OVERKILL
$100 Site Donor 2021
TOS as to what's collected:
Note the owner of many popular VPN's is Kape (formerly Crossrider), who apparently does/did ad tracking and injection.
3rd party VPN privacy
- Thread starter OVERKILL
- Start date
TOS as to what's collected:
Note the owner of many popular VPN's is Kape (formerly Crossrider), who apparently does/did ad tracking and injection.
I never understood why anyone would use a VPN for personal use. I have a Nord subscription so when I travel internationally so I can watch American TV on my Android streaming stick and get US sites on my PC, but that's the only time I use it.
OVERKILL
$100 Site Donor 2021
The advertising is effective. They convince people that they are super-anons on the internet.
- Joined
- Nov 19, 2023
- Messages
- 980
now do the same for this tagline, from the ogs of marketing
Privacy.
Thats iPhone.
Privacy.
Thats Apple.
Privacy.
Thats iPhone.
Privacy.
Thats Apple.
Doesn't surprise me. They all do it.
Well you're anon from actors looking to track you outside of the VPN provider. The VPN provider also informs you that you can change your OS identifier.
TOR (TAILS) is still probably one of the best in theory but because latency is not all that great due to jumping from node-to-node and a lot of users on the network which makes it easier to track. Of course the biggest issue is that the majority of sites have banned traffic from TOR nodes there aren't a lot of users on the network which makes it easier to track..
TOR is not a VPN. They exist for two different purposes.
OVERKILL
$100 Site Donor 2021
Not really. The traffic in transit is the least interesting traffic because it's mostly encrypted. This traffic could be intercepted at the next hop past the VPN provider anyway if someone was sufficiently invested in finding out what you were doing.
All a VPN does is change the egress point of the traffic from your ISP assigned IPv4 or IPv6 address. This is good for spoofing your location and ISP, that's about it, but then you are trusting the VPN provider not to undertake logging, ad injection and monetize your DNS queries and browsing habits (even "anonymously" lol) which was the point being made about Kape.
- Are you trusting the VPN provider with your DNS queries or is your computer making those to yet another 3rd party?
- Are you ensuring you don't login to any sites that you have accounts on that could contain PI? Sites that could potentially participate in cross-tracking?
- Are you ensuring you aren't logged into your browser, which will also collect PI, habits and history?
- Are you ensuring you aren't using e-mail or any other service that has any personal connection to you?
We personalize our devices and typically do online banking, access our e-mail (gmail, yahoo, hotmail/outlook...etc) so already the client ID in the form of the IP address and the client identifier (hostname assigned) are being collected at the remote endpoint and associated with your identity. Whether that's AT&T or ExpressVPN is really inconsequential at that point.
If I was doing a pentest from a burner or a liveDVD (just for the sake of an example) so the hardware itself is totally blank slate and was trying to spoof a COO to maybe check if geoblocking was working or not, then a VPN of this type can be useful. However, that's not the usage profile of Joe Average home user.
Last edited:
VPN is just one tool in a toolbox.
Sure but they both mask your immediate location.
OVERKILL
$100 Site Donor 2021
Absolutely, but, like UOA's, it's a tool whose scope of utility is widely misunderstood and its capabilities wildly oversold by people who either:
A) know better
B) have no idea what they are talking about
TOR masks it. VPN just relocates it.
1) watch international video
2) pirate stuff without getting mpaa suing you by ip address
3) working internationally without letting your employer knows (but you have to go through another pc in the middle with this vpn)
4) getting outside of a dictatorship country or something like that.
I use it when searching for airfare or other potential purchases so that I know I'm not getting raked over the coals due to my constant price-checking.
- Joined
- Nov 6, 2022
- Messages
- 167
Not sure what the fuss is about. Nord clearly states the data is anonymized and that you can opt out in the settings. This information is purely for improving the app, not spying. They also do not log your web traffic. Additionally, for more advanced users, you have the option to use Nord as a VPN Server at the router level, which does away with the app entirely, while also providing an infinite number of licenses for any device on your home network.
Last edited:
OVERKILL
$100 Site Donor 2021
Hello Mr. Bond
And if you believe them, that's cool. Reality is, they are collecting information.Advanced users should know that you are not using Nord as a VPN server if you are using the router as a client peer, so I must assume that you are not in fact an advanced user.
Since most of these VPN providers use Open Source technology like OpenVPN, connecting to that using a hardware appliance or consumer gateway, which generally run Busybox, which typically includes OpenVPN, is pretty simple and straightforward. Because you are NAT/PAT'ing behind a single "client" here, the "license" model doesn't apply, however you are still limited by the scope of your LAN subnet, so saying it's "infinite" isn't correct, if you are using a full private Class C, then that's 254 devices for example.
- Joined
- Nov 6, 2022
- Messages
- 167
Typo. I meant VPN Fusion for ASUS, technically a VPN client, not server. Good catch.
Yes, thank you, I meant virtually infinite in a home setting. 250 vs 5 (default licenses I believe) is virtually infinite.
For being such a stickler for accuracy, I'm surprised you completely glossed over the part in your own post about how "you can opt-out of the collection of in-app information at any time by navigating [to] NordVPN app settings".
This is really a total nothingburger. There is no spying going on. To wit: "As the assurance confirms once again, we do not monitor user activity under any circumstances."
Edit: regarding device ID's, this is also not that big of a deal. When you use a VPN, it's not exactly a secret. The IP addresses are publicly known, and in a lot of cases added to blacklists. Plus, you gave them your credit card info, presumably, unless you're in the ultra rarified territory of using burner cards to buy VPN subscriptions. Besides all that, you can physically block transmission of device IDs at the network level using a firewall, or a DNS sinkhole like Pi-Hole.
Last edited:
OVERKILL
$100 Site Donor 2021
Yeah, it's a client. Important distinction because you can also setup many home routers that use OpenVPN as VPN servers as well.
I think you and I have very different ideas as to what constitutes "virtually infinite".
It's not glossed over, it simply comes down to whether you trust that to be accurate or not.
They state: "we may record your device ID for marketing or analytics", now, marketing can mean ad injection; targeted ads, based on their analytics of your browsing habits. They may not "monitor" in the sense of watching what you do, but they can certainly use software to determine trends and present relevant ads accordingly and those ad providers may in turn track what you are doing. I suspect this is also where we have a differing view on whether that constitutes "spying" or not.
No, it's not a big deal if you are aware of it and don't think you are completely anonymous and everything you do is Secret Squirrel super private. Unfortunately, that's exactly what Joe Average home user is led to believe.
If you are using their soft client (topic of the OP) then you aren't using a Pi-Hole for DNS resolution, because all DNS traffic is going through the VPN, along with your host ID, MAC address...etc. In this scenario, your home firewall isn't stripping the client ID either, because it's in an encrypted tunnel.
I look at Security as a whole, everything, a piece of a puzzle.
This goes from locking access to your credit reports, which is free by the way, using a VPN on unsecured networks or anyplace place you may feel uncomfortable connecting to.
Really do I use it but I have a lifetime subscription. I can’t help but feel anything to do with Security. Some people just blow off as not being effective. I’m one person who thinks every little bit helps.
Which brings me to this, to see who can shoot holes in it.
“Unlike other VPN services, Proton VPN is designed with security as the main focus, drawing upon the lessons we have learned from working with journalists and activists in the field.“
…
protonvpn.com
I’m not saying people need this stuff, but to call it totally worthless?
This goes from locking access to your credit reports, which is free by the way, using a VPN on unsecured networks or anyplace place you may feel uncomfortable connecting to.
Really do I use it but I have a lifetime subscription. I can’t help but feel anything to do with Security. Some people just blow off as not being effective. I’m one person who thinks every little bit helps.
Which brings me to this, to see who can shoot holes in it.
“Unlike other VPN services, Proton VPN is designed with security as the main focus, drawing upon the lessons we have learned from working with journalists and activists in the field.“
…
Tor over VPN
“Proton VPN also integrates with the Tor anonymity network. With a single click, you can route all your traffic through the Tor network and access Onion sites.“
Proton VPN: Secure, fast VPN service in 90+ countries
The best VPN service for private browsing, fast streaming, and more. Download our free VPN now — or check out Proton VPN Plus for even more premium features.
protonvpn.com
I’m not saying people need this stuff, but to call it totally worthless?
Last edited: