Page 2 of 2

Re: VPN discussion: Are they necessary?

Posted: Sun Apr 07, 2019 3:50 pm
by LaxSlash1993
thecoalman wrote:
Sun Apr 07, 2019 11:09 am
A VPN would also prevent Google and other major tracking services from being able to use the IP as a means to track you.
But see, the issue with thinking that is that it's only a security-blanket type of a cover that's doing almost nothing at all in the way of protecting from targeting advertisers and analytics companies, anyways. IP Tracking is not an efficient way for targeted advertising to happen. Google's better off doing this with cookies and other means (ie, places that you signed into with your Google account). IPs are subject to change at a varying rate (a day, two days, sometimes a month, two months)... and if this were the case, then we'd be seeing the same targeted ads for everyone that had our IP Addresses before us, as well as the person after us seeing our targeted advertisements.

IP tracking by Google comes more in handy for like abuse-prevention (ie, same person clicking on a link 30,000 times to drive up the costs or revenue) tracking.

If a user wants to be safe from ad tracking, the better answer is doing some general PC and internet browsing maintenance - explicit whitelisting of cookies from websites (this can be setup in your web browser to have it prompt you), or conversely blacklist the websites that you don't want to track you (ie, Google). You can also setup your browser to clear your cookies on each exit, or on a set schedule even, in some cases.

Re: VPN discussion: Are they necessary?

Posted: Mon Apr 08, 2019 12:31 am
by thecoalman
I know the limitations of tracking via IP but it's one less data point Google would have. Keep in mind it's an aggregate of data they use and where google is concerned it's an enormous amount of data they will have access too.

Re: VPN discussion: Are they necessary?

Posted: Mon Apr 08, 2019 6:24 am
by John connor
thecoalman wrote:
Sun Apr 07, 2019 11:09 am
If the site is over HTTPS you are already protected from most spying. HTTPS not only secures the communication it also secures against the domain being spoofed. With HTTPS the exact URL is not know by the ISP or anyone else eavesdropping , they can only determine the domain/IP. A VPN will protect you from that.

When it's a HTTP site it can help protect you some, plain text traffic between your computer and the VPN is now encrypted so the ISP cannot read it, if you were using public wifi plain text logins are not exposed, etc. Keep in mind the hop between the VPN and the origin server is not encrypted.

A VPN would also prevent Google and other major tracking services from being able to use the IP as a means to track you.
https://imgur.com/sWOdoBH

Image

Re: VPN discussion: Are they necessary?

Posted: Mon Apr 08, 2019 9:30 am
by AmigoJack
Let's take John connor for example: he's not aware about his traces. He posts a picture on Imgur, thus incorporating a third party - everybody who wants to see the picture needs to request the resource from that website, leaking his IP address and by default his referer. Why not posting the picture as attachment in this topic without ever leaving https://phpbb.com?

It's about details: people nowadays use VPNs, social networks, WhatsApp, Google, IPv6 and whatnot, but they're not aware of the details - if they would just fully understand one of the things they do, they would also be more alerted doing the other things. Likewise they feel the need for VPNs, when in fact they mostly expose themselves to the VPN provider. Choosing IPv6 from a pool of billions is not helpful to being anonymous when nobody else is in this pool.

Re: VPN discussion: Are they necessary?

Posted: Tue Apr 09, 2019 2:47 am
by John connor
Leaking his IP? Bull. It's just another website like any other. There's no "leak." And I use an add-on in my browser that forges the UA and referrer. Most people don't eve do this so it's a moot point in arguing that crap.

As you can see if the network sniff, my point is that there are DNS requests that even though you use TLS, it's not encapsulated.

This website, I tell you.

Re: VPN discussion: Are they necessary?

Posted: Tue Apr 09, 2019 8:53 am
by John connor
LaxSlash1993 wrote:
Sat Apr 06, 2019 5:22 am
John connor wrote:
Sat Apr 06, 2019 4:01 am
In my VPN I can disable IPv6 for some reason. So why it's there must be a security reason. I'd have to ask my VPN as to why it's there.
Probably for the weird/rare times when someone's dealing with something that's not compatible with IPv6.

There's also some mis-led privacy concerns that people have on IPv6 in general that this probably caters to, as well. https://www.networkworld.com/article/21 ... -not-.html
I asked my VPN provider and he said it was to prevent IP leakage.

Re: VPN discussion: Are they necessary?

Posted: Tue Apr 09, 2019 12:27 pm
by thecoalman
John connor wrote:
Tue Apr 09, 2019 2:47 am
As you can see if the network sniff, my point is that there are DNS requests that even though you use TLS, it's not encapsulated.
As I already noted HTTPS requests will not hide the IP from your ISP, it's included in the header. The domain can be guessed. Securing the DNS lookup is irrelevant as far as HTTPS by itself goes.

You can secure the lookup using a secure DNS service but that is only relevant when using a VPN.

Re: VPN discussion: Are they necessary?

Posted: Fri May 31, 2019 5:09 am
by Heo32
Contributing to this topic, I came across this video:

Is a VPN Worth it?
https://www.youtube.com/watch?v=ny0S5VK7I70