• LWD@lemm.ee
    link
    fedilink
    arrow-up
    60
    arrow-down
    1
    ·
    8 months ago

    Why I just hand my browsing data over to my ISP (and so should you)

    Why I let random websites have my unique location-specific identifier (and so should you)

    Don't think so

    • biddy@feddit.nl
      link
      fedilink
      arrow-up
      2
      arrow-down
      8
      ·
      8 months ago

      Why would you hand your browsing data to the VPN company? It’s just moving the problem.

      • LWD@lemm.ee
        link
        fedilink
        arrow-up
        8
        ·
        8 months ago

        Market competition still exists for them, so they actually have a reason to live up to their promises still

        • toastal@lemmy.ml
          link
          fedilink
          arrow-up
          8
          arrow-down
          1
          ·
          8 months ago

          Didn’t watch the video, but… Traffic is often already encrypted with TLS or other encryption & you don’t have to use the ISP for DNS. This would cover a lot of the data you would be discussing. Instead if using these advertized commercial VPNs you are giving the data to those corporations instead which is hardly better in many cases—luckily most of your traffic is encrypted with TLS & you don’t have to use them for DNS …which takes us back to the previous statement for concerns.

          There’s still value in VPNs for a several online activities (censorship, piracy, activism, etc.) & threat models to certain folks, but assuming the ISP is the bogeyman in most common scenarios for non-niche use cases is incorrect—but it isn’t how these commercial VPNs are selling themselves. If the ISPs possess the ability to break TLS encryption we’d have bigger issues to worry about & VPNs wouldn’t help. I would assume the video goes in this route but chooses the clickbait title for views.

            • toastal@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              8 months ago

              If it’s all encrypted & they don’t have the DNS requests, all they can see is that you sent X bytes to some IP which isn’t very helpful. Who’s to say these VPNs aren’t selling their data back to the ISPs anyhow?

              • Lemongrab@lemmy.one
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                8 months ago

                Encryption doesn’t mean perfectly hidden. Metadata isn’t encrypted for HTTPS iirc. And the ISP knows who your sending traffic to since they are routing you there and are usually your DNS. When connected to a good and trusted VPN, all that is hidden, your DNS can’t give away your location, and the only server you contact is the VPN

                • toastal@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  8 months ago

                  What metadata? The headers are as encrypted as the payload. That there was a key exchange between you & a server isn’t too useful.

                  “Usually” is a strong word for DNS as well since all OSs let you change it & the megacorporations like Google & Cloudflare have already compelled a lot of folks to use their DNS ta resolve faster since the ISP ones are slow (& the smarter, curious folks used that as a launching point to find other provider or self-host). Some platforms have even been shipping DNS-over-HTTPS to get around some of these issues (since the payload & headers are encrypted under TLS).

                  • hatedbad@lemmy.sdf.org
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    8 months ago

                    the hostname of a website is explicitly not encrypted when using TLS. the Encrypted Client Hello extension fixes this but requires DNS over HTTPS and is still relatively new.

                  • Lemongrab@lemmy.one
                    link
                    fedilink
                    arrow-up
                    1
                    arrow-down
                    1
                    ·
                    8 months ago

                    Usually means in 99.9% of typical configurations unless you are a techy or an enterprise.

                  • Lemongrab@lemmy.one
                    link
                    fedilink
                    arrow-up
                    1
                    arrow-down
                    1
                    ·
                    8 months ago

                    It doesn’t matter if they are encrypted if you can sell the data about what the user is doing (eg if your connecting to a shopping website your probably shopping their). Better to obfuscate the source by choosing an endpoint that isn’t geographically related and associated with your identity. I only would ever recommend using a VPN that is open source and well audited by a renowned 3rd party auditor(s). https://luxsci.com/blog/what-is-really-protected-by-ssl-and-tls.html

                • toastal@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  8 months ago

                  By who? Who is auditing the auditors? That’s not to say audits aren’t good, but when the code is proprietary, a lot of trust is required. I would prefer banking on solid, open tech which the TLS standard is. There is still use cases for VPNs, but outside like streaming piracy, you might be better served by the Tor network.

                  • Lemongrab@lemmy.one
                    link
                    fedilink
                    arrow-up
                    1
                    arrow-down
                    1
                    ·
                    edit-2
                    8 months ago

                    Yeah, I don’t trust proprietary server backend. Also I2P is a good option that should be less slow under the traffic of thousands of users.

        • Possibly linux@lemmy.zipOP
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          8 months ago

          You are handing your data over to the VPN. However, with https only and encrypted DNS there is a lot less data to hand over