I hate how the privacy services shove in your face the "unprotected" word
from JohnDarlen@lemmy.today to privacy@lemmy.ml on 23 May 18:08
https://lemmy.today/post/53483874
from JohnDarlen@lemmy.today to privacy@lemmy.ml on 23 May 18:08
https://lemmy.today/post/53483874
You disable the VPN, they show “unprotected”, come on, I’m not really unprotected, why such a dramatic word, I just disabled the thing a little, I’m “disconnected” but it doesn’t mean I’m actually unprotected, the same way it doesn’t mean I’m actually protected if I’m using a VPN.
threaded - newest
Mullvad uses the term “Disconnected” in their apps, and their website header says “Not using Mullvad VPN”.
(I know that’s probably not a good reason to switch providers, but they are really good in other ways too)
I just saw that on Proton VPN but I remember seeing other services forcing this “unprotected” word as if it was the end of the world.
“Please you need us look how you need us now you’re unprotected holy shit”
It’s just fear-based marketing, which I have a strong distaste for as well
This confused my parents too. They saw a sponsorship for some no-name VPN, with a bunch of scare tactics, and were afraid they would get hacked without a VPN. I had to explain that the VPN was only the entrance to the internet. We already have plenty of encryption in place with https. Only time I really “need” a VPN is for hotel/airport/mall public Wifi.
This is inaccurate. See my other comments.
You’ll know in about nine months, give or take, depending on when you went unprotected.
But VPN is not a privacy service.
Virtual Private Network?
Virtual wire from your PC to the provider. Nothing more, nothing less. And btw, the encryption of the “wire” doesn’t protect against online tracking (and https is already encrypted).
But DNS is not, and even HTTPS is leaking info via the SNI
That’s what i meant, the encrypted traffic doesn’t help privacy.
that’s just outright bullshit.
it already helps that most of the data in HTTPS traffic is encrypted, otherwise your network provider would see freely what user account do you use, to post what content, on what subforums.
encrypting all traffic on the wire helps additionally to hide what websites you visit (DNS and SNI in HTTPS) and what kind of other web services you use. your local ISP will only see an opaque stream of data to a single VPN company.
also wrong. It’s a virtual wire, that is significantly harder to be tapped, because signals on it are scrambled.
Au contraire:
The whole point of VPN is privacy.
youe internet connection is already encrypted if you are using https
.
I keep seeing this but I don’t understand. Does it not improve your privacy with respect to your ISP?
If your ISP tracks you, then yes; the VPN “tunnels” past the ISP. But keep in mind that the VPN provider can also sell your browsing history. And the ones suitable to work around DRM laws, usually don’t have strict data protection laws.
The issue is, that a lot of VPN providers sell their service as a privacy service, with loads of superficial bullshit or false promises.
“If” heh
I wouldn’t trust any ISP to not be tracking users
Laws.
It sure is. You get privacy from your ISP, or the network operator of what you’re connected to. Thats why people famously use them for things like piracy. If VPNs weren’t private, privacy wouldn’t exist.
Not necessarily. For example if your browser is fingerprinting you towards the webpage, a VPN will be useless when it comes to privacy.
Yes necessarily. What a VPN does to protect your traffic flows from your ISP or network operator is not affected by browser fingerprinting. On the contrary, this is something VPNs explicitly help with. Since web traffic is almost always encrypted, the types of limited traffic analysis they can normally do, they wouldn’t be able to do if all your traffic is going through a VPN. (Snooping on your DNS queries, looking at your TLS SNI, analyzing packet sizes and such)
Additionally, not all traffic you’re trying to protect with a VPN even uses a web browser.
VPN-alone is weak opsec. It changes your exit IP and that’s the whole trick. Meanwhile your browser leaks entropy everywhere: user agent, screen size, timezone, installed fonts, canvas/WebGL hashes, audio fingerprint, and your extension list — each add-on detectable through web-accessible resources, injected DOM, blocked bait requests, or timing tells. uBlock + Privacy Badger + Stylus + some niche translator + Vimium = probably a globally unique signature that follows you across every VPN exit you use. EFF’s Cover Your Tracks has been showing this for a decade. Customization is identity. And WebRTC just hands your real IP over anyway. STUN requests for peer discovery go straight through the tunnel in most default setups and leak both your local and real public IP to any page that asks — VPN connected, doesn’t matter. DNS leaks work the same way: if the OS resolver isn’t forced through the tunnel, you’re querying your ISP while pretending to be in Romania. Add OS telemetry, background apps phoning home, clock skew, TLS fingerprints (JA3/JA4) — none of which a VPN touches — and the “I’m anonymous because VPN xyz” idea falls apart. Tor Browser exists exactly because the only winning move against fingerprinting is to look identical to everyone else. Anything custom is a name tag.
No, changing your exit IP is not the whole trick. The whole trick is keeping your web traffic private from a snooping network operator, ISP, and the state, all of which a VPN is very good at, and is completely unaffected by anything else chatGPT just listed in your reply. None of those things are relevant to this conversation at all. You need to understand what a threat model is, and which one a VPN applies to.
The fact that you had to resort to asking ChatGPT to reply to me is an admission that you have no idea what you’re talking about and never did. If you can’t even speak for yourself then we’re done here.
There are cases where Iranian feminist authors and freedom fighters live in exile — for instance in Germany — and use their phones completely normally, whether Apple, Android, or whatever else. Yet Iranian agents still manage to track them. The reason is that the data is simply bought from data brokers: the Iranian regime purchases it and then sends people to observe these women in person.
Data broker tracking can be curtailed with a VPN, but a VPN alone does relatively little. What matters more is blending into the largest possible crowd. The point of using something like a default Firefox setup isn’t the browser itself — it’s that you end up with the same screen resolution, the same fonts, the same default settings that the largest number of people on the planet also have. If your browser deviates from that baseline, then details such as when you’re online, which apps you’ve installed, which websites you visit, which fonts and add-ons you have, your browser settings, your user agent, and so on, can uniquely identify you or single you out. The whole game is to keep the indistinguishable mass as big as possible: if someone knows the person they’re hunting is in a certain group, you want that group to be huge.
Once that fingerprint is known, you can be re-identified even under a different IP. So the data brokers who buy data from Facebook, Instagram, or wherever still have what they need. It’s also been shown that apps communicate with each other in ways that allow unique attribution across them. And depending on which country you live in, default regional versions — US builds, Apple US, and the like — aren’t necessarily privacy-compliant; whether that’s actually illegal depends on the jurisdiction.
On a desktop PC, the situation is similar. There it depends heavily on which browser you use. If you take a browser with completely default settings and then surf either with or without a VPN, you’ll be recognized all the same — meaning users can be de-anonymized regardless. So it really doesn’t help much at all.
And while we’re at it — go on, tell me what exactly in my last message you think I didn’t come up with myself. Be specific. Which sentence, which idea? I’d genuinely like to know what you think was put in my head.
It all depends on what you’re supposed to be protected from. Vpns protect your Communications from being intercepted and keeps your location anonymous.
So you are in fact unprotected from being located identified and tracked. You are also unprotected from having your Communications intercepted by a man in the middle.
If you’re on a public unsecured Wi-Fi network you are totally exposed. If you are on your own router connected through an isp, the ISP knows everything you’re doing, and attaches your billing information to that data and uses it.
So I really don’t think unprotected is a scare word. It is an accurate description of your situation.
VPNs don’t prevent a device from announcing its real location. And they protect you from a MITM at the ISP but not at the VPN provider, so you just switch who you trust. VPNs also don’t do anything to help with the browser fingerprinting that companies use to track you around the web. From the point of view of the services and sites you connect to, all a VPN does is change your IP address, and the IP address may not be a big part of how they track you in the first place. VPNs alone do not improve privacy much at all.
What VPNs do is shield your traffic metadata from inspection by the network hops between your client and the VPN provider (though the content is almost always enxrypted even without the VPN), and change your apparent location for any service that is exclusively using IP-based geolocation.
You don’t need a vpn to protect yourself over a public wifi network. All modern website have HTTPS with certificates so the website can’t get spoofed and no one knows what your doing on that website. Modern browsers will warn you before entering a website without https or a certificate. Using an encrypted DNS like nextdns further protects you so no one even knows what websites your visiting.
Ok I’m not 100% sure if using an encrypted DNS does fully protect you from outsiders finding out which website your visiting, hopefully someone can correct me if I’m wrong.
The only problem I see with public wifi is the peer-to-peer nature of it. You no longer have the protection of a gateway if somebody is trying to be nefarious. They won’t sniff https traffic, but might attempt to connect to open services like an unsecured listener for the cat feeder.
In that instance, locking down the internet connection with a VPN would prevent an attack.
I’ve actually never really considered that. I guess all other apps also need to be secure or sandboxed or lack permissions to do anything although even then it seems like apps can just escalate permissions on there own without you doing anything.
What other terms could they use?
Your data is leaking
Better simply “You’re Leaking”
They could just provide the facts: your connection is not protected by the VPN. The scaremongering is just marketing for the next renewal.
That’s no fun
Even better…“not connected”.
Being on a VPN doesn’t mean your connection is protected, necessarily.
That could theoretically be misconstrued by some users as meaning “not connected” to any network, though. And explaining it might be a little wordy for a notification. Maybe “VPN disconnected” or something.
True. Users are able to misconstrue things well beyond my imagination
Half of all people are dumber than average, yes.
disconnected
All substantially less likely to make me think of condoms
What a nice device you have got here. Wouldn’t it be a shame that something bad happened to you because you didn’t throttle your bandwidth or stopped paying your subscription on time?
Oh man you haven’t seen avast then
If you’re using a VPN to protect the destination of your traffic from the prying eyes of your ISP or the state, then the VPN would absolutely be protecting it, and therefore when disconnected you are by definition unprotected.
ITT: a lot of ignorant laymen who don’t understand the first thing about how the internet works.