Proxy and VPN: Difference between revisions
Extended content |
m replaced ipleak with windscribe |
||
| (32 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's | A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's IP address from a web server. There are thousands of proxy servers available, but many of them may not be trustworthy. One of the most secure system of proxies is [[Tor]], a protocol for onion routing, the tor proxy is made up of three different proxy servers located in different countries, in order for an attacker to find out who is behind a website request he would have to get access to all servers and get hold of the logs, which are not meant to be kept by tor operators. | ||
=== VPN (Virtual private network) === | |||
A | A VPN is a single hop proxy that is considerably faster than tor and that is its main advantage. A VPN is not as secure as Tor and there have been instances in which people using a VPN to commit a crime have been arrested. When choosing a VPN, to minimize the risk of your privacy being compromised one should look for a company that does not keep connection logs for too many days and it is located offshore (i.e. not in your country of residence). Nearly all VPNs claim not to keep logs about the websites you visit but they do not specify anything about connection logs, it is not necessary to know what websites you visit to track you down, only connection logs, time and date of connection and what IP was assigned, are needed. | ||
=== VPN vulnerabilities === | |||
One of the early days VPN vulnerabilities was that the VPN sometimes disconnected and your real IP was logged by the website you were visiting, fortunately now all decent VPNs include a kill switch that stops this from happening, the killswitch is usually turned on by default for your own security and you can´t turn it off. A second VPN vulnerability is a DNS leak, before you can access a website its URL needs to be resolved, DNS is used for this, by default you will be using your ISP DNS servers to resolve addresses but the VPN will replace them with their own, if your DNS leaks it would be possible to find your Internet provider by looking at that DNS name, although your computer IP would still be hidden. These two vulnerabilities are rare in established VPN companies, they are only mentioned for reference. | |||
The most common vulnerability on a VPN is downloading free or hacked VPN software from a malicious hacker that will spy on you and steal your data, be extremely careful with "free" VPNs, most of them are not to be trusted. The second vulnerability is your VPN lying and keeping logs, pick a VPN company with a clear no logs policy that has been around for some time. | |||
=== Understanding VPN logs === | |||
All VPN providers will advertise that they do not track users and do not log what sites they visit, but it is not necessary to keep a record of visited websites to track someone down, all that is needed is to keep connection logs detailing at what time and on what date a user had the specified IP, these are the kind of logs that proxy and VPN providers keep, connection logs. Websites servers log accurate visitors time and dates, if for example, a VPN provider receives a complaint from Yahoo that someone posted a political comment on a specific date and time using a particular IP belonging to that VPN company, all that is needed for the VPN company is to look at the connection logs and see who had that IP that day on that time matching it with a real person. | |||
If a VPN company receives a request to match one of their assigned IPs with a user and the VPN only keeps logs for a few days they can easily reply that nothing is available, a VPN provider is not an ISP and they are not required by law in the US or Europe to keep connection logs. Many Internet Service Providers, depending on jurisdiction, have a legal duty to keep connection logs, many other ISPs voluntarily keep them, when you use a VPN the Internet Service Provider will not be able to record what activities you are doing over the Internet other than seeing that you are connected to a VPN and nothing else will leak. | |||
=== Free VPN providers === | |||
[[Category: | Free VPN services can be used to get around Internet filters and light privacy, free VPN services are financed either selling your data to advertisers or giving you a limited bandwidth amount with the hope that the user will get tired of limitations and upgrade to their paid for version. | ||
Companies providing free VPN access tend to have vague privacy policies for these services, paid for VPN providers are more keen to emphasize in their FAQ how long for they keep logs, their business does not rely on selling advertising but in selling privacy, it is essential for privacy activists when using a VPN to select a provider that keeps logs for as few days as possible, free VPN providers can be suitable for privacy if they clearly state on their FAQ what kind of logs they keep and how long for, one should play the paranoid card too and not automatically assume that everything a company claims without proof is true, it is best to go for well established companies, long standing companies are more likely to get caught lying if they have been operating for years than a new out of the blue VPN provider. Remember the saying "if you are not paying for the product, you are the product." | |||
==See also== | |||
* [[The Dangers of using VPN]] | |||
== External links == | |||
* [https://protonvpn.com/ Proton VPN (Free option)] | |||
* [https://windscribe.com/ WindScribe (Free option)] | |||
[[Category:Technology]] | |||
Latest revision as of 22:18, 9 June 2025
A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's IP address from a web server. There are thousands of proxy servers available, but many of them may not be trustworthy. One of the most secure system of proxies is Tor, a protocol for onion routing, the tor proxy is made up of three different proxy servers located in different countries, in order for an attacker to find out who is behind a website request he would have to get access to all servers and get hold of the logs, which are not meant to be kept by tor operators.
VPN (Virtual private network)
A VPN is a single hop proxy that is considerably faster than tor and that is its main advantage. A VPN is not as secure as Tor and there have been instances in which people using a VPN to commit a crime have been arrested. When choosing a VPN, to minimize the risk of your privacy being compromised one should look for a company that does not keep connection logs for too many days and it is located offshore (i.e. not in your country of residence). Nearly all VPNs claim not to keep logs about the websites you visit but they do not specify anything about connection logs, it is not necessary to know what websites you visit to track you down, only connection logs, time and date of connection and what IP was assigned, are needed.
VPN vulnerabilities
One of the early days VPN vulnerabilities was that the VPN sometimes disconnected and your real IP was logged by the website you were visiting, fortunately now all decent VPNs include a kill switch that stops this from happening, the killswitch is usually turned on by default for your own security and you can´t turn it off. A second VPN vulnerability is a DNS leak, before you can access a website its URL needs to be resolved, DNS is used for this, by default you will be using your ISP DNS servers to resolve addresses but the VPN will replace them with their own, if your DNS leaks it would be possible to find your Internet provider by looking at that DNS name, although your computer IP would still be hidden. These two vulnerabilities are rare in established VPN companies, they are only mentioned for reference.
The most common vulnerability on a VPN is downloading free or hacked VPN software from a malicious hacker that will spy on you and steal your data, be extremely careful with "free" VPNs, most of them are not to be trusted. The second vulnerability is your VPN lying and keeping logs, pick a VPN company with a clear no logs policy that has been around for some time.
Understanding VPN logs
All VPN providers will advertise that they do not track users and do not log what sites they visit, but it is not necessary to keep a record of visited websites to track someone down, all that is needed is to keep connection logs detailing at what time and on what date a user had the specified IP, these are the kind of logs that proxy and VPN providers keep, connection logs. Websites servers log accurate visitors time and dates, if for example, a VPN provider receives a complaint from Yahoo that someone posted a political comment on a specific date and time using a particular IP belonging to that VPN company, all that is needed for the VPN company is to look at the connection logs and see who had that IP that day on that time matching it with a real person.
If a VPN company receives a request to match one of their assigned IPs with a user and the VPN only keeps logs for a few days they can easily reply that nothing is available, a VPN provider is not an ISP and they are not required by law in the US or Europe to keep connection logs. Many Internet Service Providers, depending on jurisdiction, have a legal duty to keep connection logs, many other ISPs voluntarily keep them, when you use a VPN the Internet Service Provider will not be able to record what activities you are doing over the Internet other than seeing that you are connected to a VPN and nothing else will leak.
Free VPN providers
Free VPN services can be used to get around Internet filters and light privacy, free VPN services are financed either selling your data to advertisers or giving you a limited bandwidth amount with the hope that the user will get tired of limitations and upgrade to their paid for version.
Companies providing free VPN access tend to have vague privacy policies for these services, paid for VPN providers are more keen to emphasize in their FAQ how long for they keep logs, their business does not rely on selling advertising but in selling privacy, it is essential for privacy activists when using a VPN to select a provider that keeps logs for as few days as possible, free VPN providers can be suitable for privacy if they clearly state on their FAQ what kind of logs they keep and how long for, one should play the paranoid card too and not automatically assume that everything a company claims without proof is true, it is best to go for well established companies, long standing companies are more likely to get caught lying if they have been operating for years than a new out of the blue VPN provider. Remember the saying "if you are not paying for the product, you are the product."
