VPN privacy questions

Edit: I assume that the VPN software on the computer or phone encrypts the data going “out”, therefore the ISP only “sees” the scrambled data? and then the VPN servers decrypt the data coming “in”. And this end-to-end encryption works in reverse.

“When you connect to the internet with Mullvad, we ensure that the traffic to and from your device is encrypted to the highest standards”

Hi,

I’m considering using a VPN. I’ve read these forums so I’m considering either a VPN or a dVPN. However, I have a few newbie questions.

When I type an address in an internet browser, whether that’s the Tor browser or another, surely that address information is routed to the Internet Service Provider before it’s routed through the Tor network or VPN server? So, excuse my newbie ignorance, but how does a VPN hide the web address that people enter into a browser if that data first routes through the ISP? And, if that data doesn’t route through the ISP once I’m connected to a VPN or the Tor network (i.e., a direct connection), then why do we need ISP? In other words, why can’t the VPN also be the ISP?

Or even more decentralized, why don’t we just have a self-hosted P2P network that has no “middle person”?

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services

When you use a VPN, your ISP only see that you try to connect to the VPN server. So your ISP knows the time, duration and the VPN foreign server. That’s all.

VPN and ISP are not the same.
Your ISP is like a door to internet, you have to pay to open that door.
Your VPN is like a tunnel going out from your device through the distant server. And that tunnel go through the ISP ‘door’.

Hi XjFred,

Whilst I’ve heard the “tunnel” analogy before, it doesn’t explain the method of how the data is secured.

As an example of a secure \ private computer network.

1. Three computer terminals (T1, T2, & T3) in the same locked room are only connected together using three cables (C1, C2 & C3). The terminals have no (external) internet connection. So, no Internet Service Provider, No WiFi, etc. They are only connected together. Therefore, three people could sit at the computers and know, without a doubt - that only they were connected to this private network.

This is an (basic) example of a secure network configuration. A private network of computers. The only point to see the data transferred on this private network is at one of the computer terminals. Let us assume the computers are also securely password-protected. The “weakest link” on this network is that the data is being transferred between the computers via cables. However, since this network is in a locked room, only those with a key to the room can have access to the network (the computers and the cables that connect them).

Now, let’s assume we wanted to connect (using a long cable) another computer terminal (T4) to this network. But, the T4 computer was outside of the secured room. Now we have a security issue because the cable (C4) is traveling outside of the secure room. Therefore, anyone that wanted to “see” the data that was passing through the C4 cable “only” had to hack into that cable. Or perhaps physically sit at T4, which was outside of the locked room, and hack the computer’s password protection - therefore, gain access to the network.

So, to secure the data passing along the C4 cable we used end-to-end encryption. So, now, some “outside” agents could only “see” the unscrambled data if they had the decryption key or “hacked” that key (which is apparently virtually impossible with modern-day encryption).

So, our private (P2P) network is comparably secure. But, now we are told that “Your ISP is like a door to the internet, you have to pay to open that door”. In other words, that’s not because we technically “have to”, that’s how the system is designed. Our private network functioned without ISPs. That “door” is the “world” of the insecure world-wide-web. With a multitude of computers (servers, etc) and agents that are “interested” in other people’s internet activity (i.e., data) and private lives (e.g., hacking into cameras & microphones). Essentially, that door is the commercial network where everything has a price (your data, your “private” lives, etc).

So, “you have to pay” to connect to the internet is actually a monetary idealogy (what? some people want to make money? who knew!). Of course, if we want a computer network we have to manufacture the hardware (the computers, cables, WiFi tech, etc). Thus far, this post has been amoral. In other words, “making money” is an amoral statement. Some people make money in sincere ways (i.e., an “honest John”) and others don’t (e.g., low levels of honesty-humility - a personality dimension). And of course, due to different personality characteristics and differing social circumstances (e.g., ideologies, politics, economics), those that “don’t” vary in their methods.

However, my initial question was related to VPNs. The only way that VPNs could be secure would be if the data was end-to-end encrypted (i.e., “secure” in the context that the ISP could not unscramble the data & that the VPN really didn’t keep logs. i.e., didn’t record or monitor a person’s personal data). Scrambled data out, scrambled data in. In other words, all the data that passed through the network was scrambled and the only way to “see” the unscrambled data was to either have the “key” or to hack the “key” (or hack the computer - therefore gain access to the "key).

To quote Mullvad VPN “In all of our servers, we have specified default configurations and orders of priority for encryption to provide the strongest encryption available for each tunnel protocol”

So, technical “jargon” aside (i.e., the lexicon of computer science), I assume that means that once I installed the Mullvad VPN App on a PC or phone, all the (incoming & outgoing) data is scrambled. However, to reiterate, in this context, if the scrambled data is either traveling directly to the Mullvad servers (computers), then what’s the point of the ISP? (middle person[s]). Of course, if we had a P2P encrypted private network (as described, or even if the ISP used encryption technology (i.e., security was built into the system by intentional design), then we would not need VPNs. Of course, generally speaking, security isn’t built in by design due to profit incentives and political ideologies. For example, governments & corporations that seek (in part) to profit from, rule, and manipulate, not serve, the citizens of a democracy. And in the context of autocracy - the individual’s privacy isn’t a (state) value. Unless that is, that individual is part of the autocratic “establishment” (i.e., an authoritarian regime that uses social oppression to sustain its social norms and values).

@Bongo I assume when you mentioned;

Edit: I assume that the VPN software on the computer or phone encrypts the data going “out”

You are talking about Advanced Privacy?

Advanced Privacy is TOR, not a VPN.

It was mentioned before, the ISP only sees the VPN nothing else.

Don’t drive yourself crazy, just go with Mullvad, they are one of the best out there, when it comes to a Paying VPN Service, and being located in Sweden they are very security/safety/privacy minded.

But if you’re all paranoid about the Prying Eyes, sure the EU isn’t so great, but Mullvad is good, and they don’t log, you’re safe with them.

Obviously, you like to phrase ! Anyway, it’s funny to read.

For the ISP, as its name says, it provides the service of delivering an access to internet at your home. So, as you said, you pay for that. You pay to gain access to internet.

By the way the is some ISP who are provided by association and are kind of different from big ISP loke orange, sfr or buygue (french example).
There are a lot of ISP if you take the time to find them.

Do you know if the FDN now delivers access to internet through optical fiber ? Last times I checked, they didn’t. Only ADSL.

I don’t know, it would be great but i don’t check ont their website

This topic was automatically closed after 30 days. New replies are no longer allowed.