VPN Assistance

Michael Butash michael at butash.net
Tue Oct 4 21:57:08 MST 2016


On 10/04/2016 08:20 PM, Eric Oyen wrote:
> actually,
> there are other reasons for using an encrypted tunnel besides bit 
> torrent. How about secure banking? or perhaps secure purchasing? 
> mayhap even more secure email access.
Yes, SSL was born as a tunnel between your client and a service provider 
server for that reason, far different from vpn though. Problem is it's 
becoming increasingly easy to trick and/or program clients to overlook 
the fact that there is a man in the middle attack in progress on that 
session.  Sometimes nefariously, sometimes legitimately as part of the 
service delivery path of said service or given employer.  No one really 
does certificate validation and authentication on public-ish services, 
and most times even private *secure* ones, so the value of ssl without 
validation atop it is pretty useless.  Better than nothing and secure in 
theory.

A vpn though, something like ipsec or openvpn would only be used in such 
cases if you were going to join your work or hosted services network, 
not so much to google for gmail security or buying on ebay with paypal.  
A vpn to egress another country does nothing but play hide and seek for 
anonymity, .govs (now multiple) will just mitm the session anyways, or 
save it later when they can decrypt it.
> And yes, if there is a torrent I want to get (and it is perfectly 
> legal too), I don't want my ISP pulling bandwidth throttling or 
> bitching at me for supposedly downloading copyrighted materials when 
> they aren't (yes, I have had this actually happen).
This is why I've considered routing all my traffic out over vpn, but 
real usage is pretty miserable doing that even for just http traffic 
usage let alone more real-time protocols.  I can use torbrowser with the 
vpn proxy for anything I want to keep more anonymized.
>
> -eric



More information about the PLUG-discuss mailing list