💾 Archived View for her.st › blog › how-vpns-are-not-helping-you.gmi captured on 2023-01-29 at 02:54:00. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

First of all, a VPN will only hide information from your ISP as you are encrypting everything on your computer and then send it to the VPN provider which then decrypts it and passes it on to the open internet. This means the VPN provider itself has the ability to see exactly what you're doing and keep records of every packet you send through it.

what if vpns are illegal in your country

Then you're fucked as soon as you connect.

VPN1

VPN2

The popular VPN protocols like OpenVPN and WireGuard are easily detected on the network. Even if your government doesn't know what sites you access, they see that you are using a VPN and the IP of the VPN server you're connected to. Now they can call your ISP, get your address and come arrest you. They don't even have to go to the VPN provider in that situation.

SSH is usually not monitored though, and supports tunneling. If you happen to own a vps somewhere that isn't directly connected to you, you might create a socks5 tunnel quite easily - like from her.st hosting paid with monero.

ssh -ND 8080 user@ho.st # Creates the socks5 proxy
curl -x socks5h://localhost:8080 https://wtfismyip.com/text # uses the proxy

vpn3

but make no mistake, ssh tunnels have a considerable impact on your net speed, especially ping times.

SpeedTest 1

compared to without the tunnel

SpeedTest 2

That's just a socks proxy though, not a VPN. DNS for example will still bypass the tunnel.

vpn's are legal and my vpn provider doesn't keep logs

Let's give them the benefit of doubt and say they really don't. Who's to say the Datacenter they reside in doesn't? After all, packets from protocols like OpenVPN are easily identified on their infrastructure - as I've made evident above.

Additionally, if the VPN you're using is in any of the following countries

They are required *by law* to have logs and share them with the authorities.

Even if they *claim* not to keep logs. If you live in one of them, your government can spy on you by proxy - simply report you to a member-state and request the data from them.

Additionally, in order to pay the VPN provider, you have to give them your payment details which are directly linked to you. The only VPN provider on the clear-net that allows cash payments and no sharing of personal details - as far as I know - is mullvad

mullvad

Do you think your VPN provider will defend you when they get pressured/threatened by a government to surrender the data they have about you? Risking their business? Their money? Don't be naive.

Comments

View/Write Comments