Proxy and VPN: Difference between revisions

From BoyWiki
Eskimo (talk | contribs)
Extended content
Eskimo (talk | contribs)
m replaced ipleak with windscribe
 
(32 intermediate revisions by 5 users not shown)
Line 1: Line 1:
A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's [[IP address]] from a web server. There are thousands of proxy servers available, but many of them may not be trustworthy. One of the most secure system of proxies is [[Tor]], a protocol for [[onion router|onion routing]], the tor proxy is made up of three different proxy servers located in different countries, in order for an attacker to find out who is behind the request he would have to get access to all servers and get hold of the logs, which are not meant to be kept by tor operators.
A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's IP address from a web server. There are thousands of proxy servers available, but many of them may not be trustworthy. One of the most secure system of proxies is [[Tor]], a protocol for onion routing, the tor proxy is made up of three different proxy servers located in different countries, in order for an attacker to find out who is behind a website request he would have to get access to all servers and get hold of the logs, which are not meant to be kept by tor operators.


Another kind of proxy is a VPN, a VPN is a single hop proxy that is considerably faster than tor and that is its main advantadge, however a VPN is not to be trusted for high security and there has been instances in which people using a VPN to commit a crime have been arrested, when choosing a VPN, to minimize the risk of your privacy being compromised, one should look a company that does not keep connection logs for too many days and it is located offshore (i.e. not in your country of residence). Nearly all VPNs claim not to keep logs about the websites you visit but they do not specify anything about connection logs, it is not necessary to know what websites you visit to track you down, only connection logs, time and date of connection and what IP was assigned, are needed.
=== VPN (Virtual private network) ===


A very common VPN vulnerability is that the server sometimes will disconnect and show your real IP, this will be unexpected and there is little protection against it. One rough trick you can use to notice a VPN disconnection is to stream online music while you surf the Internet, for example listening to Pandora radio, when the VPN disconnects the music will stop playing, another way to stop exposing your IP is choosing a company that has VPN software with IP binding, Security Kiss has such feature, when IP binding has been activated it will stop your IP leaking out.  
A VPN is a single hop proxy that is considerably faster than tor and that is its main advantage. A VPN is not as secure as Tor and there have been instances in which people using a VPN to commit a crime have been arrested. When choosing a VPN, to minimize the risk of your privacy being compromised one should look for a company that does not keep connection logs for too many days and it is located offshore (i.e. not in your country of residence). Nearly all VPNs claim not to keep logs about the websites you visit but they do not specify anything about connection logs, it is not necessary to know what websites you visit to track you down, only connection logs, time and date of connection and what IP was assigned, are needed.


To completely avoid VPN disconnections revealing your computer IP the best one can do is to use an SSH tunnel instead of a VPN, unlike VPNs, SSH tunnels do not route all of your Internet traffic, they work on per application bases, when an SSH tunnel goes down your browser cant work with the real IP. There are very few commercial SSH tunnel providers, two of them are VPNSecure.me and Cotse.net.
=== VPN vulnerabilities ===


You can find free VPN services, they can be used to get around Internet filters and light privacy but not for high security, free VPN services are financed either selling your data to advertisements or giving you a limited bandwidth amount and hope that the user will upgrade to the paid for version.
One of the early days VPN vulnerabilities was that the VPN sometimes disconnected and your real IP was logged by the website you were visiting, fortunately now all decent VPNs include a kill switch that stops this from happening, the killswitch is usually turned on by default for your own security and you can´t turn it off. A second VPN vulnerability is a DNS leak, before you can access a website its URL needs to be resolved, DNS is used for this, by default you will be using your ISP DNS servers to resolve addresses but the VPN will replace them with their own, if your DNS leaks it would be possible to find your Internet provider by looking at that DNS name, although your computer IP would still be hidden. These two vulnerabilities are rare in established VPN companies, they are only mentioned for reference.


== External links ==
The most common vulnerability on a VPN is downloading free or hacked VPN software from a malicious hacker that will spy on you and steal your data, be extremely careful with "free" VPNs, most of them are not to be trusted. The second vulnerability is your VPN lying and keeping logs, pick a VPN company with a clear no logs policy that has been around for some time.
* [http://www.hacker10.com/internet-anonymity/hma-vpn-user-arrested-after-ip-handed-over-to-the-fbi/ HMA VPN user arrested after IP handed over to the FBI]
* [http://www.privacylover.com/vpn-and-ssh-tunneling-providers-for-anonymous-internet-surfing/ VPN providers list]
* [http://www.securitykiss.com Security Kiss (Free 300MB/day]


=== Understanding VPN logs ===


All VPN providers will advertise that they do not track users and do not log what sites they visit, but it is not necessary to keep a record of visited websites to track someone down, all that is needed is to keep connection logs detailing at what time and on what date a user had the specified IP, these are the kind of logs that proxy and VPN providers keep, connection logs. Websites servers log accurate visitors time and dates, if for example, a VPN provider receives a complaint from Yahoo that someone posted a political comment on a specific date and time using a particular IP belonging to that VPN company, all that is needed for the VPN company is to look at the connection logs and see who had that IP that day on that time matching it with a real person.


If a VPN company receives a request to match one of their assigned IPs with a user and the VPN only keeps logs for a few days they can easily reply that nothing is available, a VPN provider is not an ISP and they are not required by law in the US or Europe to keep connection logs. Many Internet Service Providers, depending on jurisdiction, have a legal duty to keep connection logs, many other ISPs voluntarily keep them, when you use a VPN the Internet Service Provider will not be able to record what activities you are doing over the Internet other than seeing that you are connected to a VPN and nothing else will leak.


=== Free VPN providers ===


[[Category:Browser security]]
Free VPN services can be used to get around Internet filters and light privacy, free VPN services are financed either selling your data to advertisers or giving you a limited bandwidth amount with the hope that the user will get tired of limitations and upgrade to their paid for version.
 
Companies providing free VPN access tend to have vague privacy policies for these services, paid for VPN providers are more keen to emphasize in their FAQ how long for they keep logs, their business does not rely on selling advertising but in selling privacy, it is essential for privacy activists when using a VPN to select a provider that keeps logs for as few days as possible, free VPN providers can be suitable for privacy if they clearly state on their FAQ what kind of logs they keep and how long for, one should play the paranoid card too and not automatically assume that everything a company claims without proof is true, it is best to go for well established companies, long standing companies are more likely to get caught lying if they have been operating for years than a new out of the blue VPN provider. Remember the saying "if you are not paying for the product, you are the product."
 
==See also==
 
* [[The Dangers of using VPN]]
 
== External links ==
 
* [https://protonvpn.com/ Proton VPN (Free option)]
* [https://windscribe.com/ WindScribe (Free option)]
 
[[Category:Technology]]

Latest revision as of 22:18, 9 June 2025

A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's IP address from a web server. There are thousands of proxy servers available, but many of them may not be trustworthy. One of the most secure system of proxies is Tor, a protocol for onion routing, the tor proxy is made up of three different proxy servers located in different countries, in order for an attacker to find out who is behind a website request he would have to get access to all servers and get hold of the logs, which are not meant to be kept by tor operators.

VPN (Virtual private network)

A VPN is a single hop proxy that is considerably faster than tor and that is its main advantage. A VPN is not as secure as Tor and there have been instances in which people using a VPN to commit a crime have been arrested. When choosing a VPN, to minimize the risk of your privacy being compromised one should look for a company that does not keep connection logs for too many days and it is located offshore (i.e. not in your country of residence). Nearly all VPNs claim not to keep logs about the websites you visit but they do not specify anything about connection logs, it is not necessary to know what websites you visit to track you down, only connection logs, time and date of connection and what IP was assigned, are needed.

VPN vulnerabilities

One of the early days VPN vulnerabilities was that the VPN sometimes disconnected and your real IP was logged by the website you were visiting, fortunately now all decent VPNs include a kill switch that stops this from happening, the killswitch is usually turned on by default for your own security and you can´t turn it off. A second VPN vulnerability is a DNS leak, before you can access a website its URL needs to be resolved, DNS is used for this, by default you will be using your ISP DNS servers to resolve addresses but the VPN will replace them with their own, if your DNS leaks it would be possible to find your Internet provider by looking at that DNS name, although your computer IP would still be hidden. These two vulnerabilities are rare in established VPN companies, they are only mentioned for reference.

The most common vulnerability on a VPN is downloading free or hacked VPN software from a malicious hacker that will spy on you and steal your data, be extremely careful with "free" VPNs, most of them are not to be trusted. The second vulnerability is your VPN lying and keeping logs, pick a VPN company with a clear no logs policy that has been around for some time.

Understanding VPN logs

All VPN providers will advertise that they do not track users and do not log what sites they visit, but it is not necessary to keep a record of visited websites to track someone down, all that is needed is to keep connection logs detailing at what time and on what date a user had the specified IP, these are the kind of logs that proxy and VPN providers keep, connection logs. Websites servers log accurate visitors time and dates, if for example, a VPN provider receives a complaint from Yahoo that someone posted a political comment on a specific date and time using a particular IP belonging to that VPN company, all that is needed for the VPN company is to look at the connection logs and see who had that IP that day on that time matching it with a real person.

If a VPN company receives a request to match one of their assigned IPs with a user and the VPN only keeps logs for a few days they can easily reply that nothing is available, a VPN provider is not an ISP and they are not required by law in the US or Europe to keep connection logs. Many Internet Service Providers, depending on jurisdiction, have a legal duty to keep connection logs, many other ISPs voluntarily keep them, when you use a VPN the Internet Service Provider will not be able to record what activities you are doing over the Internet other than seeing that you are connected to a VPN and nothing else will leak.

Free VPN providers

Free VPN services can be used to get around Internet filters and light privacy, free VPN services are financed either selling your data to advertisers or giving you a limited bandwidth amount with the hope that the user will get tired of limitations and upgrade to their paid for version.

Companies providing free VPN access tend to have vague privacy policies for these services, paid for VPN providers are more keen to emphasize in their FAQ how long for they keep logs, their business does not rely on selling advertising but in selling privacy, it is essential for privacy activists when using a VPN to select a provider that keeps logs for as few days as possible, free VPN providers can be suitable for privacy if they clearly state on their FAQ what kind of logs they keep and how long for, one should play the paranoid card too and not automatically assume that everything a company claims without proof is true, it is best to go for well established companies, long standing companies are more likely to get caught lying if they have been operating for years than a new out of the blue VPN provider. Remember the saying "if you are not paying for the product, you are the product."

See also

External links