VPN Assistance
Michael Butash
michael at butash.net
Tue Oct 4 21:57:08 MST 2016
On 10/04/2016 08:20 PM, Eric Oyen wrote:
> actually,
> there are other reasons for using an encrypted tunnel besides bit
> torrent. How about secure banking? or perhaps secure purchasing?
> mayhap even more secure email access.
Yes, SSL was born as a tunnel between your client and a service provider
server for that reason, far different from vpn though. Problem is it's
becoming increasingly easy to trick and/or program clients to overlook
the fact that there is a man in the middle attack in progress on that
session. Sometimes nefariously, sometimes legitimately as part of the
service delivery path of said service or given employer. No one really
does certificate validation and authentication on public-ish services,
and most times even private *secure* ones, so the value of ssl without
validation atop it is pretty useless. Better than nothing and secure in
theory.
A vpn though, something like ipsec or openvpn would only be used in such
cases if you were going to join your work or hosted services network,
not so much to google for gmail security or buying on ebay with paypal.
A vpn to egress another country does nothing but play hide and seek for
anonymity, .govs (now multiple) will just mitm the session anyways, or
save it later when they can decrypt it.
> And yes, if there is a torrent I want to get (and it is perfectly
> legal too), I don't want my ISP pulling bandwidth throttling or
> bitching at me for supposedly downloading copyrighted materials when
> they aren't (yes, I have had this actually happen).
This is why I've considered routing all my traffic out over vpn, but
real usage is pretty miserable doing that even for just http traffic
usage let alone more real-time protocols. I can use torbrowser with the
vpn proxy for anything I want to keep more anonymized.
>
> -eric
More information about the PLUG-discuss
mailing list