The fallacy of VPN protection.....

For discussions about security.
Post Reply
Message
Author
belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

The fallacy of VPN protection.....

#1 Post by belham2 »

I know some on here believe in VPNs, and in fact keep posting stuff in this section (and other sections) about getting yourself a VPN and/or setting one up.

But others of us, for various reasons, have been warning about anyone thinking VPNs offer anything---which, in truth, they do not as currently structured today.

Here's an article to remind you why: if Virginia, USA is and has been doing it, you can be rest assured a wide range of other actors around the world are doing it too. Also, the integrity of VPN providers are constantly being exposed (there isn't a one that doesn't log what you do.....if you believe otherwise, nothing will help you):

https://theintercept.com/2018/08/15/nsa ... -sidtoday/


".....The NSA’s ability to crack into sensitive VPNs belonging to large organizations, all the way back in 2006, raises broader questions about the security of such networks. Many consumers pay for access to VPNs in order to mask the origin of their internet traffic from the sites they visit, hide their surfing habits from their internet service providers, and to protect against eavesdroppers on public Wi-Fi networks....."

jafadmin
Posts: 1249
Joined: Thu 19 Mar 2009, 15:10

#2 Post by jafadmin »

There are a lot of different applications for VPN. Most people using corporate VPN's are using the higher end encryption protocols like TLS and STLS.

But the largest sector of VPN use these days is Anonymous VPN. The reason for this is twofold.

First, and most importantly, it anonymizes your IP address and location. Run the following line of code from a console then open the output file with your web browser (it's xml) and you'll see the problem.

Code: Select all

wget -O - -q http://geoip.ubuntu.com/lookup > geoip.out
An anonymous VPN prevents the sites you visit from potentially doxxing you.

Secondly, it keeps your ISP from snooping on your web usage. For instance, my provider prioritizes Netfix over Hulu. So if I want to watch Hulu without constantly being disconnected, I connect my box to a special router I built that connects outbound to a VPN tunnel, then I can watch Hulu uninterrupted.

Now hook to an anon VPN and run the command again.

Finally, if you think you are going to do any kind of computing over the Internet that the NSA can't crack if needed, you are wrong.
Last edited by jafadmin on Sun 26 Aug 2018, 15:41, edited 2 times in total.

User avatar
mikeslr
Posts: 3890
Joined: Mon 16 Jun 2008, 21:20
Location: 500 seconds from Sol

#3 Post by mikeslr »

jafadmin wrote: If you think you are going to do any kind of computing over the Internet that the NSA can't crack if needed, you are wrong.
Emphasis mine.

Theoretically, everything you write, read or do over the internet may be available to some government, perhaps stored somewhere. But a wide expanse separates theory from reality.

I was an assistant prosecutor for six years. I was one of the first people hired by a new prosecutor. He gave an orientation speech, the gist of which was "Guys, this office used to wait for evidence of crime to wash up on the shore. We're going to go fishing." Special units were created to investigate narcotics trafficking, organized crime and municipal corruption. [Well, if you haven't guessed, I live in New Jersey :lol:] That was back in 'good old days' when judicial warrants had to be obtained to tap 'phones and plant bugs'. It wasn't difficult to obtain a warrant: the legal test is whether there was probably cause = [reliable evidence providing a reasonable suspicion] that a crime was being committed or that evidence of a crime would be found.

That power was used when we were certain it would be productive. In practice it meant that two detectives would have to sit listening to the device, 24/7 at tax-payers expense, but more importantly to us, their salaries coming out of the limited budget of the Prosecutor's Office. We had more productive tasks for our investigators than having them sit around all day hoping for some tid-bit.

There are 325 Million US citizen generating over 6 billion phone calls each day. Every minute on Facebook: 510,000 comments are posted, 293,000 statuses are updated, and 136,000 photos are uploaded. Facebook users also click the like button on more than 4 million posts every minute! 3,607,080 Google searches are conducted worldwide each minute of everyday. Worldwide, 15,220,700 texts are sent every minute! Instagram users post 46,740 pictures every minute. Citing in part, https://blog.microfocus.com/how-much-da ... -each-day/

I don't care how many supercomputers are assigned to the task of scanning stored information. How narrowly are the filters set? Too narrow any you miss important information; too broad and you get false positives. Eventually some human, employed at the tax-payer's expense and within the budget of some agency, has to examine what the computers have filtered out.

"If needed" is a very significant limitation.

mikesLr

p.s. Or maybe that the new Jobs Program. Hire half of America to monitor the communications of the other half. Better yet, pay everyone for a part-time, 20-hour p/w, job of monitoring the communications of everyone else. :twisted:

jafadmin
Posts: 1249
Joined: Thu 19 Mar 2009, 15:10

#4 Post by jafadmin »

@mikeslr, Thanks for the insight on this subject ..

Post Reply