Best VPN for me + DD-WRT question

[sfx2000]

1. site to site vpn is only truly effective when one controls (hosts) both ends (i.e., office and home vpns) and is the only way to ensure that data is safe from prying eyes, big 3 & 4 types and hackers. Otherwise, vpn is pointless?

IMHO - yes... VPN has utility, in the use cases I stated - own both ends, all good... don't own the other end, you're f**Ked...

. The vpn industry so many are flocking to does not serve the purposes said 'flockers' believe and hope it does: Anonymity. Nor data privacy.

Like JP Barnum said - suckers are born...

Hate to say it this way, as it's a bit incendiary, but honestly, this is true in this community - many think that VPN gives then privacy/protection, and this flat out ain't true...

And I worry sometimes about what they're thinking they're getting away with...

I have no intention of helping them facilitate this kind of activity...

 

[testing123]

Hate to say it this way, as it's a bit incendiary, but honestly, this is true in this community - many think that VPN gives then privacy/protection, and this flat out ain't true...

Essentially, what you are saying is that the industry is fleecing the masses. Of course, subscribers do get the limited value of privacy, anonymity and security amongst the unwitting and those who care not to look or 'invade', but you're saying that the reality is that those elements don't exist when those who are qualified wish to hack, spy, whatever. But they are content to allow people to believe what they will.

Not that different from the issues of cameras everywhere. An invasion of privacy, but not a serious issue unless you've done something illegal and "they" are looking for you (or if our nation continues down the path of Totalitarianism...). If they look, they will find.

Also not a problem if you understand the limitations and can benefit from the service. Which means not trusting a vpn service to keep sensitive data secure and private. It also means that 'bad guys' ignorant of the reality will eventually get caught. Not necessarily a bad thing.

 

[yorgi]

Testing123
If you feel that a paid VPN can be risky then use TOR browser
https://www.torproject.org/projects/torbrowser.html.en
that's suppose to be the safest way to browse if that is your main concern
VPN is nice when you do torrenting among other things.

 

[testing123]

Testing123
If you feel that a paid VPN can be risky then use TOR browser
https://www.torproject.org/projects/torbrowser.html.en
that's suppose to be the safest way to browse if that is your main concern
VPN is nice when you do torrenting among other things.

Thanks for that, Yorgi. Actually, I'm concerned with all aspects of privacy and security. I will check that out. I'll also likely be using a vpn and any other methods of securing my online presence. The only delay is in getting proper information.

Edit: I should clarify that privacy of my downloading activity is of no concern to me. But I really dislike any site I go on to be able to pinpoint my location.

 

[L&LD]

Thanks for that, Yorgi. Actually, I'm concerned with all aspects of privacy and security. I will check that out. I'll also likely be using a vpn and any other methods of securing my online presence. The only delay is in getting proper information.

When you connect to the www there are a lot of trust issues to be aware of that a VPN, TOR browser and anything else you can think of won't help in the least.

For example, first, most people use a few specific devices to do online activities. And they're all tracked.

Second, you need to connect using an ISP. Tracked. Particularly if you're paying for that ISP.

Third, every single point (jump) that your requests travel over the internet would need to be controlled by you and you alone (impossible, if you want to access the 'public' www).

Fourth, the end point you connect to is implicitly trusted by you and your devices to be safe and just as secure as you are. That is almost never true, ever.

Fifth, combine all the above together and you will see that privacy and security are two different things.

When you physically plug in your computer to a network that has internet access, your privacy is potentially compromised in that instant and going forward. Same thing when you connect wirelessly to an WPA2 AES password protected router, AP, range extender or on a cellular network too.

To be able to connect to the world, they are able to connect with you.

You can connect and be as secure as possible. That doesn't mean you will be hidden, private or anonymous, indefinitely or even for a single online 'session'.

With the above, you may see VPN and other services differently. And as mentioned, when you're using those services and software, others will see you differently too (at least an eyebrow or two will be raised about your 'new' activities online).

Use the services for actual 'needs' as required. But don't expect them to protect, hide or shield you from anyone that you have raised their interests in you by your online actions or use of specific software.

The final point is that to be secure 100%, you must not connect, access or use the www. Ever.

And even that will raise someone's concern too (eventually).

 

[testing123]

The final point is that to be secure 100%, you must not connect, access or use the www. Ever.

And the most conclusive point. Well put. I agree that 100% privacy/security are really impossible. I also agree that initiating certain methods of privacy are often viewed as 'sneaky' (up to no good...). I think there is a balance, and this is the motive of my postings. I don't 'need' to fly under the radar all the times (although my sense of privacy does crave that), but I would like the ability to choose when I want my actions to be private. Not because my activities would be considered illegal, but simply because I value my privacy. And I want to protect myself from the unsavory people out there.

100% possible? No. But one is well advised to do what one can.

So I guess my 'bottom-line' is that I want retain as much of my privacy as is possible. I guess that would entail a tightrope walk of sorts. Maintain a reasonable balance of Privacy and Security so as not to raise eyebrows (attracting undue and unwanted attention), but to protect both P & S inasmuch as is possible (plausible?). I think generally, this is achieved by employing different methods and layers with both discernment and discretion. I'm just not sure what those methods should include/exclude and how to best to employ them. Sometimes it's difficult to articulate exactly what one wants when one is uninformed. This thread is very helpful toward the education process. Thanks.

 

[L&LD]

And the most conclusive point. Well put. I agree that 100% privacy/security are really impossible. I also agree that initiating certain methods of privacy are often viewed as 'sneaky' (up to no good...). I think there is a balance, and this is the motive of my postings. I don't 'need' to fly under the radar all the times (although my sense of privacy does crave that), but I would like the ability to choose when I want my actions to be private. Not because my activities would be considered illegal, but simply because I value my privacy. And I want to protect myself from the unsavory people out there.

100% possible? No. But one is well advised to do what one can.

So I guess my 'bottom-line' is that I want retain as much of my privacy as is possible. I guess that would entail a tightrope walk of sorts. Maintain a reasonable balance of Privacy and Security so as not to raise eyebrows (attracting undue and unwanted attention), but to protect both P & S inasmuch as is possible (plausible?). I think generally, this is achieved by employing different methods and layers with both discernment and discretion. I'm just not sure what those methods should include/exclude and how to best to employ them. Sometimes it's difficult to articulate exactly what one wants when one is uninformed. This thread is very helpful toward the education process. Thanks.

It is a hard topic to come to terms with, I agree.

I want to emphasis that there is nothing you can do to retain your privacy while you're online. If someone wants to, they will go behind any mask you can produce. Period.

Give an concrete example of what you might want to be private and we can discuss this further, if you want.

Think of it like this. Anything illegal, online, that you can think of has already been thought of already. And someone that is out to catch that type of activity will be posing as the gateway to that illegal outcome. But, how do you know who to trust and who not to? Online, that becomes which computer do you trust? Answer; none.

Now, even if you were not doing something illegal, but your actions 'appeared' so, you'll have raised the same concern or attention to yourself in either case. Even more so if you additionally were trying to hide your tracks by using services and software that gives a false sense of 'cloaking' you while on line.

 

[testing123]

It is a hard topic to come to terms with, I agree.

I want to emphasis that there is nothing you can do to retain your privacy while you're online. If someone wants to, they will go behind any mask you can produce. Period.

Yes. I fully understand, and it applies also to brick and mortar life. One can only secure one's home to the degree that it might encourage criminals to move on to 'easier pickings'. But if said criminal wants in, he's getting in.

Give an concrete example of what you might want to be private and we can discuss this further, if you want.

The truth is that I lead a pretty normal existence. There is nothing that would cause me serious grief were a random 'browsing', download or search (or any of my online activities) be 'exposed'. It would violate my sense of privacy, but no catastrophic consequences could be expected. I will say that Gov't's desire to have their fingers in all aspects of life these days is a concern . And what is constitutional today (and for the past 250 yrs) may well be illegal tomorrow.

Today, one never knows what search or what website may put one on a given entity's "list". And given the lack of logic and common sense that prevail in the upper echelons of administration, that could be a bad thing.

So, concrete? No. But general privacy as could mostly be expected in the past is now technologically circumvented. This is my concern (which, these days may be considered trivial).

And of course, the convenience of dealing with financial institutions online (but I think those activities are mostly secure).

But, how do you know who to trust and who not to? Online, that becomes which computer do you trust? Answer; none.

Agreed. Even more so than in 'real life'. And it so happens that the above statement sums my philosophy up nicely. I am not a trusting soul. Thus my postings.

Now, even if you were not doing something illegal, but your actions 'appeared' so, you'll have raised the same concern or attention to yourself in either case. Even more so if you additionally were trying to hide your tracks by using services and software that gives a false sense of 'cloaking' you while on line.

Illegal activity is not a concern here, but avoiding the appearance of impropriety is certainly a worthwhile consideration. There's that tightrope again.

So, ironically, this thread has left me to do mostly what I have always done online. Use common sense and caution, trust no one. I do use FF with various addons (of the security variety). The valuable conclusion though is that my contemplation's of using a vpn or similar method of retaining privacy could be counter-productive.

If anyone has a suggestion that would remain 'on the tightrope', please feel free to post.

And thanks to sfx2000, L&LD, and yorgi for your comments. Very much appreciated!

Also, apologies to MunQ (OP) for taking up so much space in his thread. Thanks for your patience.

 

[sfx2000]

Testing123
If you feel that a paid VPN can be risky then use TOR browser
https://www.torproject.org/projects/torbrowser.html.en
that's suppose to be the safest way to browse if that is your main concern
VPN is nice when you do torrenting among other things.

Fastest way to end up on someone's radar scope is to use TOR...

It implies that one has something to hide... you will end up on someone's watch-list, and the packets will be logged...

 

[sfx2000]

May I bring your attention to this... as TOR and VPN attract certain attention..

NSA has said flat out... Encryption is attention and data retention...

In the context of a cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.​

 

[L&LD]

Yes. I fully understand, and it applies also to brick and mortar life. One can only secure one's home to the degree that it might encourage criminals to move on to 'easier pickings'. But if said criminal wants in, he's getting in.



The truth is that I lead a pretty normal existence. There is nothing that would cause me serious grief were a random 'browsing', download or search (or any of my online activities) be 'exposed'. It would violate my sense of privacy, but no catastrophic consequences could be expected. I will say that Gov't's desire to have their fingers in all aspects of life these days is a concern . And what is constitutional today (and for the past 250 yrs) may well be illegal tomorrow.

Today, one never knows what search or what website may put one on a given entity's "list". And given the lack of logic and common sense that prevail in the upper echelons of administration, that could be a bad thing.

So, concrete? No. But general privacy as could mostly be expected in the past is now technologically circumvented. This is my concern (which, these days may be considered trivial).

And of course, the convenience of dealing with financial institutions online (but I think those activities are mostly secure).



Agreed. Even more so than in 'real life'. And it so happens that the above statement sums my philosophy up nicely. I am not a trusting soul. Thus my postings.




Illegal activity is not a concern here, but avoiding the appearance of impropriety is certainly a worthwhile consideration. There's that tightrope again.

So, ironically, this thread has left me to do mostly what I have always done online. Use common sense and caution, trust no one. I do use FF with various addons (of the security variety). The valuable conclusion though is that my contemplation's of using a vpn or similar method of retaining privacy could be counter-productive.

If anyone has a suggestion that would remain 'on the tightrope', please feel free to post.

And thanks to sfx2000, L&LD, and yorgi for your comments. Very much appreciated!

Also, apologies to MunQ (OP) for taking up so much space in his thread. Thanks for your patience.

We're very close on what we both believe on this issue.

One thing more that I believe is true today if not in the very near future is that all activity of any device that is able to get online is recorded. Not it detail (today), but certainly enough that a pattern can be seen and attributed to one individual.

There is no need to do a random scan. There are a handful of servers that hand out DNS queries for 99.9999% of the online population. Control those and you control the whole www. After a very short while, you can see that device 'x', 'y' and 'z' do 'a', 'b' and 'c' each day/week/month/year. Match that with IP addresses (and vice versa) and you may have a complete story of most of those people in short order.

When that info becomes suspicious, then you might appear on their radar for more than just this 'background' analysis.

This is not only true of the computers, touchpads and data connected phones we use daily. But also for the phone and video calls made on all these devices too. Very easy to put a filter to catch (and store) certain phrases, words or names when that data is digital and everything is running through a server or router (or more) somewhere to connect to the other person.

 

[testing123]

Add to that the data from CC companies, reward cards (which I never use) and marketers along with online purchases and video of practically every step we take and a very comprehensive profile is born. One day, authoritative entities will want to compile all that data with the personal data already being collected (if it hasn't already been done) and bam! -> 1984, 32 yrs late. We are owned. Sounds paranoid, but all too real, given the state of things. Color me tin foil silver. For those too young to understand the 1984 reference, google George Orwell.

As for the constitution, recent years have demonstrated how easily that can be tossed out the window.

 

[patrick sullivan]

Just curious guys where the Darknet fits/compares in all this....?

 

[Nullity]

Just curious guys where the Darknet fits/compares in all this....?

Tor Hidden Services are part of the darknet, FYI.

Edit: What exactly is your question?

 

[patrick sullivan]

If there were more secure/anonymity options within the Darknet...thank you for clarifying. I didn't realize TOR was part of it.
Cheers!

 

[MunQ]

With AES-256 encryption your speed will almost be cut in half.

I've never heard about this. What is the reason for this?

 

[Nullity]

I've never heard about this. What is the reason for this?

Because most default to aes-128, which requires approximately half the processing, so it is 2x faster.

 

[testing123]

So I've attempted to post a benign reply. I can't imagine why it would require mod approval. I understand the need to filter some posts for spam, but really? Does the filter need to be this strict? I've posted 12 messages, but around 20% of those have required me to jump through hoops to get past the filter.

I'll attempt to say it a bit differently here, and I won't include the paragraph from the user I was replying to.

If I were to have to go out of town, use a public wifi, be in the hospital or whatever and needed access to my home or business network, what would be the most secure way? Would I then require a vpn service? Refresher...I have an RT-N66U with the client server vpn capability. Thanks.

 

[MunQ]

Because most default to aes-128, which requires approximately half the processing, so it is 2x faster.

Ah. Interesting! Thanks for sharing the info.

 

[yorgi]

So I've attempted to post a benign reply. I can't imagine why it would require mod approval. I understand the need to filter some posts for spam, but really? Does the filter need to be this strict? I've posted 12 messages, but around 20% of those have required me to jump through hoops to get past the filter.

I'll attempt to say it a bit differently here, and I won't include the paragraph from the user I was replying to.

If I were to have to go out of town, use a public wifi, be in the hospital or whatever and needed access to my home or business network, what would be the most secure way? Would I then require a vpn service? Refresher...I have an RT-N66U with the client server vpn capability. Thanks.

You can easily setup your 66u as a VPN server. with security so anywhere you are in the world you can access your network by creating your own tunnel and being safe. Only drawback is that your modem cannot do more then 10 mb/s because of its cpu power required for encryption. All your internet traffic would pass via the 66u then go out the tunnel and back to you. I would get a faster router
if speed is not an issue then you are ready to go. Just put Merlin firmware and configure the VPN server.