VPN ... some questions.

I just got a VPN this month for added security and privacy. Currently I have it on my laptop, desktop, and Fire TV. I use IPVanish. You can google it and find coupons online. I did a year subscription for $58 a year. The set-up was easy. If you get stuck or have issues, they have a live help on their website.
 
easysurfer said:
Thanks. I'm not paranoid, but just trying to understand the boundaries of how help (or not) a VPN may be. Always like to tighten up security a bit as long as not too cumbersome to use.

Did find a freebie VPN and secure email service which has promise. I know, freebie = red flag, but this is from a organization (open source?) called ProtonMail and ProtonVPN. Signed up for a free email account, but not sure if I need the VPN part.

The ProtonMail can come in handy for something like if you need to send a secure pdf file with sensative information to family or business. Wish I used something like this in the past. There is a ProtonVPN part too.
Click to expand...
Trying things is best way to learn.

Different users have levels or layers of security that help get their data storage and transfer to the security posture they desire.

When your email is stored on the ISP server (data at rest), it is human readable (unencrypted), or encrypted (not human readable). The same applies to your data in transit.

A VPN is a private network that provides a secure tunnel between two networks. It protects data in transit.

I'd say the VPN is not preventing anyone from reading your email at the ISP. But it means you have more privacy when email travels between ISP and your mail client.

Boundary is a good thing to understand. That concept is important in network security.
 
target2019 said:
Trying things is best way to learn.

Different users have levels or layers of security that help get their data storage and transfer to the security posture they desire.

When your email is stored on the ISP server (data at rest), it is human readable (unencrypted), or encrypted (not human readable). The same applies to your data in transit.

A VPN is a private network that provides a secure tunnel between two networks. It protects data in transit.

I'd say the VPN is not preventing anyone from reading your email at the ISP. But it means you have more privacy when email travels between ISP and your mail client.

Boundary is a good thing to understand. That concept is important in network security.
Click to expand...

That's a good explanation about data at rest and data in transit. Thanks.
 
easysurfer said:
That's a good explanation about data at rest and data in transit. Thanks.
Click to expand...
Something new appeared in an email communication from an investments company.

**** This message was sent securely via TLS encryption. ****

That is something of interest for this thread. It concerns (email) data in transit. Even though I am not on a VPN at this moment, there is a certain level of protection offered by TLS.
 
target2019 said:
Something new appeared in an email communication from an investments company.

**** This message was sent securely via TLS encryption. ****

That is something of interest for this thread. It concerns (email) data in transit. Even though I am not on a VPN at this moment, there is a certain level of protection offered by TLS.
Click to expand...

Not familiar with the acronym of TLS. What does it stand for? Is that a type of encryption? Or is TLS the name of a company?
 
My two cents about VPNs is that I don't think they're worth the trouble for most people. Simply using a good firewall and good anti-virus software, and making sure all your web browsing is HTTPS encrypted—along with never clicking on unknown links in your email—is generally good enough.

VPNs are more typically used by people who want to obfuscate their IP address while browsing, to get around location-based restrictions imposed by certain online services like Netflix or to thwart ISPs that try to block users from downloading torrents, etc. And I've heard that robust, high-quality VPN services are never free or cheap. If you go cheap, you'll end up with something very slow and unreliable.
 
VPN can be useful, but frankly for most people they really don't enhance security much. (That's different from using corporate VPNs, which are usually necessary to access stuff at w*rk).

If you have an iPhone/iPad almost all your apps will be using encrypted network communication (App Transport Security using TLS). There are a few exceptions, but developers have to justify the use of insecure networking to Apple.

In any web browser on any platform you should be avoiding sites that aren't using https (most browsers show a lock icon on these sites). There's very little excuse for sites not to be using HTTPS since the secure certificates are free (see Let's Encrypt) and easy to use. Heck, I added HTTPS support to my HOA's little website. About 50% of the sites I regularly visit use HTTPS now and the percentage is growing. Every financial site I visit uses it. I hope there aren't any left that don't.

If you want a good in-depth, but not overly technical discussion of VPNs and some recommendations for providers I'd recommend The Wirecutter

I personally don't use a VPN, and also avoid most public WiFi since LTE on my phone is generally faster and more reliable anyway.

Does anyone know why http://www.early-retirement.org hasn't moved to HTTPS yet?
 
mpeirce said:
VPN can be useful, but frankly for most people they really don't enhance security much. (That's different from using corporate VPNs, which are usually necessary to access stuff at w*rk).

If you have an iPhone/iPad almost all your apps will be using encrypted network communication (App Transport Security using TLS). There are a few exceptions, but developers have to justify the use of insecure networking to Apple.

In any web browser on any platform you should be avoiding sites that aren't using https (most browsers show a lock icon on these sites). There's very little excuse for sites not to be using HTTPS since the secure certificates are free (see Let's Encrypt) and easy to use. Heck, I added HTTPS support to my HOA's little website. About 50% of the sites I regularly visit use HTTPS now and the percentage is growing. Every financial site I visit uses it. I hope there aren't any left that don't.

If you want a good in-depth, but not overly technical discussion of VPNs and some recommendations for providers I'd recommend The Wirecutter

I personally don't use a VPN, and also avoid most public WiFi since LTE on my phone is generally faster and more reliable anyway.

Does anyone know why http://www.early-retirement.org hasn't moved to HTTPS yet?
Click to expand...


The technical discussion is a good read.

Tried signing up for the free VPN option to try out with ProtonVPN. Site said only on waitlist for free version, but could sign up for a paid version. I don't need a VPN that much at this time :blush:.
 
A VPN isn't going to do much for the average Internet user.

It's a big plus when used in an open wifi, though. Nowadays, most everything is TLS, so the snoops on open wifi can only see where you go, but not the content you send and receive. That's because DNS is in the clear, even if you go to an https site.

On the negative side, since VPN tunnels are usually set up as a virtual network adapter, that is the entity that your home router is using to reject unsolicited traffic. So everything comes in, and you don't get the benefit of rejecting messages from addresses where you didn't start the conversation. See, without a VPN, your router simply ignores traffic unless you started the conversation. Now, I don't see this as a huge deal, but it's something.

Also, unless you're paying for your VPN, you're probably paying in a way you might not like; one VPN service was caught stealing user info and selling it. And this was complely in contrast to what was stated in the user agreement.
 
easysurfer said:
The technical discussion is a good read.

Tried signing up for the free VPN option to try out with ProtonVPN. Site said only on waitlist for free version, but could sign up for a paid version. I don't need a VPN that much at this time :blush:.
Click to expand...

Have a look at Opera and the built-in VPN.
Opera Free VPN Feature: For PC and Smartphone

It's free, and that is a good price. I use it along with Chrome and Firefox.
 
target2019 said:
Have a look at Opera and the built-in VPN.
Opera Free VPN Feature: For PC and Smartphone

It's free, and that is a good price. I use it along with Chrome and Firefox.
Click to expand...

Had a chance this morning to take a look at Opera with the built-in VPN on my desktop. Thumbs up. Simple toggle vpn on/off slider for the times I want to turn on/off the cloaking device :). Plus, can't beat the price of free.

Thx for the suggestion.
 
easysurfer said:
Had a chance this morning to take a look at Opera with the built-in VPN on my desktop. Thumbs up. Simple toggle vpn on/off slider for the times I want to turn on/off the cloaking device :). Plus, can't beat the price of free.

Thx for the suggestion.
Click to expand...



I like Opera. But with freeware there is always the nagging question of how they are making their money off you. Opera was developed by Norway's Telenor, but then sold to a fairly non transparent Chinese group, Golden Brick Capital Private Equity Fund I Limited Partnership. So as long as your eyes are wide open about who is controlling your browsing history and you're satisfied with their security and privacy standards, fine. I deleted my copy, but that's because I still do some work in China.
 
Yes, no such thing as a free lunch.

The link that target2019 gave mentions how Opera makes money off you.

Opera Free VPN Feature: For PC and Smartphone

A lot of you might think why would Opera provide VPN service for free. Well, they are free to use, but Opera is making money via in-app advertising and by sharing your data with third parties.
Click to expand...
The company stated, “Opera makes money by collecting anonymous data about how people use their mobile device. It’s important to understand that this is not data about what you do with your phone, but rather about how a large group of people use their phones.”

“We do not store or distribute any data that could be used to determine your personal online activities,” they concluded.

In all fairness, Opera needs money to keep the VPN service functional and if you trust them to abide by their words of not snooping into your privacy, then using their service shouldn’t be a problem for you.
Click to expand...
 
easysurfer said:
Had a chance this morning to take a look at Opera with the built-in VPN on my desktop. Thumbs up. Simple toggle vpn on/off slider for the times I want to turn on/off the cloaking device :). Plus, can't beat the price of free.

Thx for the suggestion.
Click to expand...
I'm pretty much a 3-browser geek. Between Chrome, Firefox and Opera, I have a broader view of the internet, and what is possible.

I like the Opera sidebar. Trying to find useful widgets to add to it.
 
target2019 said:
I'm pretty much a 3-browser geek. Between Chrome, Firefox and Opera, I have a broader view of the internet, and what is possible.

I like the Opera sidebar. Trying to find useful widgets to add to it.
Click to expand...

I like that approach and now use 3-browsers also. Firefox as my main browser. Opera when I want some privacy, and Epic browser that's built for privacy. The right tool for the job.
 
easysurfer said:
I like that approach and now use 3-browsers also. Firefox as my main browser. Opera when I want some privacy, and Epic browser that's built for privacy. The right tool for the job.
Click to expand...
I've always used at least two browsers, to keep consulting work and personal business separated. Chrome had my business email and whatever else was related at the time. Firefox has a lot of personal and investing bookmarks.

Now that consulting is of little importance, I'm using three browsers to keep three channels of genealogical research separate. Having different account logins for three individuals, it is very helpful to associate an individual (self, spouse, F-I-L) with a browser.

I need an icon, or I'm lost...
 
I only use public wifi with my iPad. My understanding is that my iPad, with security turned on, encrypts everything that goes out. Not sure about what comes in. But, certainly the banking and other money apps are encrypted both ways.
 
Chuckanut said:
I only use public wifi with my iPad. My understanding is that my iPad, with security turned on, encrypts everything that goes out. Not sure about what comes in. But, certainly the banking and other money apps are encrypted both ways.
Click to expand...



Public wifi is a bit dicey for anyone. I'm not sure what you mean by "with security turned on" - if you mean using a VPN, yes you are probably ok. If you mean relying on https connections, you are still vulnerable to man in the middle attacks.

If the public hotspot is wide open, anyone could be using it. And someone could be spoofing the hotspot name as well. If the hotspot is protected by a password, that's a bit better.

So be paranoid. Make sure the spot you are logging into is really the spot you want to log into. Use a vpn. Make sure it is an https address - the right address - that you're connecting to.

Have strong passwords. Use two factor log ins.
 
easysurfer said:
I like that approach and now use 3-browsers also. Firefox as my main browser. Opera when I want some privacy, and Epic browser that's built for privacy. The right tool for the job.
Click to expand...

DuckDuckGo to break the filter bubble and search privacy.
 
Totoro said:
DuckDuckGo to break the filter bubble and search privacy.
Click to expand...

DuckDuckGo has gotten a lot better recently.

I tried it a few years back and it clearly wasn't near google. I tried again earlier this year and it really is quite acceptable. I've made it my default search engine in all my browsers.
 
Totoro said:
DuckDuckGo to break the filter bubble and search privacy.
Click to expand...

I'm game :). Went ahead and added DuckDuckGo to use as my default search engine in FireFox. Will use for awhile and see if I miss Google as the default search or not. Also, if I want to "Google" something instead of DuckDuckGo something, the option is just a click away on the search.
 
I went ahead and also added StartPage too as a search engine for FireFox. StartPage uses Google but doesn't prevents Google from collecting my data on each search.

For now, I'll still use DuckDuckGo as my primary search. Reason why not just use StartPage as that uses Google is I like cheering for the underdog :).
 
You must log in or register to reply here.

Similar threads

S
Anyone use a VPN service?
2 3
Replies
53
Views
4K
indiajust
I
Janet H
Forum Update - We're back! Ask your questions here.
11 12 13
Replies
303
Views
8K
skyking1
skyking1
S
Chromecast Tips?
Replies
8
Views
555
arcyallen
arcyallen
Earl E Retyre
secondary brokered CDs - searching questions
Replies
3
Views
464
njhowie
njhowie
PaunchyPirate
IRS.gov Estimated Tax Payments - New?
Replies
13
Views
2K
audreyh1
audreyh1

Latest posts

Back
Top Bottom