Question Opera Browser VPN ?

[miltk]

ive been doing some light browsing about vpn's. the recommended ones are not free. i also read that MOST browser vpn's don't truly hide you.

before i get further, i don't know the lingo so please excuse my uninformed phrasing.

so anyway i did a before and after results of enabling the opera vpn. the "whatsmyipaddress" site showed that the opera vpn works. before enabling it showed my address and location (verizon), and after enabling it showed my location in sweden and a different ip address

another site "ipleak.net" also showed different addresses. that site showed TWO addresses, ipv6 and ipv4

so does this mean the opera vpn is doing it's job and am i well-hidden, or are these results unreliable???

thx guyz

 

[zinkles]

not to say that any VPN will truly hide you, but opera VPN is just like any other VPN. it does it's job: route traffic through an encrypted remote server while spoofing IP address.

ipleak showed 2 IP addresses cause it shows both the IP versions (ipv6, ipv4).

also, fyi, sites can see that you're using a VPN. while I'm unsure if there are ways that sites do get your real IP address when you're under the VPN, a regular site wont.

 

[miltk]

not to say that any VPN will truly hide you, but opera VPN is just like any other VPN. it does it's job: route traffic through an encrypted remote server while spoofing IP address.

ipleak showed 2 IP addresses cause it shows both the IP versions (ipv6, ipv4).

also, fyi, sites can see that you're using a VPN. while I'm unsure if there are ways that sites do get your real IP address when you're under the VPN, a regular site wont.

even like something like nord or express?
then what's the point. aren't sites the very thing a vpn is trying to bag?

it's not so much the site i'm visiting, in this case an online bank. i am referring to anyone or third party or hacker or spammer or even a provider like att/spectrum/optimum/verizon tracking me

 

[zinkles]

it's not so much the site i'm visiting, in this case an online bank. i am referring to anyone or third party or hacker or spammer or even a provider like att/spectrum/optimum/verizon tracking me

tracking is prevented if the data sent through is properly encrypted. I did some mild research, and opera claims to have 'industry standard 256bit encryption' so assuming their claims are correct, you're fine. most VPNs do encrypt the data so, you're fine.

even like something like nord or express?
then what's the point. aren't sites the very thing a vpn is trying to bag?

as I said, it prevents the site from knowing the real IP, but the site has ways of knowing if you're using VPN or not. (but not the real IP)

if hackers are what you're dealing with, assuming a hacker spends his time on attacking you, you're not safe with whatever VPNs you have. hackers have many tricks up their sleeves. but, hacks usually are conducted massly meaning a hacker doesn't invade just one person, he does to thousands at a time, so you're protected just fine.

verdict: opera VPN offers good encryption and will prevent hackers/ISPs from "spying" on you.

 

[bill001g]

The key difference between a browser based vpn and a vpn client like say nord is that the browsers based ones are only running web traffic via the vpn.

If we take steam for example it does not use the browser so its traffic will go directly. If you run a game some of the traffic might go via a browser and other traffic goes directly. The game will likely not connect correctly.

The reason people run vpn is very different now days that years ago. Used to be people could look at your web traffic, they used to steal people facebook accounts in coffee shops. Now days after snowden leaked that the US government was intercepting traffic all web browsing is encrypted with HTTPS. If it is good enough to prevent government snooping it is good enough to stop hackers.

Pretty much the key reason people use vpn is to fake their location. Some to run say watch netflix in other regions. Some other people do it when they play certain game to hide their ip from other players. Idiots gamers have been known to do denial of service attacks when they lose.

There are also people that do illegal stuff like file sharing etc and those you need vpn services that are in countries that make it very hard for the authorities to get the data from the vpn provider.

In general a vpn is a waste of time/money when it comes to privacy. All the tracking cookies etc are much much worse. Since all this runs inside the browser it defeats all encryption.

 

[miltk]

tracking is prevented if the data sent through is properly encrypted. I did some mild research, and opera claims to have 'industry standard 256bit encryption' so assuming their claims are correct, you're fine. most VPNs do encrypt the data so, you're fine.


as I said, it prevents the site from knowing the real IP, but the site has ways of knowing if you're using VPN or not. (but not the real IP)

if hackers are what you're dealing with, assuming a hacker spends his time on attacking you, you're not safe with whatever VPNs you have. hackers have many tricks up their sleeves. but, hacks usually are conducted massly meaning a hacker doesn't invade just one person, he does to thousands at a time, so you're protected just fine.

verdict: opera VPN offers good encryption and will prevent hackers/ISPs from "spying" on you.

turns out my bank didn't let me in BECAUSE of the opera vpn. i guess they want to know who is signing in anon

 

[zinkles]

turns out my bank didn't let me in BECAUSE of the opera vpn. i guess they want to know who is signing in anon

Was it only with the Opera VPN? Idk, but generally, these type of sites block users with VPNs. 🙁

 

[miltk]

Was it only with the Opera VPN? Idk, but generally, these type of sites block users with VPNs. 🙁

yup...i could not get into my bank LOL. well that's that

 

[Math Geek]

you should thank your bank for blocking the VPN

it's a security issue for them. they are used to you logging in from your local area. so someone all of a sudden logging in from south africa when you normally log in from vermont, is a MASSIVE red flag to them that your account has been compromised.

same thing they do for your credit/debit card. if you only use it in washington dc and then all of a sudden a dozen charges come from india, they block it quick.

their security is working as intended, so you should rejoice!!

your bank should be connecting over https which is encrypted anyway and perfectly safe as is. no need for a vpn to change your perceived location, it does not improve your security any

 

[madaraosenpai]

so does this mean the opera vpn is doing it's job and am i well-hidden, or are these results unreliable???

You're not well hidden. Opera and Opera GX are stuffed with as much telemetry as will fit and they're not designed to be fingerprint resistant. Even if the Opera VPN was good it wouldn't protect you.

Websites nowadays are smart and usually try to track you using unique characteristics of your browser. The IP address never tells the full story.

If you are looking for a good browser I would suggest Librewolf, and I would pair it with a VPN reviewed by PrivacyGuides. Many of them cost money at least partially. If you want something 100% free you could try Tor but expect it to be slow. Fair warning that Librewolf has very paranoid settings by default and you may need to tweak it slightly to prevent certain websites from breaking, otherwise I haven't heard of any issues with it.

And here's a page telling you why you shouldn't trust Opera to hide you from anything.
Here's a list of business relationships between VPNs. A lot of them have skeletons in the closet and it's well documented.

 

[snemarch]

ive been doing some light browsing about vpn's. the recommended ones are not free. i also read that MOST browser vpn's don't truly hide you.

There's two good usecases for VPN: accessing a private network (semi)-securely from the outside, and adding some safety if you're on a public/untrusted network (e.g. coffee shop / hotel wifi).

A so-so usecase is appearing to be inanother geographical area, e.g. for accessing geo-locked content on a streaming service. If you're doing this you're probably violating the ToS and might as well just torrent the stuff.

But a VPN is not going to "hide" you. Some of the services lie about not collecting logs, others are incompetently managed, some are honeypots... and then there's all the various ways a standard system leaks information that can be fingerprinted. At best, you're not interesting enough to get into trouble – at worst, believing a VPN offers you any form of security is going to get you into a world of trouble.

 

[madaraosenpai]

But a VPN is not going to "hide" you. Some of the services lie about not collecting logs, others are incompetently managed, some are honeypots... and then there's all the various ways a standard system leaks information that can be fingerprinted. At best, you're not interesting enough to get into trouble – at worst, believing a VPN offers you any form of security is going to get you into a world of trouble.

This 100%. The cloud is just someone else's computer, all you're doing is shifting your trust off your ISP and onto another company who could easily give up your information at any time. There are "good" VPNs but there are no perfectly safe ones. OP should look for another solution.

 

[bill001g]

A so-so usecase is appearing to be inanother geographical area, e.g. for accessing geo-locked content on a streaming service. If you're doing this you're probably violating the ToS and might as well just torrent the stuff.

Not so sure you have to go to the extreme or torrent. Many sites have agreements with the content providers that they can only sell to a certain market. They want another company to pay them even more to deliver the same content to other users. It could also be for example they are still trying to sell tickets to a movie in some countries when it is on streaming services in others.

It kinda depends how honest the streaming company wants to be. They still get money from the person watching and in effect they are not paying extra for this customer. So the streaming company might play dumb and pretend they can't figure out it is a vpn. Netflix for example works on some of the very largest VPN but is blocked on others. Very strange.

 

[palladin9479]

When we talk privacy we need to mention privacy from who. Security is like an onion, it's done in layers. Different threats appear in different places in the chain of trust between your computer and the host service. VPN's are designed to protect the data in transmission, meaning the link from your computer and the host service.

Normally

Browser -> OS Network Stack -> Physical NIC -> Router / Gateway -> ISP -> Internet -> Host Service.

Anyone at the ISP and Internet level can see everything you are doing, and while they might not be able to decrypt it, they can sure as heck tell what you are doing. This information is not considered your information and is instead property of those entities, they can do whatever they want with it. What a VPN does is masquerade all traffic from your Browser/OS/Router (depending on type of setup) and send it off to a distant location. Your ISP and internet can no longer see what you are doing, all they see is a stream of encrypted oblique data from you to the distant VPN service.

Now the VPN provider can have that information, and it becomes a question of who you trust more? The VPN provider or your ISP / Government, I tend to side with the VPN provider because their whole business model is selling privacy and trust.

And that's all VPN's do, they are a powerful tool but they only protect the data in transit. They will not protect an ignorant user from doing dumb things. They will not stop your browser from being evil and reporting your every action to mother. These are layers that require a different solution.

I suggest looking into Vivaldi if you want a browser that doesn't track you and tries to keep the data miners at bay. This solves the browser part of the security equation, you really should use a separate product for the transmission aspect.

We respect your privacy | Vivaldi Browser

vivaldi.com

 

[snemarch]

Now the VPN provider can have that information, and it becomes a question of who you trust more? The VPN provider or your ISP / Government, I tend to side with the VPN provider because their whole business model is selling privacy and trust.

A more cynical person would say their business model is based on FUD and half-truths ;-)

Even if you find one that doesn't lie about not keeping logs, isn't a government honeypot (or have just been government infiltrated), and aren't run by incompetents... you'll be running your traffic through a concentrator that's a juicy target for a lot of different actors.

If you have **legitimate reasons** for needing privacy, you need a totally different toolbox – which starts with public wifi and TOR, and some serious opsec discipline. If you're not into freedom fighting or similar stuff, don't bother with VPN outside the "connect to corporate network" or "I'm at a coffee shop / airport / hotel" usecases. Really don't. It's not the right tool.

 

[palladin9479]

A more cynical person would say their business model is based on FUD and half-truths ;-)

Even if you find one that doesn't lie about not keeping logs, isn't a government honeypot (or have just been government infiltrated), and aren't run by incompetents... you'll be running your traffic through a concentrator that's a juicy target for a lot of different actors.

If you have **legitimate reasons** for needing privacy, you need a totally different toolbox – which starts with public wifi and TOR, and some serious opsec discipline. If you're not into freedom fighting or similar stuff, don't bother with VPN outside the "connect to corporate network" or "I'm at a coffee shop / airport / hotel" usecases. Really don't. It's not the right tool.

There are several that have proven they don't keep logs, and by proven I mean they were raided by law enforcement, had their servers seized and no logs were found. Or in other cases have gone to court and demonstrated they didn't have the logs and therefor could not fulfill the warrants served to them. There really can't be any stronger evidence after that.

Hiding that first layer is a massive boost in privacy as it's no longer possible for a third party to deduce your actions by passively observing what is outside your home. That is what the NSA was doing btw.

 

[snemarch]

@palladin9479 : I don't *totally* disagree with you, and generally I'd say that you're giving good advice. But this VPN stuff is a topic with several layers – so... let's start by discarding the deliberate honeypots, the free products that harvest your data, and the well-meaning but dangerously incompetents. They're real issues you need to consider, but not all VPN providers are frauds.

Disclaimer: I've obviously never done anything bad myself, nor can I point to cases where other people have been busted. Be skeptical of my claims. It's generally safer to be distrustful, but don't fall into paranoia.

Disclaimer: I'll focus almost exclusively on VPN related issues in this post. If you do shady stuff, you're more likely to get into trouble from a bunch of other things. You won't find the information you need to avoid trouble on these forums, and I will not even attempt to provide guidance. But in the interest of keeping people safe: picking a nonstandard browser, adding some cookie-blocking extensions and disabling Javascript is not enough.

I'll start the VPN part by making some general observations, then try to add a bit of nuance. First: it's important to establish your security/privacy parameters – what do you *need*, and which consequences can you expect from various choices. Do you have a fuzzy "I want privacy!" goal? Are you a political dissident in an oppressive regime? (You'd hopefully be looking for advice somewhere better-equipped). Do you have currently-legal political beliefs or a sexual orientation that might be threatened after some near-future election cycle?

I'll cover a fair amount of stuff – a bunch of it won't apply to regular people in semi-functional democracies who just want to surf the pirate bays a bit.

A VPN provider that's willing to go to court deserves respect. A paranoiac might claim that this could be a false showcase to make people feel safe, but that's a bit far-fetched IMHO. Do keep in mind that willingness to take a court fight is only *temporary* "evidence", though – a track record is definitely something you should include in your threat modelling, but you have no guarantee against new legislation, infiltration of the company, software vulnerabilities, or something as banal as a new CEO that needs to maximize shareholder interest.

You should know you're dealing with two parts: the hard guarantees you are getting from the underlying technology, and the confidence you're placing in the company providing the service. If you're doing something that's illegal, ultimately the tech part will be your only source of protection – policies can and *will* change.

At the technology level, a traditional VPN tunnel is a *very strong link* between your source network and your VPN provider. The traffic between you is encrypted, so other people (even your ISP, the cops and security agencies) won't be able to eavesdrop. But your VPN provider knows your source address, they can do netflow tracing, they have *some* financial records (even if it's just bitcon wallet addresses). Your provider might not keep persistent records, they might not be law-enforcement friendly – but it's a traffic concentration point, which makes them interesting. VPN infrastructure is a juicy target for criminals as well as law enforcement.

They might not be logging anything today, but they could be forced tomorrow – through wide-reaching legislation, a standard court order, or insidious stuff like the US's National Security Letters. (And sure, you can avoid a bunch of these concerns by picking a European VPN provider, we have a lot of consumer safeguards. Unless you're doing bad enough stuff to be interesting to the Nine Eyes.)

@palladin9497 mentions NSA-style passive observation – this is something that happens, and if your threat model includes that level of adversary, you should know that a VPN isn't going to help a whole lot; they have similar capabilities by being adjacent to the VPN operator data centers, and having pretty hardcore metadata correlation analysis capabilities. They don't flex those muscles for petty crime, though.

The same goes for TOR – you can do "fun stuff at home" without repercussions, but if you get into freedom fighting or the heavy end of libertarian trading systems, you need several layers on top of that (and realistically, even if you're good, you can only keep this up for a limited amount of time – the compartmentalisation you need to practice just isn't sustainable).

So, what are some common scenarios where people want privacy or anonymity?

You want to watch streaming content from a different geographical region. Unlikely to get you in trouble, but you might as well just go torrenting. You're violating ToS and disagreeing with the insane Digital Restrictions Mafia, but trying to convince yourself you're A Good Boy because you're paying the outer-layer streaming provider.

Your ISP is snooping on you (outside of law enforcement because you did something nasty) – I didn't consider this scenario until now, it's a pretty alien scenario in the EU. Same category as "I want safety on public wifi", pick a reputable non-free provider that doesn't have gran anonymity claims.

You're torrenting. Depending on where you are, this might be dangerous to do directly from your ISP, and if you're lucky, a VPN might make the situation better because it's a small-fry crime that your provider can shield you against. On the other hand, perhapsyou've chosen a "privacy-focused" VPN provider, which suddenly gets targeted by LEO because of its "privacy focus", and you go down for petty crime with several thousand other people.

You're a political dissident. and the sites you're visiting aren't getting enough attention that your VPN provider is compromised. However, you thought you were being safeguarded by the VPN, but to avoid fingerprinting you would've had to use (at least) a compartmentalized Whonix client + router VM setup, from a randomized selection of public access points... but now you've been jailed, probably looking forward to a bit of torture.

...And that's my attempt at a more thorough "you porbably shouldn't be doing VPN". There might be scenarios I haven't thought of, and there's a couple of alternatives I haven't covered – like setting up your own VPN on a VPS provider, which will at least cloak your IP and require some money trail tracing... but that's an advanced scenario where you need to be very realistic about your goals.

 

[palladin9479]

Your ISP is snooping on you (outside of law enforcement because you did something nasty) – I didn't consider this scenario until now, it's a pretty alien scenario in the EU. Same category as "I want safety on public wifi", pick a reputable non-free provider that doesn't have gran anonymity claims.

If you are in the EU then this discussions ends about now because this was based around the US and the US has very different rules regarding things like probable cause, warrants and malicious prosecution.

The 4th, 5th and 6th Amendments are very special and you want to maintain those protections as much as possible.

 

[snemarch]

If you are in the EU then this discussions ends about now because this was based around the US and the US has very different rules regarding things like probable cause, warrants and malicious prosecution.

It's a bit easy to dismiss like that, since most of the stuff doesn't depend on where you live – and you might need to consider international/cross-national legislation anyway, depending on your needs. But we don't have to keep up a discussion; have a nice Sunday 😉

The OP from @miltk indicated a belief that VPNs can "hide you", and I stand by my opinion that it's the wrong tool for that purpose, regardless of your country of residence. And that you might get into trouble if you believe you're "hidden" – or, at least, just get ad-network-tracked as efficiently as if not using a VPN.