Comment on Privacy researcher debunks Microsoft Edge’s free VPN marketing, says it's "NOT a VPN"
NuXCOM_90Percent@lemmy.zip 12 hours ago
From what I can tell… that is actually what most people WANT in their VPN. They don’t care about privacy or anonymizing data. They just want to hide information from the LAN admin and/or appear to be in a different region for the purposes of content (used to be so they could watch European Netflix. Now it is so they can watch Colorado Pornhub…).
I dunno. I’ve been in far too many Internet Arguments ™ with people over what they ACTUALLY think a VPN is. People watch ltt’s ads and figure they just pay for a VPN and leave it on 24/7 and that will solve all their problems. When the reality is that they are actively ignoring their actual cookie and activity based footprints and it just means that Google et al have a note that says “John Doe of 123 Fake Street in Bumfuck Wisconsin connects via an endpoint in Denmark”.
And while I wouldn’t trust microsoft at all for… anything? Do y’all really think those black box companies paying youtubers to lie to you about what VPNs do aren’t collecting your data?
CompactFlax@discuss.tchncs.de 12 hours ago
“I need a vpn”
Why?
“Privacy”
You trust SuperNeatVPN headquartered in $unregulatedCountry more than your own ISP?
“I run a VPN because Joe Rogan says I need to in order to be secure”
Man, do you know how much of a pain in the ass it is when people run VPNs on their BYOD or work device (hey I don’t manage it, I’m just the MSP), have an established history of popping up all around the world, and then eagerly click the phishing links?
NuXCOM_90Percent@lemmy.zip 11 hours ago
Heh.
Our IT department is so incompetent that… let’s just say I have made it a point to leave a paper trail in my inbox of me highlighting issues and complaining because I can’t rule out a full investigation.
Last year we had a “technical all hands” which basically means IT have fucked up to the point that engineering/platform are now responsible for untangling the mess from first principles. And we actually were allowed to look at the logs and were seeing “attacks” from all over Western Europe. I suspect IT would still be trying to call the FBI for help if one of our PSEs hadn’t sighed and said “how much of our staff are running VPNs?”. And then we had to explain what those are… to the people who actually manage the VPN we use to remote in.
STILL not sure if I am more horrified that they didn’t understand that VPNs exist or that they had just not noticed that much mystery traffic until that day.
TheDarkQuark@lemmy.world 11 hours ago
And why would you trust your own ISP more than reputable VPNs?
Sure, this statement is very valid for (free) VPNs which are not reputable, and act as data mines instead of providing true privacy; but your statement reads very much like we do not need VPNs at all.
ISPs know what sites you are visiting and when, and they are ready to comply with the government. Also, we have acts like Online Safety Act (UK), which incentivizes more data collection. Combine that with age verification on every site, and you are basically giving away your browsing history.
I agree that a VPN alone is not going to protect you, and you need to authenticate less into websites, and clear your cookies after every browser session (basically good OpSec). However, I also think that reputable providers like Mullvad and Proton are a must.
Encephalotrocity@feddit.online 11 hours ago
and your name. address, credit card number. You’re 100% right, just wanted to make sure ^ was skipped over.
Librewolf is my goto browser + vpn + ublock. If they get through that its my fault imo
NuXCOM_90Percent@lemmy.zip 10 hours ago
The point is that people just say “linus rogan had a promo code and this solves all my problems”.
ziproot@lemmy.ml 10 hours ago
gist.github.com/joepie91/5a9909939e6ce7d09e29
NuXCOM_90Percent@lemmy.zip 8 hours ago
Tor exit nodes are vulnerable to various levels of attacks.
But it also doesn’t change the underlying problem. If you put ALL of your traffic through Tor? Cool. You have accomplished nothing (other than flagging yourself because of what exit nodes you are accessing from) because your cookies and even behavior are still being correlated.
Like… it doesn’t take much to question why FightThePower_6969 looks at both /r/antifa101 AND /r/denver, for example. Ooh, and they also look at /r/warhammer40k and have a cookie from this website listing bus schedules and…
I do agree that tor is an amazing (if problematic) tool and it is generally the gold standard for when you need to obfuscate traffic in a way that doesn’t involve giving mullivad your credit card number. But people still need to understand what traffic they are putting into each different port. And even realize that there are some truly nasty tracking methods out there that can do nasty stuff with even OS level DNS caching between browsers.
dubyakay@lemmy.ca 4 hours ago
You don’t have to give mullvad your credit card number though.
rumba@lemmy.zip 7 hours ago
if SuperNeat hasn’t been caught with their hand in the cookie jar, at least a little bit. it really depends on what and who. If you’re worried about being called up on anti-regime charges when it becomes illegal, it would be at least prudent to try not to post that from an IP in a country where the regime doesn’t have search and seizure rights. At this point, Google/Apple/Verizon/Comcast have been asked to comply with handing over people doing X things. It wouldn’t take a whole lot to at least obfuscate that a little. You’d still have to be careful through, even Proton is turning over activists.
coolmojo@lemmy.world 6 hours ago
You guys are using SuperNeatVPN? Would you recommend it? I am using SuperShadyVPN and looking to switch.