Difference between revisions of "Security notes - security for the everyday person"
From Helpful
m (→Is it important to use a VPN?) |
m (→Is it important to use a VPN?) |
||
| Line 245: | Line 245: | ||
| − | That said, while most people wouldn't get much out of one, there are a | + | That said, while most people wouldn't get much out of one, there are a some few ''types'' of online presences are better off with one. |
| + | Upsides | ||
| + | * getting around country restrictions, or even just sites that overzealously switch you to the country you're in while traveling | ||
| + | : ...using VPN not for its security, privacy, or encryption, just the fact it is effectively a [[proxy]] to elsewhere | ||
| − | |||
* Defeating listening/blocking as sometimes done on public WiFi (usually illegal, but that doesn't mean they don't) | * Defeating listening/blocking as sometimes done on public WiFi (usually illegal, but that doesn't mean they don't) | ||
| − | |||
:: Redundant in that: the network behind it can't snoop on HTTPS traffic, which is now common (and always was on banks and such) | :: Redundant in that: the network behind it can't snoop on HTTPS traffic, which is now common (and always was on banks and such) | ||
| + | :: Redundant in that: other WiFi clients already can't snoop on you (because of how WiFi works), except with some specialist hardware | ||
:: useful in that: the network behind it ''can'' listen to plain HTTP, and DNS lookups, and SNI headers (and block based on each) | :: useful in that: the network behind it ''can'' listen to plain HTTP, and DNS lookups, and SNI headers (and block based on each) | ||
| − | :: useful in that: that network cannot see what you're connecting to, e.g. "logging into work" | + | :: useful in that: that network cannot see what you're connecting to, e.g. "logging into work" |
| − | * the above may | + | * the above may reveal very little - e.g. where I work or what I'm interested in |
| − | :: which I generally wouldn't care about | + | :: which I generally wouldn't care about, and most places wouldn't care to collect (can't correlate it to much) |
:: but I also don't mind people ''not'' knowing that | :: but I also don't mind people ''not'' knowing that | ||
| − | * defeating trackability of people who are specifically interested in you | + | * defeating some of the trackability of people who are specifically interested in you |
: (...but please don't bait scammers unless you know what you're doing) | : (...but please don't bait scammers unless you know what you're doing) | ||
* people wishing not to get doxxed. | * people wishing not to get doxxed. | ||
: say, livestreamers. | : say, livestreamers. | ||
| − | : lets you hide your home IP address. | + | : lets you hide your home IP address. IP usually only gives you area, maybe city - but is still a reasonable defense (assuming it is not your only one!) |
| − | + | * avoiding warnings from your own ISP (or others) for using P2P | |
| − | + | : this won't be in the ads for dubious-legality reasons | |
| − | + | ||
| − | + | ||
| − | * avoiding warnings from your own ISP for using P2P | + | |
| − | : this | + | |
| − | + | ||
| − | + | ||
| Line 292: | Line 288: | ||
Downsides: | Downsides: | ||
| − | * slower. How much varies, and many uses are not heavy enough for you to notice this | + | * slower. How much varies, and many uses are not heavy enough for you to notice this slowdown |
* may give a false sense of security | * may give a false sense of security | ||
:: most people don't realize what it ''doesn't'' protect. Basically, see all of the 'Neither' section below | :: most people don't realize what it ''doesn't'' protect. Basically, see all of the 'Neither' section below | ||
| − | * the VPN servers you use may be logging a ''bit'' more than nothing (to stay legal) | + | * the VPN servers you use may be logging a ''bit'' more than nothing (to stay legal wherever they are located) |
:: generally short-term logs for a mix of reasons, because applicable law requires it, or because the company can evade a lot of liability if they do. | :: generally short-term logs for a mix of reasons, because applicable law requires it, or because the company can evade a lot of liability if they do. | ||
:: Meaning that if a government actively has a warrant to request who the other side of a specific VPN IP is at a specific time, they will probably get it - if requested within reasonable time. | :: Meaning that if a government actively has a warrant to request who the other side of a specific VPN IP is at a specific time, they will probably get it - if requested within reasonable time. | ||
| Line 306: | Line 302: | ||
What you may think it does, but doesn't: | What you may think it does, but doesn't: | ||
* "VPN makes your internet connection faster" | * "VPN makes your internet connection faster" | ||
| − | :: No. Also,that's vague. See the next two points. | + | :: No. Also, that's vague. See the next two points. |
* "VPN makes your latency lower" | * "VPN makes your latency lower" | ||
:: It can't. ''The very nature of what it does'' is an extra step in routing: via the VPN servers | :: It can't. ''The very nature of what it does'' is an extra step in routing: via the VPN servers | ||
:: it may not add much at all. And if it adds very little, the tradeoff of what it gives you may be well worth it, but it ''doesn't'' reduce it. | :: it may not add much at all. And if it adds very little, the tradeoff of what it gives you may be well worth it, but it ''doesn't'' reduce it. | ||
| − | :: if a test somehow shows | + | :: if a test somehow shows lower latency, that test is extremely forced in a way we must get technical about. |
* "VPNs make for faster download speeds" | * "VPNs make for faster download speeds" | ||
:: Generally not. | :: Generally not. | ||
:: may have slight negative effect, depending on the case, but generally not much. | :: may have slight negative effect, depending on the case, but generally not much. | ||
| − | :: the only reason it would be positive is that someone is specifically slowing that download | + | :: the only reason it would be positive is that someone is specifically slowing that download, and now cannot |
| − | ::: | + | ::: if so, yeah, a VPN would be a good stopgap - while you take country-wide legal action to what is probably illegal for your ISP to do, or that you ''want'' to make a big fuss about making illegal. |
| − | + | ||
| + | * "It makes you anonymous, protecting your identity or privacy" | ||
| + | : to who? The sites you visit and log in to with your personal information? Not so much. | ||
| + | : Even when you don't log in, sites can use other tracking methods. They are more statistical and less certain, but do more than you may think, and VPNs do very little againt them | ||
| + | : not least of which that there are many other ways you reveal yourself, knowingly or unknowingly | ||
| + | : it's potentially ''dangerous'' to think yourself more anonymous than you are. | ||
| − | |||
| − | * | + | * "Protects you from hackers, scammers, phishers" |
| − | :: | + | : there are a few specific attacks it protects against |
| − | + | : and many more that it has no effect on at all | |
| + | : Note that any attacks that rely more on human mistake, not technical weakness, ''cannot'' have a technical solution. | ||
| − | |||
| − | |||
| − | |||
* you've not removed the point of possible corruptibility, you've ''moved'' it | * you've not removed the point of possible corruptibility, you've ''moved'' it | ||
Revision as of 22:29, 27 June 2022
| Security related stuff.
Practical
|
