In this episode, we explore why I no longer use a VPN (most of the time) and nor should you.==============================SUGGESTED==========================...
Encryption doesn’t mean perfectly hidden. Metadata isn’t encrypted for HTTPS iirc. And the ISP knows who your sending traffic to since they are routing you there and are usually your DNS. When connected to a good and trusted VPN, all that is hidden, your DNS can’t give away your location, and the only server you contact is the VPN
What metadata? The headers are as encrypted as the payload. That there was a key exchange between you & a server isn’t too useful.
“Usually” is a strong word for DNS as well since all OSs let you change it & the megacorporations like Google & Cloudflare have already compelled a lot of folks to use their DNS ta resolve faster since the ISP ones are slow (& the smarter, curious folks used that as a launching point to find other provider or self-host). Some platforms have even been shipping DNS-over-HTTPS to get around some of these issues (since the payload & headers are encrypted under TLS).
It doesn’t matter if they are encrypted if you can sell the data about what the user is doing (eg if your connecting to a shopping website your probably shopping their). Better to obfuscate the source by choosing an endpoint that isn’t geographically related and associated with your identity. I only would ever recommend using a VPN that is open source and well audited by a renowned 3rd party auditor(s). https://luxsci.com/blog/what-is-really-protected-by-ssl-and-tls.html
Encryption doesn’t mean perfectly hidden. Metadata isn’t encrypted for HTTPS iirc. And the ISP knows who your sending traffic to since they are routing you there and are usually your DNS. When connected to a good and trusted VPN, all that is hidden, your DNS can’t give away your location, and the only server you contact is the VPN
What metadata? The headers are as encrypted as the payload. That there was a key exchange between you & a server isn’t too useful.
“Usually” is a strong word for DNS as well since all OSs let you change it & the megacorporations like Google & Cloudflare have already compelled a lot of folks to use their DNS ta resolve faster since the ISP ones are slow (& the smarter, curious folks used that as a launching point to find other provider or self-host). Some platforms have even been shipping DNS-over-HTTPS to get around some of these issues (since the payload & headers are encrypted under TLS).
It doesn’t matter if they are encrypted if you can sell the data about what the user is doing (eg if your connecting to a shopping website your probably shopping their). Better to obfuscate the source by choosing an endpoint that isn’t geographically related and associated with your identity. I only would ever recommend using a VPN that is open source and well audited by a renowned 3rd party auditor(s). https://luxsci.com/blog/what-is-really-protected-by-ssl-and-tls.html
Usually means in 99.9% of typical configurations unless you are a techy or an enterprise.