Please stop. VPN + TLS is essential. VPN does not mean you’re automatically L2 bridged with a local segment. Changing source headers because your exit gateway is somewhere else does not hide IPs in any way. Many consumer level protocols have original source IPs in the payload.
I was talking about the networking concept of a VPN. If you use a VPN to connect into a foreign country, where you then make a web request from that remote LAN to some questionable webpages, you absolutely do want TLS for that connection. But that’s separate from the VPN concept.
I don’t know much about the consumer-grade services, but I have heard that lots of them are actually just proxies, not proper VPNs, which I guess, is what you’re talking about. With a proper VPN, you initiate the web request, using an IP address in the range of the remote LAN that you’re connected to. Therefore, fiddling with the headers is not necessary, in that case.
Ultimately, my point is that proper VPNs can do everything the consumer-grade stuff does, so for an effective ban, you would need to prohibit them, too, which is where lots of organizations/companies will be strongly opposed.
You’re not understanding what I said. Or you’re intentionally pretending to be at a junior level to misinterpret. I recommend picking up any edition of Computer Networks from Tanenbaum.
Please stop. VPN + TLS is essential. VPN does not mean you’re automatically L2 bridged with a local segment. Changing source headers because your exit gateway is somewhere else does not hide IPs in any way. Many consumer level protocols have original source IPs in the payload.
I was talking about the networking concept of a VPN. If you use a VPN to connect into a foreign country, where you then make a web request from that remote LAN to some questionable webpages, you absolutely do want TLS for that connection. But that’s separate from the VPN concept.
I don’t know much about the consumer-grade services, but I have heard that lots of them are actually just proxies, not proper VPNs, which I guess, is what you’re talking about. With a proper VPN, you initiate the web request, using an IP address in the range of the remote LAN that you’re connected to. Therefore, fiddling with the headers is not necessary, in that case.
Ultimately, my point is that proper VPNs can do everything the consumer-grade stuff does, so for an effective ban, you would need to prohibit them, too, which is where lots of organizations/companies will be strongly opposed.
You’re not understanding what I said. Or you’re intentionally pretending to be at a junior level to misinterpret. I recommend picking up any edition of Computer Networks from Tanenbaum.
Why so hostile?
Because he’s a self admitted crackhead, and they tend to be very emotional.
Are you interested in the answer or Internet points?