What's new
By:
Pinball info

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

VPN

Arv said:
No idea what your talking about.
Click to expand...

come on Arv! that glorious post about smart meters!

(I'm feeling generous for the cult obsessed Vimtoman, I didn't say that they did do this, but I did answer Arv's question).
 
I think you've been drinking a little too much from the koolaid fountain.
 
Vimtoman said:
1) As far as I'm aware your ISP can see your using a VPN if it's a common IP.
2) As for what your doing on it they cant.
3) The only way they can get to find out is for the VPN service to provide that information.
4) PIA I know dont share that info and have pulled out of countries that try to force them to provide it.
Click to expand...

I've explained quite a few things earlier in this thread (and others), and I'm staying away from the personal bits this has got into, but:

1) Yep, anyone in the IP path can see you're using a VPN - who that is depends on your access network, usually one of Wifi provider, ISP or mobile network. Some will even block it, to avoid you using the connection for potentially illegal stuff.

2&3) On a 100% correctly configured VPN, that routes all IPv4 and IPv6 packets through the VPN and has no security vulns then that is mostly true. On a badly configured one (which is very common) then they'll see some traffic, for example often DNS isn't pushed through the VPN so they'll have a record of every site you've visited. Some VPN software is also quite predictable on key generation and usage, enough that the encrypted stream can be decoded with some effort and not that extortionate costs - the power to do this used to be nation state level, but can now be done on AWS for low 000s in a fairly short timescale.

It is also fairly easy to determine traffic types from the packets sizes and frequency. For example, email collections has a certain profile (regular, every X minutes) which is very different to VoIP calls (lots of small packets in both directions) and different again from streaming (sustained usage in one direction only). Knowledge of where the VPN is (they have it's IP address) means RTT can be calculated. As most large services are also well known (both IP and streaming protocols and bandwidth profiles), you can use all that to infer the stream being watched. For example, when streaming determine you were using SkyGo for streaming. Not 100% accurate, but it only needs a minor leak of DNS (lookup of Sky) for corroboration. Just one example, but there are LOTS.

This is the sort of thing that Neil means, in his very, um, direct way of putting it. Most people have absolutely no idea what is possible, see the word "VPN" and assume they are safe, encrypted and no-one can figure out what they're doing.


4) The whole problem with this part is by definition, the countries which do not enforce internet practice have few controls on corporate or state use of data. That means you're often routing through Eastern Europe, Central America or Russia. There is very little protection for consumer data. They have little or no requirement to disclose data breaches and GDPR is non-existent. So whilst they may say they keep no logs and don't sell your data, how can you possibly be sure.


And 5) As I said before anything that isn't encrypted by the application itself will be in the clear from the public IP exit point onto the internet and viewable, loggable and traceable by every IP in the routing from that exit point to the actual provider. Which, somewhat perversely means that accessing a service based in UK or USA using a VPN which, say, exits in Russia or Panama is probably more risk than not using a VPN at all...
 
Wow. Fascinating stuff and I appreciate the insight into what is clearing a dividing topic. I did start by saying there are some clever buggers on here and I wasn't wrong.

My take away from this is that I probably shouldn't bother with a VPN and it potentially could be worse than not having one. As stated, I'm not after doing anything illegal so I guess getting one would be pointless?

Thanks for all you advice and err... bring on Pinfest!!
 
cyberkryten said:
I've explained quite a few things earlier in this thread (and others), and I'm staying away from the personal bits this has got into, but:

1) Yep, anyone in the IP path can see you're using a VPN - who that is depends on your access network, usually one of Wifi provider, ISP or mobile network. Some will even block it, to avoid you using the connection for potentially illegal stuff.

2&3) On a 100% correctly configured VPN, that routes all IPv4 and IPv6 packets through the VPN and has no security vulns then that is mostly true. On a badly configured one (which is very common) then they'll see some traffic, for example often DNS isn't pushed through the VPN so they'll have a record of every site you've visited. Some VPN software is also quite predictable on key generation and usage, enough that the encrypted stream can be decoded with some effort and not that extortionate costs - the power to do this used to be nation state level, but can now be done on AWS for low 000s in a fairly short timescale.

It is also fairly easy to determine traffic types from the packets sizes and frequency. For example, email collections has a certain profile (regular, every X minutes) which is very different to VoIP calls (lots of small packets in both directions) and different again from streaming (sustained usage in one direction only). Knowledge of where the VPN is (they have it's IP address) means RTT can be calculated. As most large services are also well known (both IP and streaming protocols and bandwidth profiles), you can use all that to infer the stream being watched. For example, when streaming determine you were using SkyGo for streaming. Not 100% accurate, but it only needs a minor leak of DNS (lookup of Sky) for corroboration. Just one example, but there are LOTS.

This is the sort of thing that Neil means, in his very, um, direct way of putting it. Most people have absolutely no idea what is possible, see the word "VPN" and assume they are safe, encrypted and no-one can figure out what they're doing.


4) The whole problem with this part is by definition, the countries which do not enforce internet practice have few controls on corporate or state use of data. That means you're often routing through Eastern Europe, Central America or Russia. There is very little protection for consumer data. They have little or no requirement to disclose data breaches and GDPR is non-existent. So whilst they may say they keep no logs and don't sell your data, how can you possibly be sure.


And 5) As I said before anything that isn't encrypted by the application itself will be in the clear from the public IP exit point onto the internet and viewable, loggable and traceable by every IP in the routing from that exit point to the actual provider. Which, somewhat perversely means that accessing a service based in UK or USA using a VPN which, say, exits in Russia or Panama is probably more risk than not using a VPN at all...
Click to expand...

Do you think ISP's are monitoring users like you mentioned ?
They must have millions of computers doing this all the time just to get us.

@Tucks has just mentioned he's not using one just from your advice and @Neil McRae advice.
Lets hope he's going to be OK in the future. If he is doing something he shouldn't.
 
Last edited:
We’ve got nothing better to do all day than monitor your traffic.

Ask yourself this - Why would ISPs monitor your traffic?

Of course quantum makes this all a bit irrelevant ;)


Sent from my iPhone using Tapatalk Pro
 
No way near quantum. :rolleyes:

A good encrypted VPN would suffice.
As long as it does not drop or leak DNS its fine.
 
when are you starting your cult Vimtoman?! ;)


Sent from my iPhone using Tapatalk Pro
 
Bloody hell. Three pages about VPNs and no one has mentioned porn. Dan you absolutely have to come out of lurk mode and share your views 😉
 
I leave a thread for not even a whole week, promising myself that I'd come back and write one of my long, tedious posts in it, and... this thread happened.

Not much else left to say. There are legitimate use cases for a VPN but if you don't know them specifically, you won't need them. They're either extremely boring and something you use as added security with your current job - or you're using them because even if they aren't perfect security/protection, you need all you can get and you're willing to take the risk.

Of course in that second category, the moral use cases are vanishingly few and far between (whistleblowers.) 98% of people of VPN use is people wasting money evading geo lockouts on stuff, getting illegal content... and of course being paranoid and ill-informed, like anti-vaxxers.
 
PBrookfield said:
I leave a thread for not even a whole week, promising myself that I'd come back and write one of my long, tedious posts in it, and... this thread happened.

Not much else left to say. There are legitimate use cases for a VPN but if you don't know them specifically, you won't need them. They're either extremely boring and something you use as added security with your current job - or you're using them because even if they aren't perfect security/protection, you need all you can get and you're willing to take the risk.

Of course in that second category, the moral use cases are vanishingly few and far between (whistleblowers.) 98% of people of VPN use is people wasting money evading geo lockouts on stuff, getting illegal content... and of course being paranoid and ill-informed, like anti-vaxxers.
Click to expand...

The only reason to use a VPN is to protect you from whats on the other side.
 
You know that feeling when it's just best to leave a thread well alone because the people in it seem to be quite content with their own company, conversation and even jokes in it, and that your presence is surplus to requirements?

No idea why that came to mind. But I think I'll take my leave from the pinballinfo VPN thread all the same
 
PBrookfield said:
You know that feeling when it's just best to leave a thread well alone because the people in it seem to be quite content with their own company, conversation and even jokes in it, and that your presence is surplus to requirements?

No idea why that came to mind. But I think I'll take my leave from the pinballinfo VPN thread all the same
Click to expand...

I think your taking it all too seriously :)
 
You must log in or register to reply here.
Back
Top Bottom