Comment by deelowe

There's a fair amount of FUD tossed around in sponsored ad reads of a lot of independent creator content these days, so much now that the colloquial use of "VPN" these days for the masses is not "allow me to gain access to a network I control from anywhere" but "help me route my traffic to a specific geolocation".

Half truths are spouted about "securing your connection" and "preventing tracking" are provided, without the supplementary information that device and browser fingerprinting do more to identify you as a user than geolocation does. With HTTPS, traffic is already encrypted, and any DNS-over-HTTPS or TLS provider will also mask where you were headed to, leaving much of the supposed benefits to be mostly snake oil.

If, however, you want to use it to access geofenced content, or you employ an obscurity-in-depth strategy to anonymize your identity, then sure, go ham. But as to why usage has exploded by the masses, a healthy dose of paranoia and influencer marketing.

The VPN market has had considerable growth year-to-year since at least 2009. It's just that in the last few years that growth has added up to big absolute numbers.

Here's how I think about customer segments:

* Those interested in online privacy

* Those interested in circumventing censorship

* Those interested in a secure network channel from their machine to "The Internet", by which I mean secure from their local ISP eavesdropping on them.

* Those interested in circumventing geographical restrictions.

Due to the nature of the Internet and how its most important protocol (IP) works, changing your IP address is a necessary, but not necessarily sufficient, step in protecting your privacy online. This fact says something about the long term relevance of VPNs, Tor, and similar technologies.

Source: I'm one of the co-founders of Mullvad VPN.

VPNs of the Mullvad type (not them specifically): Mostly marketing to the ignorant, but also people in police states and people who are getting annoying letters about their torrenting.

VPNs of the Tailscale type: Mostly people who self host apps and want them to be available across their devices without opening them up to the internet, or be able to access their NAS from Starbucks.

For me, at least when it comes to Tailscale, it was Tailscale SSH and MagicDNS. I haven't had to touch `sshd` at all, and I get automatic HTTPS certificates for machines connected to my tailnet. Also, it's free.

[1] https://tailscale.com/tailscale-ssh/ [2] https://tailscale.com/kb/1081/magicdns/

I don't do anything sketchy online, but I use a VPN for the same reason I use HTTPS rather than HTTP, ssh rather than telnet, BTC/XMR rather than my credit card (when possible), and LUKS FDE rather than nothing. I value my privacy, and I want to fight the false perception that privacy-enhancing tools are only for shady usage by shady people.

Use a VPN for the same reason you close the stall door in a public restroom.

(I'm not necessarily agreeing with your premise that VPN usage has recently grown; I don't know that to be the case.)

what does "VPN use seems to have exploded in recent years" mean? I mean, what have you observed? "VPN" means lots of different things.

VPN to company is much more popular with businesses because of WFH and Covid.

consumer VPNs to random providers that advertise on podcasts are way up because of different countries having different video streaming service catalogs and because in the US consumer ISPs are increasingly privacy- and reliability-hostile. there's also a big marketing buzz because scaring people over these things was good for signups, so consumer VPN providers chose to advertise a lot.

Tailscale on the other hand is a way to re-create an actually flatly routable Internet, for myself, but with 2023 security levels.

Mostly because geofencing is getting much more widespread for various legit reasons (security, anti spam, licensing restrictions, etc) and very annoying for end users.

Netflix. Their library varies significantly by country

Generally it's to guard against ISP spying. In the case of your personal devices that you walk around with at work, the "ISP" is "your employer". Employer IT pride themselves on being far more nosy than your run-of-the-mill ISP.

Just my 2cents that I wrote about here[0]. It boils down to:

1. Ease of use for non technical folks (my dad in the post)

2. The dangers of having an exposed ssh port (even on non standard ports)

I just don't have the time or compute to constantly tweak my security settings for a publicly exposed port, so the easiest way to solve the problem is to not have the port publicly exposed

---

0: https://blog.imraniqbal.org/tailscale/

I use a VPN anytime I leave my house (although it's not a commercial "service"), because network-based telemetry is on the rise and companies that offer free WiFi as well as our telcos are basically out to get us. See https://www.wired.com/story/verizon-user-privacy-settings/ as one example.

I don't want to "opt-out" and hope companies actually follow their policies, or assume their policies are sufficient when I "opt-out". So I ensure all of my network traffic is routed through my home no matter where I'm at or which device I'm using, and then from my home I ensure all my network traffic is routed through a business-grade connection that is offered under standard contract terms that preclude the type of fuckery that every ISP in America seems to think is acceptable to do to consumers.

That's why I use a VPN, and I'm pretty sure a lot of people who use a commercial VPN service do it for very similar reasons and don't have the technical know-how or wherewithal to set something like I have up for themselves.

A lot is driven by torrenting. Exposing your real IP will get you sued or banned by your ISP.

For VPN in the Corporate network sense, it's for easy access to your computers. You don't want to have to open ports on your router or hope that whatever world-accessible service you throw out there is secure - instead, Tailscale handles authentication, authorization (if you'd like to set up ACLs), and it handles NAT traversal without any open ports.

Privacy and tracking prevention. It can get you access to stuff that's not in your country, depending on the service you're trying to get.

I think a primary reason is "more privacy" (Mainstream VPNs actually reduce privacy) closely followed by bypassing regional restrictions (like blackouts during sports games, using Pornhub in Utah or Alabama, or looking up clinics that perform abortions in Texas) followed by bypassing ISP restrictions.

For me the fact is there are really easy to use user interfaces for VPNs now. They are very performant and low latency as well, so they're practical for everyday browsing on the modern web and even for gaming and streaming.

Also, geographical blocks on content such as Netflix and BBC etc

Aside from "Privacy VPN" usage, there are other reasons to have VPN server (including tailscaled) at home. Some home network connection doesn't offer public IPv4. People want to avoid exposing any port to the internet.

States attempting to pass age-verification laws, and large streamers trying to fuck over customers by locking their account access to their home IP.

I can't speak for everyone, but technologies like WireGuard, Tailscale, and Nebula are not merely VPN solutions. They're SDN solutions that incorporate VPN capabilities, WireGuard (and thus Tailscale... in most cases) being unique that they're incorporated at the kernel level. Having a single overlay network for my cloud host, home servers, cell phone, and personal computers allows me to construct my own private cloud of sorts.

Here's a visual: https://mermaid.live/edit#pako:eNptUstugzAQ_BXL5_ADHHqBSjlUJ...

* fud from youtube sponsorships

* circumvention of geoblocking