LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (https://www.linuxquestions.org/questions/general-10/)
-   -   Drawbacks of using an anonymouse VPN to access the internet? (https://www.linuxquestions.org/questions/general-10/drawbacks-of-using-an-anonymouse-vpn-to-access-the-internet-4175648393/)

273 02-15-2019 03:04 PM

Drawbacks of using an anonymouse VPN to access the internet?
 
There are many "anonymous" VPN services available and, as it happens, I have used a few. However, I would like, perhaps, to change to using them almost all the time.
So, if I log in here and post, then accidentally access something I should not from my country, how will my having accessed here first compromise me?
Similarly, should I accidentally click on a link to a server hosting malware -- will I be any better off should I reboot and change my VPN endpoint? Yes, I know that the same software will be running but I mean will the VPN make it any less likely that my true identity will be found by the attackers?

273 02-19-2019 12:33 PM

I should clarify that I do not wish to break the law and, as far as I can tell, using a VPN to access the internet is still legal in this country.
I am more worried about accidentally accessing something like copyright infringing media through a VPN which I also use to connect here. Also, entities like Google tracking.
Yes, if I commit a crime I know that, for example, this site may be compelled to give up every IP address I have used. But how would that help Google, for example, track me.
I am being deliberately vague here as I want to hear ideas of why passing everything through a VPN to some other site or country could be a bad thing. I know TOR tell users never to log into a site they use, lest they identify themselves, but to whom are they identifying thenselves?

sevendogsbsd 02-19-2019 12:52 PM

The VPN is just the transport mechanism so logging into your bank, or email, etc, shouldn't be an issue. Sites that use location via GEOIP will not be able to tell where you are coming from, unless you are configured to allow your physical location to be advertised - not even sure you can do that, never used a VPN service.

Your true identity cannot be determined over the Internet. You can send personal data like login info or other personal info but that is tied to a physical person and the receiver has no idea if that is actually, physically, you, or just someone with your data.

An "attacker" would attack either the source or destination endpoints, and most attackers could care less about the average individual; they want targets with $ or targets where an attack can make a statement.

273 02-19-2019 01:04 PM

Yes, I've already confirmed the GEOIP stuff point to the endpoint country but, if you read TOR guidlines for example, they state that using accounts in your real name is a bad idea. As far as I can tell if I log into my bank through a VPN the "https" keeps my password encrypted from the VPN provider and the fac that I'm using a VPN stops my ISP knowing what I am accessing.
So, why do the TOR people recommend not using it all the time? I have my own ideas but I'm not convinced my thinking is logical on this.

sevendogsbsd 02-19-2019 02:12 PM

Well, if I had to guess, it's that people using and promoting TOR are either doing things they shouldn't be: buying/selling child porn, buying/selling stolen info, communicating with nefarious individuals, etc. Not saying all TOR use is bad, but why would someone say "using accounts in your real name is a bad idea.", unless you wanted to hide your identity? Your bank needs to know who you are, so do other businesses where you buy things and have them shipped to your house, etc.

It's an extreme level of paranoia in my opinion. I have never used TOR and have no reason to use TOR. It's a separate "Internet" for lack of a better word and now the media has coined it as the "dark net".

I can retain the level of anonymity I wish on the regular Internet, without a VPN. Even with a VPN, there is a point where your traffic has to jump off the endpoint and reach a business or web site. You are only using a VPN to mask your origination point and provide an extra layer of protection over HTTPS.

cantab 02-19-2019 07:32 PM

In my view all using a "private" VPN does is make it so that instead of one company (your ISP) being able to spy on everything you do, a different company (the VPN provider!) can spy on everything you do. In either case if they claim they don't spy, there's no way they can prove it to you.

It's difficult to be truly anonymous on the internet. There are many ways you might be tracked across different connections, VPNs, etc. If you're posting stuff rather than just reading, your writing style and posting habits will give you away.

jefro 02-19-2019 08:47 PM

My opinion is you are just moving the point where someone can detect your activities. The point is now at some company beyond your control. They may have access to your system more easily as well as your data.

273 02-20-2019 01:05 PM

So, in sum, using a "private VPN" for everything is a choice between my ISP, or wireless hotspot I use, and the VPN provider and which of those I trust more?
Not a good situation but, since I'm not breaking any laws, seems to come down to convenience. Oh, and using a VPN on any WLAN I don't own.

ondoho 02-21-2019 02:19 AM

i think it all comes down to your own IP address; those are tied pretty tightly to an actual person (or machine).
afaiu a VPN can completely hide your IP address - not from your ISP but from your google phone and from every site you visit.
It also hides your internet traffic from your ISP (and whoever else might be listening in).
One has to weigh that against the fact that your VPN then potentially knows everything you do.

IMO, once you make the decision that you want to do things that way, it makes very little sense to then use your real name / address / phone number etc. on a VPN.

273 03-02-2019 03:54 PM

Quote:

Originally Posted by ondoho (Post 5964830)
i think it all comes down to your own IP address; those are tied pretty tightly to an actual person (or machine).
afaiu a VPN can completely hide your IP address - not from your ISP but from your google phone and from every site you visit.
It also hides your internet traffic from your ISP (and whoever else might be listening in).
One has to weigh that against the fact that your VPN then potentially knows everything you do.

IMO, once you make the decision that you want to do things that way, it makes very little sense to then use your real name / address / phone number etc. on a VPN.

The issue there being that it means I cannot, for example, post on this forum and browse a site I don't want to know my IP at the same time with the same browser.
Also, I sometimes use "public" WiFi networks in coffee shops, bars and hotels where I would want to use the VPN as a way of being able to do things like send email and apt update without the risk of something being leaked to the provider. On the other hand, when I'm at home, all I want to do with the VPN is thing like IRC from a more anonymous IP and watch Norwegian TV.
Yes, I know, I could tell the VPN client to let certain programs bypass it and I could just be more careful and take more time setting things up. But my question is "Does it matter if I just send everything through a VPN sometimes and don't send some of it through the VPN at other times?".

weirdwolf 03-03-2019 04:06 PM

Quote:

Originally Posted by 273 (Post 5964605)
So, in sum, using a "private VPN" for everything is a choice between my ISP, or wireless hotspot I use, and the VPN provider and which of those I trust more?
Not a good situation but, since I'm not breaking any laws, seems to come down to convenience. Oh, and using a VPN on any WLAN I don't own.

I'm sorta paranoid, and not sure about VPN's or TOR, Tried TOR and was slow as stp [motor treatment] in winter. Use a VPN as part of a "no root firewall" in android, seems to slow it down as well.

as far as trust, don't really trust anyone as it looks like anyone can set up a VPN or TOR router. [probably a couple dozen free VPN's in android ]

273 03-03-2019 04:13 PM

Quote:

Originally Posted by weirdwolf (Post 5969481)
I'm sorta paranoid, and not sure about VPN's or TOR, Tried TOR and was slow as stp [motor treatment] in winter. Use a VPN as part of a "no root firewall" in android, seems to slow it down as well.

as far as trust, don't really trust anyone as it looks like anyone can set up a VPN or TOR router. [probably a couple dozen free VPN's in android ]

I actually pay for a VPN which states that it doesn't keep records and the speed is close enough to my phone or home broadband that for things like watching YouTube or the aforementioned Norwegian TV it's not noticeable.
Edit: For what it's worth I'm using "Private Internet Access" -- they sponsor a YouTube channel I watch a lot and are pretty cheap.

weirdwolf 03-03-2019 04:41 PM

Howdy 273
Well there you go, Not sure if it makes any difference on your side of the pond as I would like to trust what I hear from different providers. Brother wants to try "Nord VPN", I said go for it.

Trihexagonal 03-03-2019 06:20 PM

Quote:

Originally Posted by 273 (Post 5962562)
Similarly, should I accidentally click on a link to a server hosting malware -- will I be any better off should I reboot and change my VPN endpoint?

I would be more worried about if I had bothered to pay for a VPN and had scripting enabled in my browser. Not that it should make any difference what they hosted, but if that malware was in script driven ads or another means to do a drive-by download of said malware.

I've seen Nord commercials on local TV. I was always advised not to trust anything as being secure that used "military grade" as a buzzword like they do. I would go with one they recommended on sites where they grade them if I was going to pay for one today.

My ISP spying on me isn't as big a concern as other Big Brothers but not so worried I use one anymore. I seem to remember something about letter agencies owning some of those TOR nodes and my using it attract attention from interested parties. I tried Tails to see what it was about but not interested.

If I was going to try to hide what I was doing I'd use Kali to switch my MAC and take a ride on LLE wi-fi. Go big or stay home. But those the ramblings of a wandering mind... I only go to a few forums and no need to hide anything.

Back in the days of Win98 I paid high dollar for an account with an anonymous proxy in Turkey. Not to hide illegal activity or the sites I visited but anonymity was a big part of my security plan at the time. I was into chat back them and the rooms I went showed your IP with your message.

I loved using MultiProxy when I posted on forums where the IP was displayed with posts and could switch proxies with the click of a button from list of proxies posted. Woefully having wandered to Win98 with weak wetware...

I would never use a proxy or VPN to do online banking, business on ebay or any time I had to enter my password.


All times are GMT -5. The time now is 12:12 AM.