Question VPN

[PaulDesmond]

Hi. I am interested in VPN. i do have a basic understanding of communications as I was an electronic engineer. From what I see, data Is sent in the form of packets with the destination IP address. This should be my ISP address. This is sent to the recipient after removing the ISP address. But what happens with a VPN.

Does the packet go directly to my ISP or to the VPN server? Can someone hacking in at the ISP level unravel this and find out where it’s on going destination is? Can an ISP decode it?

Can I add to this emails as they work differently.

 

[USAFRet]

Everything goes through your ISP.
But it is an encrypted tunnel. All the ISP sees is encrypted gibberish.

 

[bill001g]

VPN just changes who you think you can trust.

VPN prevents say your local ISP from seeing what sites you are going to but you have the same issue with the VPN provider. Some VPN providers, like the ones that offer "free" service, are actually worse then a ISP. They force advertising into the data streams.

From a security standpoint vpn is not as important as it once was. Now days almost all traffic is encrypted end to end with the final server using say HTTPS. Anyone in the path cannot see what you are actually doing they can only tell for example you are on a google owned server.

In most cases VPN is used to get past restrictions, like watching netflix from some other country. It also is used to hide your IP address for cases you do not trust the destination server you are using.

VPN was much more important when people where using public hotspot and things like facebook were running everything unencrypted.

 

[PaulDesmond]

Okay but I was looking at Nord VPN which is not free.

If for example, I was buying a shirt from Amazon and not using VPN. anyone could tell at the ISP end that I was going to Amazon but would not know what I bought.

What about this conversation even.

 

[USAFRet]

Okay but I was looking at Nord VPN which is not free.

If for example, I was buying a shirt from Amazon and not using VPN. anyone could tell at the ISP end that I was going to Amazon but would not know what I bought.

What about this conversation even.

So they knew you went to Amazon.
Either the ISP knows, or the VPN company knows.

Be very very careful of what reviews you read for VPN services.
It seems that most of the reviews you read are paid for by the VPN company, or indeed owned and hosted by them.

VPN Reviews: Honest Analysis and In-Depth Testing

All of our VPN reviews include in-depth testing and analysis. We purchase and test all VPNs that we review and post the test results.

restoreprivacy.com

 

[bill001g]

I guess it depends on the ISP and how badly they wanted to track the traffic. If it was a government and you were doing something illegal enough they could figure it out.

So between you and the VPN provider everything appears to go to the vpn provider data center and the traffic is encrypted by the vpn. Now once the traffic is at the vpn data center the encryption is stripped off and the traffic is send out on the internet appearing to come from the vpn data centers IP address rather than yours. And since you likely share the IP address with many other people the data more or less is anonymous.

The flaw is say the ISP in question is actually providing service to the vpn company or the government is capturing traffic. The could see both feeds the encrypted session coming in and the unencrypted session going out. It is not simple to match these 2 data streams but if you read about china and their ablility to detect and block vpn you will find they can see patterns in the encrypted traffic that they can match with the unencrypted traffic.

In general it is not a big issue unless you are doing stuff that makes it really worth the time to come and get you. I mean its like the so called ban on the new diablo immortal game in some EU countries. Nobody really cares enough to prevent people from using a vpn. Companies like blizzard may say they will ban you but I suspect that is more a "official" statement. They likely will only ban someone who say talks about that they are using vpn for that purpose. As long as the company pretends to try to follow the laws the governments can do little.

 

[PaulDesmond]

That's what I thought...

Here in the UK you hear of police investigating Muslim terrorists. They can find out all the websites they look at and any extremist material as well.

 

[USAFRet]

That's what I thought...

Here in the UK you hear of police investigating Muslim terrorists. They can find out all the websites they look at and any extremist material as well.

Browser history and temp files.

Plus, the ISP or VPN can see what site you may go to.
Given a court order, NordVPN will absolutely roll over and give up that info.

 

[hotaru.hino]

Does the packet go directly to my ISP or to the VPN server? Can someone hacking in at the ISP level unravel this and find out where it’s on going destination is? Can an ISP decode it?

The packet still has to go through the ISP, because the packet still goes out the modem that's connected to the ISP's physical network. The next hop out of the ISP should be the VPN, so there's that. As far as someone snooping your traffic, it's encrypted, so unless someone knows both the encryption key and the encryption method, they can't decode it. In addition, if you're visiting a website that uses HTTPS, traffic between you and the site is encrypted on top of that. So even if the eavesdropper was able to decrypt the internet packet, they'd have to decrypt the actual data packet.

I believe also the encryption keys are negotiated ahead of time between your computer and the server on the initial connection (whatever that may be), and the keys are randomized.

Can I add to this emails as they work differently.

Internet traffic is internet traffic, regardless of what the data contains.

Here in the UK you hear of police investigating Muslim terrorists. They can find out all the websites they look at and any extremist material as well.

Some VPNs keep a log of where their users are going to. These should be avoided if privacy is your thing. Lots are compelled by their local government to do tracking if they ask for it.

And also, there are ways to find this information via cyber sting operations or whatnot. Like the incident in Australia where their local federal law enforcement managed to convince gangs to buy "private" phones, going so far as to setup a shell company and whatnot. Of course the kicker is these phones were bugged to heck to send or keep data as evidence.

 

[PaulDesmond]

Okay. Thanks for your help. It sounds like VPN is not worth paying for unless you want to watch netflix from another country or you live in China and want to get around the Chinese government.

 

[bill001g]

The other reason sometime is idiot gamers who are poor losers. Some games do not have central hosts so the person who run the host, and that could just be one of the game consoles, can see all the IP connected. This used to be a issue even with whatever servers they used to use for voice com before discord got popular. It is not uncommon to hear of these idiots paying to run denial of service attacks against people home internet address. This is why you see streamers use VPN for certain types of games.

 

[Old Molases]

From the moment you are connected to a VPN you assigned a virtual IP address and your data is encrypted end to end. Your real address is concealed and all the communication that your computer does is through a virtual IP address assigned to you.

 

[LORYT699]

Hi. I am interested in VPN. i do have a basic understanding of communications as I was an electronic engineer. From what I see, data Is sent in the form of packets with the destination IP address. This should be my ISP address. This is sent to the recipient after removing the ISP address. But what happens with a VPN.

Does the packet go directly to my ISP or to the VPN server? Can someone hacking in at the ISP level unravel this and find out where it’s on going destination is? Can an ISP decode it?

Can I add to this emails as they work differently.

For short, vpn is just a "server" where you connect, then it redirect you to the site or service u need.
You can use it for "change your" ip cause everyone will see the vpn ip, for defend from ddos attacks and others fancy things that 90% of human kind do not use.
All depends on your needs, if you use to have a p2p connections then is a good thing have a vpn between cause the final user will see the vpn ip and if he does a ddos attck it will goes 1st to the vpn and probably will be stopped there.
Is common to use a vpn for play gta online for this exact cause, all the modder use ddos clients for make disconnect ppl, with vpn you are more safe.
If you have seen a vpn spot from a you tuber there is an 80% chance is wrong cause they say what the enterprise want they say but a lot of time are all cabbage, yor data can be allways stolen by a sniffer, encrypted or not simply they have to decrypt it, but usually who does this things can do it