Question No logs policy of VPNs ?

[salilsurendran]

I have a few basic questions about VPNs (especially Surfshark). I have often heard of the no logs policy offered by VPNs. Why is this considered good? Wouldn't this mean that law enforcement, governments etc. can't trace nefarious activities done by users of these VPNs?

I use Surfshark mostly while connecting to financial institutions while travelling abroad etc. so that my IP is safe from hackers. Is there any point in keeping Surfshark VPN on all the time with a kill switch? Is the kill switch reliable as I have read a few posts where they say even if the kill switch is active the Surfshark VPN connection gets dropped and IP is exposed to the internet?

 

[bill001g]

If the kill switch is done correctly it acts as a firewall in a way and no traffic leaves the machine. This is kinda the problem with any vpn software you install. They hook into the OS at a very low level so no traffic can bypass it. Unlike the windows firewall for example even if you say every IP is blocked except some small list the ones that microsoft uses are still allowed. So using the windows firewall to prevent microsoft updates doesn't work but a third party firewall would.

The downside to client software is that some of these vpn do not uninstall correctly. I have had to reinstall windows when I was testing out different vpn client and doing what I thought was install/uninstalls. I now only use a router vpn.

No log is mostly to keep law enforcement and maybe a private lawsuit out of your business. Lately a lot more VPN is being used to surf completely legal porn sites. The feel good laws to protect children (like the don't know about vpn) in some states require porn sites to get a picture of someones ID. Seem the people that make this law don't care much about idenity theft.

In general you do not need VPN if you only goal is to protect your traffic. The bad guys already know all the IP of all the banks. It is more used to change your location so you can access some service that is blocked. Maybe you want to watch the BBC from the USA

Your traffic is encrypted with HTTPS which there are not even rumors that it has been cracked. All the attacks are related to replacing certificate servers which the browser detects and warns about. The second protection you should be using is encrypted DNS. Microsoft now supports this in the OS in the DNS settings. There might be more but 8.8.8.8 and 1.1.1.1 have been long time supporters. Your are in effect using a VPN tunnel but using HTTPS to get the DNS server.

At this point all your traffic is in effect using a vpn, ie https, to end site and the DNS server. At best the bad guys could see the IP address you were accessing and if they somehow already knew where you were located and had you source IP they would know that. Not much real useful. At best they might figure out you liked to read tomshardware and watch netflix.

 

[KingLoki]

The no logs policy and vpn itself are there to help ensure anonymity to the sites you visit, along with not revealing your browsing history to your internet provider. Some vpn providers kep minimal logs for a very short amount of time and they say minimal information, like usage times and ip addresses. When using public wifi a vpn is an essential addon for ensuring privacy and device security.
Use https://browserleaks.com/ and check the IP Address and also an important test to run is the WebRTC leak test and a DNSLeak Test. If the VPN is leaking your true ip address then depending on the browser you use, there are measures you can take to plug the leak.
If you are running Windows and you use your vpn for all apps accessing the net then another good practice you can use is a 2 stage/hop situation, by also installing a vpn extension into your browseras well With both activated, as long as your speed is not compromised by much, it provides another layer of anonymity, traceability and security.

 

[palladin9479]

No logs are for protection against court orders for VPN providers to turn over logs to the government. This is a consequence of Snowden revealing the massive data collection programs that were already being run against citizens across the globe by governments.

This conversation can go deep into territory not allowed on this forum so lets please leave it there.