea. Was the type of answers I was looking for.

Looks like regardless of any rules changed/blocked or not, I may take the wait around until easier to set up route .

 

[Hyperborea]

Thanks Hyperborea. Was the type of answers I was looking for.

Looks like regardless of any rules changed/blocked or not, I may take the wait around until easier to set up route .

The ASUS routers are pretty easy to setup out of the box for VPN - they have a customized/simplified version of DD-WRT with a nice GUI. They don't have all the features that standard DD-WRT would make available but for most people it's enough. I recently picked up a pair* of these for $50 when they were on sale - https://www.amazon.com/gp/product/B01LXL1AR8 More than enough capability for the average and even above-average user.

* I run two different countries - one that is VPN'ed and comes out in California and one that is using Smart DNS and comes out in Japan.

 

[easysurfer]

The ASUS routers are pretty easy to setup out of the box for VPN - they have a customized/simplified version of DD-WRT with a nice GUI. They don't have all the features that standard DD-WRT would make available but for most people it's enough. I recently picked up a pair* of these for $50 when they were on sale - https://www.amazon.com/gp/product/B01LXL1AR8 More than enough capability for the average and even above-average user.

* I run two different countries - one that is VPN'ed and comes out in California and one that is using Smart DNS and comes out in Japan.

I'll have to look at them when I have a chance. Wouldn't hurt to take a peek at the setup process.

Here's another [-]stupid [/-] simple question that probably should have been question #4 on my original post:

Are there software only VPN services?

On my phone, I have an app (Hexatech) that is a free VPN. When I travel and in a hotel that doesn't have a secure wifi, I start up that VPN app.

I've also tried free VPN's on my computer (software only, not router settings) just to see what the software says about when doing a "whatsmyip" to see that from a different country, as a test.

 

[Hyperborea]

Are there software only VPN services?

On my phone, I have an app (Hexatech) that is a free VPN. When I travel and in a hotel that doesn't have a secure wifi, I start up that VPN app.

I've also tried free VPN's on my computer (software only, not router settings) just to see what the software says about when doing a "whatsmyip" to see that from a different country, as a test.

Sure there are. VPN service is essentially all software. You just run the client software on different bits of hardware - router, computer, phone, etc. The free VPN services are generally very slow and flaky. They can be ok for occasional use but I wouldn't rely on them for long term use plus they need to make money somehow so they are likely selling on your usage info. They can see the ip address you come from, where you connect to, how long, etc. As long as you are connecting with https rather than http (check the url or look for the lock icon in the url bar of the browser) then they can't see the content of your connection.

 

[easysurfer]

Sure there are. VPN service is essentially all software. You just run the client software on different bits of hardware - router, computer, phone, etc. The free VPN services are generally very slow and flaky. They can be ok for occasional use but I wouldn't rely on them for long term use plus they need to make money somehow so they are likely selling on your usage info. They can see the ip address you come from, where you connect to, how long, etc. As long as you are connecting with https rather than http (check the url or look for the lock icon in the url bar of the browser) then they can't see the content of your connection.

Good info. Definitely, I wouldn't trust a free VPN for long term use for my computer. For the phone, my gut is that they may be more secure than an unsecured wifi connection, say at a hotel or airport.

 

[Alan]

I've used a VPN service for several years for watching programs while traveling outside of the country, but I could also use it for use in-country for the added security.

ETA
Very easy to install and use.

 

[Sunset]

I'm considering getting it as when travelling, I'm pretty nervous about starting up my email or doing any banking.
Seems VPN could make it safer, especially at hotels where everyone has the password, so it's not really secure.

 

[Dd852]

I do a lot of traveling to places where the government likes to snoop - I subscribe to three different vpn services as some occasionally get blocked. And I use them whenever I'm on a public wifi hotspot. These days they are very very easy to use and set up, and they only shave a little bit off speed. Just don't use a "free" service as they have to make their money from somewhere and that's you! If you want specific company recommendations please dm me and I can tell you the positives and negatives I've experienced.

 

[Rustic23]

I have used PIA "Private Internet Access" for a couple of years. I have it on my laptops, ipads, had it on Iphone, and desktop. I ordered it through Amazon, as I did not want to send them my credit card. On, just a little paranoid. Setup was simple. They send you account data, you download appropriate app/software for computers/tablets, logon using data they send. You can have the software open on startup or when you click on the icon. It takes less than a min for the software to log the VPN on and your computer 'hidden' They have a large list of countries you can choose to 'be from' i.e. someone looking at your connection will think you are in Germany or sorts depending what country/state you select.

One thing to consider is rather the VPV keeps records of your activity. PIA does not. Laws in other countries dictate how much information the VPN may collect and how long they have to keep it. The VPN provider may have a list of who uses their services, but not what your actually did. As I said some keep no records to this effect, others do. If you choose a state inside the US, then the probability is they will keep records, and the Government can get court orders to see what your activity was.

LastPass is the only program I have run into that seems to look at where I am coming from. If I have used a foreign country, they will say that I am not authorized to logon from that location. Changing my location to a US VPN rectifies this. That is as easy to do as right clicking on the PIA icon, disconnecting, then reconnecting from a different state.

I just logged the VPN to Norway. I then googled "Where Am I" and picked a site, and here is where people think I am.

 

[clobber]

Still waiting and seeing what happens with possible internet privacy changes in the news to see if I want to go the Virtual Private Network (VPN) route or not. In the meantime, got a few questions that maybe folks who are on a VPN can answer.

1) Is there set up required on the user's side? For example, would I have to make some settings on my router?

2) Does a VPN handle recognized sites transparently? For example, if I use a VPN and the IP has me in the UK instead of USA, does that confuse current sites like Amazon and Vanguard and others with 2FA?

3) Does having a VPN cut down on ads?

Thanks

Just to answer some things in my own [long] way:

1) Yes, setup is required. If you want the communications of your entire home to go through the VPN, then you will need a router that has a "VPN Client" built into it. You configure the router to connect to the VPN so that all devices use it. I don't have a scientific study, but I believe relatively few routers contain this functionality. Odds are that most people have a router without this feature. Alternatively, if you only want a few devices to connect to the VPN, you can configure the VPN Client on the individual devices. Keep in mind that most VPN services only allow a fixed number of concurrent connections (maybe 2-3). Meaning, you can only connect 2-3 devices simultaneously. Also keep in mind that many devices do not have a VPN Client. For example, Amazon Fire TV does not have one. XBOX does not have one.

2) This is a good question, and the answer is no - things are not automagic. If you are in the USA, and you connect your VPN to - say Germany - the Internet is going to think you are in Germany. When you type "www.google.com" into your browser, you are going to get the German version of Google. This will break somethings and not others. For example, there is no problem being from the USA, traveling to Germany and using your Google account with 2FA. The VPN is essentially like going on an instant holiday. However, now that you are in Germany, your subscriptions to Netflix, Hulu, etc will either not work, or work differently. Some shopping sites like Walmart and Khol's also are problematic. Some things are better through an overseas VPN, like MLB.TV which has no blackout restrictions for overseas customers. See below for a solution to this problem.

3) No. As someone else said, it will usually change the ads though. Prepare to get some German ads if you are connected there.

Keep in mind:

1) The current controversy is that your ISP is/might be allowed to snoop on and sell your information. If you want to protect from what your ISP can see, the VPN does not need to connect to an overseas service. For example, if you live in California, you can simply connect to a VPN service in California. This will hide your traffic from your ISP. All of your Internet services will still think you are in California and work like you expect. Even choosing another state will make most things work normally. Somethings won't (like MLB.TV and their blackout restrictions).

2) VPNs can be slow and you will likely notice. For example, I usually have a 30Mbps connection to the Internet. When I connect my VPN, it is often 5Mbps. There are some locations I connect to and only get 1-2 Mbps. There are two main factors: distance and servers. If you connect your VPN from California to Hong Kong, expect it to be slower. The second factor is bigger. The way these VPN services work is that they host a server and allow many customers to connect to that server. The more people they allow to connect to that server, the slower the connection can be. That is because the servers has to encrypt/decrypt all customer traffic putting a lot of strain on the CPU and slowing things down.


3) I don't think many people understand this point: VPNs only protect between you and the VPN server. If you connect a VPN from you home in California to a VPN server in New York, that is where the traffic is encrypted. Let's say you then browse to cnn.com which might have servers in Texas. You're browsing traffic will be encrypted to New York, but then the traffic from NY to Texas will not be. However, you have largely accomplished your goal because your ISP in California can't see it.

Sorry that was so long.

 

[easysurfer]

Rustic - That's kinda fun to watch on the map. All the way from Oslo.

Clobber - Thanks. A very good explanation of some of the inns and outs.

 

[donheff]

I would be interested in the pros and cons of just using the Opera browser with it's built in VPN. If this approach works I would hope the major browser companies will start to offer the capability as well.

 

[target2019]

Thanks Hyperborea. Was the type of answers I was looking for.

Looks like regardless of any rules changed/blocked or not, I may take the wait around until easier to set up route .

I wouldn't wait for things to get easier. Hardware and software makers will advance VPN, and the market will decide, by buying the products that become available.

/Begin Flame
We seem to expect things to change, and then become static. Those who believe this just puts things back where they were, are putting a lot of faith in the gov't and big business. I've never been disappointed, since I have little faith that either wants to protect my privacy, even though I am a good citizen and excellent customer!

Your private data is strewn all over the world, because gov't and business would have needed to address this issue, and spent money to protect your data at a more serious level. However, we know that isn't so. Look at the spillage from Yahoo, which is on a grand scale. It gives the bad guys a huge advantage. Look at the loss by OPM of very detailed information about cleared personnel, both government and contractor. This included details on more than 15 million current and former personnel.

Any attempt to reign in and limit the storage of PII is a very good thing, IMO.
/End Flame

 

[target2019]

I would be interested in the pros and cons of just using the Opera browser with it's built in VPN. If this approach works I would hope the major browser companies will start to offer the capability as well.

“Free VPN” is now an integrated feature of Opera's stable desktop browsers.. Despite its nomenclature, however, this feature is really a proxy service rather than a true VPN. A true VPN encrypts your entire internet connection, while Opera's “Free VPN” only encrypts the data from your browser. Using this “VPN” does not protect your BitTorrent downloads or other internet activity outside the Opera browser.

from https://www.bestvpn.com/opera-browser-free-vpn-review/

Any browser you use which shows https in the URL is encrypting your traffic to/from the target site. This feature in OPERA would give you additional protection with sites like e-r dot org, which don't establish a secure connection.

 

[Hyperborea]

I have used PIA "Private Internet Access" for a couple of years. I have it on my laptops, ipads, had it on Iphone, and desktop. I ordered it through Amazon, as I did not want to send them my credit card. On, just a little paranoid.

The VPN provider can still track back to you through Amazon if they want to or are compelled to. If you want to be even more paranoid you can pay for your VPN service using gift cards. I paid for my service with PIA using a Target gift card. Most if not all VPN providers will do this. You do pay a little more because of the overhead costs of converting the card back into cash. So, a year with PIA is about $50 using a gift card instead of $40 with more cash-like things. I think it's worth it since these people have my entire internet connection logs so anonymizing that is only $10 / year.

 

[easysurfer]

I'm still on the fence about whether to get a VPN or not.

Have some simple (I hope) question on VPN use that hopefully someone can answer.

Once the VPN software is turn on, does this mean my connection to the internet is secure and protected?

For example, for email, I prefer an email reader program (such as Outlook Express) rather than a web based email reader. In this case, once the VPN is turned on, does this mean my email is safe and out of prying potential hackers eyes? Or wouldn't the email, VPN or not still go through the ISP servers, so there anyhow?

Well, maybe not as simple a question as I thought .

 

[target2019]

I'm still on the fence about whether to get a VPN or not.

Have some simple (I hope) question on VPN use that hopefully someone can answer.

Once the VPN software is turn on, does this mean my connection to the internet is secure and protected?

For example, for email, I prefer an email reader program (such as Outlook Express) rather than a web based email reader. In this case, once the VPN is turned on, does this mean my email is safe and out of prying potential hackers eyes? Or wouldn't the email, VPN or not still go through the ISP servers, so there anyhow?

Well, maybe not as simple a question as I thought .

With a VPN, you have better protection. You're opening up an encrypted tunnel between your computer and the destination. However, what is the destination, and where does it get communications from?

It isn't an easy question. Assume there are 1M potential vulnerabilities. If you and I communicate through a VPN, we eliminate some number of those. But our VPN does not eliminate EVERY vulnerability. You and I still need web protection, anti-virus, anti-malware, and so on.

 

[easysurfer]

With a VPN, you have better protection. You're opening up an encrypted tunnel between your computer and the destination. However, what is the destination, and where does it get communications from?

It isn't an easy question. Assume there are 1M potential vulnerabilities. If you and I communicate through a VPN, we eliminate some number of those. But our VPN does not eliminate EVERY vulnerability. You and I still need web protection, anti-virus, anti-malware, and so on.

Yes, I do understand about needing other protection along with a VPN.

But how about the example I gave about using an email reader? Can your ISP snoop into your email if they choose, VPN or not?

 

[target2019]

Yes, I do understand about needing other protection along with a VPN.

But how about the example I gave about using an email reader? Can your ISP snoop into your email if they choose, VPN or not?

I think there may be an email administrator somewhere who read something he shouldn't have.
Email sits on servers, where it may or may not be encrypted at rest. If not encrypted, it can be read.
Email is filtered by your ISP.
Gov't entities are filtering at email gateways.
I use Gmail in addition to ISP email.
If you need a secure app to occasionally send a file or password to another trusted individual, whatsapp is a neat solution.

 

[easysurfer]

I think there may be an email administrator somewhere who read something he shouldn't have.
Email sits on servers, where it may or may not be encrypted at rest. If not encrypted, it can be read.
Email is filtered by your ISP.
Gov't entities are filtering at email gateways.
I use Gmail in addition to ISP email.
If you need a secure app to occasionally send a file or password to another trusted individual, whatsapp is a neat solution.

Thanks. I'm not paranoid, but just trying to understand the boundaries of how help (or not) a VPN may be. Always like to tighten up security a bit as long as not too cumbersome to use.

Did find a freebie VPN and secure email service which has promise. I know, freebie = red flag, but this is from a organization (open source?) called ProtonMail and ProtonVPN. Signed up for a free email account, but not sure if I need the VPN part.

The ProtonMail can come in handy for something like if you need to send a secure pdf file with sensative information to family or business. Wish I used something like this in the past. There is a ProtonVPN part too.