84
submitted 10 months ago by corbin@infosec.pub to c/technology@beehaw.org
you are viewing a single comment's thread
view the rest of the comments
[-] Midnight@slrpnk.net 43 points 10 months ago

Another reason to use a VPN is that ISPs have every motive to sell your browsing data and they do. Unlike many other groups tracking you, your ISP inherently has your meatspace name, address, and payment information making their data easily collatable and very valuable.

If you use the default DNS on their provided router they can even tell if someone purchased an XBox, Playstation, or any other smart device just from update and telemetry lookups.

As the article says, by using a VPN youre using someone else's ISP making that info worthless.

If your threat model includes preventing ad networks from gathering data, a VPN absolutely is a tool to prevent that. Do you have to pay for a service? Probably not if you're technical enough; a VM in a data center is probably sufficient.

[-] sonori@beehaw.org 7 points 10 months ago

You could also just set your DNS to one of the many free DNSSEC providers. That’s even more secure because there are fewer middle men who can track you. After all, while your ISP may not be able to see that DNS traffic, if you arn’t using DNSSEC anyway then your VPN and their upstream provider can.

Besides, nearly all tracking nowadays uses third party browser fingerprinting, which a VPN does nothing about. Practically, a VPN is far more security theater than actual security.

Also, isn’t it funny that sending all your data though a second nation where it no longer legally counts as Amarican internet traffic became really well advertised right after a major scandal came out where the NSA was illegally monitoring American traffic, and more protections were put in place to keep them from doing it again?

You don’t even need the VPN company to be in on it, a group like the NSA can pretty easily compromise a “no logs” VPN’s technical infrastructure or that of their upstream provider, and they’re even got people who feel like they have something to hide to self select for it to cut down on the amount of boring traffic in the first place.

[-] starkzarn@infosec.pub 7 points 10 months ago

This is absolutely not what DNSSEC is. DNSSEC provides authenticity of the response, not privacy. You're describing a means of encrypted name resolution, like dns-over-tls, dns-over-https, etc.

[-] sonori@beehaw.org 2 points 10 months ago

Right, I had just responded off the top of my head and got the name wrong. Point still stands.

[-] starkzarn@infosec.pub 1 points 10 months ago

Potentially, but precision is important, especially if you're going to make sweeping claims about a topic, acting as an authority.

[-] sonori@beehaw.org 1 points 10 months ago

I mean it was just mixing up two similar names, the point remains the same.

load more comments (2 replies)
load more comments (15 replies)
this post was submitted on 01 Jan 2024
84 points (100.0% liked)

Technology

37702 readers
150 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS