Comment by belthesar
3 years ago
There's a fair amount of FUD tossed around in sponsored ad reads of a lot of independent creator content these days, so much now that the colloquial use of "VPN" these days for the masses is not "allow me to gain access to a network I control from anywhere" but "help me route my traffic to a specific geolocation".
Half truths are spouted about "securing your connection" and "preventing tracking" are provided, without the supplementary information that device and browser fingerprinting do more to identify you as a user than geolocation does. With HTTPS, traffic is already encrypted, and any DNS-over-HTTPS or TLS provider will also mask where you were headed to, leaving much of the supposed benefits to be mostly snake oil.
If, however, you want to use it to access geofenced content, or you employ an obscurity-in-depth strategy to anonymize your identity, then sure, go ham. But as to why usage has exploded by the masses, a healthy dose of paranoia and influencer marketing.
It's not a terrible result tbqh.
99.999% of airport wifi users don't know that their traffic is bridged. So unless WIFI-6 introduced some network segmentation features that I'm not aware of, it's still a good idea for Grandma and Grandpa Jo.
The reason it's ubiquitous on YouTube is because they are gouging the hell out of consumers. Honestly it should be provided by your ISP as a bundled service. Although then it's just Comcast gouging you instead...
Can confirm, it seems like every single YouTube channel I've watched in the past 2-3 years has had an ad for 3 or 4 VPN services. Plus, the internet is getting more segmented, when I send links to some US sites to my friends overseas they need a VPN to access it, which wasn't the case like 6-7 years ago.
there's still ISP domain level blocks (based on SNI) to contend with, even if they can't modify any content. Things such as court banned sites (pirating?), age restricted content, etc.
Somehow my ISP can see what I’m downloading even though I use https etc and has sent nastygrams a few times when they didn’t like what they saw.
SNI isn't encrypted. They can see plaintext domain name of your https requests. Obviously, they can also see the IP you're connecting to. Maybe ECH will be rolled out at some point, and we can stop using SNI.
They knew the filename. May be a vulnerability in an external client app, not sure. Says it encrypts connections but must be leaking somehow.
1 reply →
If you're torrenting, you should be aware that a cross-reference between your IP and the files you're transferring is effectively public information.
Oh, how does that work? Sounds like the encrypted connection isn’t?
1 reply →