I’m going to need an ELI5 because I have read several explanations online, and I still don’t fully understand what makes them different. Why would you want to use one over the other? Don’t they both just forward your internet traffic? How do they work, in general?
Ooo. This is a good one.
A computer can have more than one network interface, right? (Like, you can be plugged into ethernet at home but also connected to the WIFI of the coffee shop across the street.)
A VPN gives you a whole new network device (“virtual ethernet card” if you will) that works as if that card was connected to some LAN somewhere else. Typically, you’d forward “all” of your computer’s/smartphone’s/etc traffic through the VPN so that your computer “thinks it’s on that remote LAN” rather than on your home WIFI or whatever.
Proxies… well the term can mean a few different things in different contexts, really. But generally you’re not forwarding “all” traffic through them, just HTTP traffic (and usually only a subset of all HTTP traffic) or just traffic that is specifically told to be forwarded through them.
An opaque web proxy is one that you can point your browser (or other HTTP interface) to. It won’t handle protocols other than HTTP. And when you want to use an opaque web proxy, your HTTP client has to know how to do that. (Whereas with VPN’s, it’s your operating system, not your individual applications, that need to know how to forward through it.)
A transparent web proxy can be something you (and your apps and OS) don’t know you’re even using. When you point your browser or app to a Lemmy instance, it’s almost certain that the domain is pointed not at an application server that actually runs the Lemmy code, but rather at a transparent web proxy that does stuff on the instance-owner’s end like preventing spamming or whatever. This type of proxy is sometimes called a “reverse web proxy” and can also only work with HTTP.
A SOCKS proxy, like an opaque web proxy, requires applications to know how to use it. (Ok, technically that’s not 100% true. It’s possible in some cases to have a transparent proxy of some sort forward through a SOCKS proxy in a way that the application doesn’t know SOCKS is involved. There are also some cool OS-level hacks that can force an app to go through a SOCKS proxy without the app knowing anything about SOCKS. But if you’re doing those things, you’re a hacker.) And with a SOCKS proxy, your computer doesn’t “think” it’s connected to a whole different LAN. Individual applications know that they’re forwarding through SOCKS. SOCKS supports more protocols than just HTTP. Probably all TCP-based protocols, but I don’t think it has any support for UDP. So you won’t be torrenting through SOCKS.
That’s all I can think to say at the moment. There are special-purpose proxies for things like security auditing (like Burp Suite, for instance.) But I’m guessing that’s not the sort of thing you’re asking about.
BlameThePeacock@lemmy.ca 2 months ago
The big difference is that VPNs encrypt all traffic between your computer and the VPN computer, while this is usually not the case with a proxy. The lack of encryption and decryption can make a proxy slightly faster, but obviously less secure if you’re tying to hide what you’re doing.
ELI5 version:
VPN - You write a note in code, pass it to your friend who then decodes it, and then gives the decoded note to your crush. Your crush doesn’t know it came from you, and if the teacher caught you passing the note, they wouldn’t be able to tell what it was.
Proxy - You just pass a note to your friend, who then hands it to your crush. Your crush doesn’t know if came from you, but If the teacher catches you, they can read it. It’s faster than having to write in code and decode.
xmunk@sh.itjust.works 2 months ago
* with a slight hiccup since nearly all web traffic is sent over HTTPS now - this distinction was a lot more significant ten years ago.
ColeSloth@discuss.tchncs.de 2 months ago
You won’t know what’s in the note, but you can snoop enough to know which two people are passing the notes back and fourth. Https won’t save you from letting me know you keep getting on furries.com or catching you downloading copyrighted material. A VPN will.
user224@lemmy.sdf.org 2 months ago
I would recommend actually getting into contact with your crush. You could then establish means to use OTP and won’t need to trust your friend at all.
You know, exchange each in and out OTP keys each of you will use, agree on a checkerboard to use, write a codebook for common words/phrases you will use, how you’ll notifiy the other party of potentially compromised key(s).
BlameThePeacock@lemmy.ca 2 months ago
Wrap it before they tap it?
lord_ryvan@ttrpg.network 2 months ago
But then, there would be no difference between an encrypted proxy and a VPN. But that’s not the case.