this post was submitted on 23 Oct 2023
632 points (91.9% liked)
Technology
60129 readers
2689 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why is installing a VPN considered bad? Is it because it is done without user consent? I don't understand if there is any malicious intent.
They're installing extra software that's useless unless you give them money. Plus you really want to be aware of your VPN since all your traffic will be going through it.
It doesn’t auto enable and chromium also gives you a lot of unnecessary features. While I think Brave is bloat I don’t see how this is any more than the usual.
Because a vpn can monitor all the websites that you visit. Not directly what you're looking at, but definitely where you're looking. Just line your provider can, if you're not using a vpn. But at least with your provider, you have a contract with them - you pay them to transport your data and nothing more. Some very scummy providers aside, that's where it stops.
A free vpn, however, needs to pay for transporting your data somehow. And if you're not paying for it with money, then who/what is?
See also Tom Scott's explanation about vpns, why you probably don't need one, and why he refused their advertisement money.
Here is an alternative Piped link(s):
Tom Scott's explanation about vpns
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
It's not even free, the service itself is a payed subscription. But it's there and it could be working and funneling data without the user knowing it if they wanted to.
I'm interested to hear what you think a vpn will protect you against. Or what you think the flaws in Toms arguments are.
Edit: I don't know about you, but I trust my own, GDPR-backed isp far, far more than I trust whichever foreign based vpn company. Especially if they for it for free or cheap.
The only thing you're "protecting" yourself from by using a vpn to surf the Internet, is your own provider. It won't stop any spying software on your phone, or any nefarious scripts on the websites you visit.
Tom's argument was more nuanced than that, which is why I linked it. I suggest you watch it and explain where he's wrong if you want to give your argument to ignore him any weight. Ad hominems and "imagined" arguments alone won't get you very far, I'm afraid.
I actually work in cyber security and I was really happy Tom Scott released that video. VPN companies are some of the scummiest companies out there, and their rampant sponsorships on YouTube were shameless misinformation and fear mongering in order to scare you into giving all your internet traffic to them. Seeing so many sellout tech YouTubers take their sponsorships despite knowing better COUGH NetworkChuck, was one of my biggest pet peeves.
There are seemingly legit VPN companies out there, and there are some legitimate use cases for them, but what Tom is addressing are the shady ones that lie to you about what they’re for and how they help you for their own monetary and in some cases data mining benefit. In most cases you do not need a VPN, and it doesn’t do anything to protect you from “internet criminals”, or provide extra “security” and it only “protects” your privacy by shifting the for-profit company that gets to see all the websites you visit.
I too would like to know why you think a VPN is needed “on today’s web”, I would bet money it came directly out of one of theirs ads scripts.
I doubt either one of you will ever hear from them. I guess they haven't even watched the video to begin with.
I'm sorry you felt the need to denounce claims in videos while openly admitting you don't even know what the claims are.
That’s your own VPN, not a commercial VPN service and you’re using that for what I would assume is DNS filtering. Thats entirely unrelated to what a commercial VPN service does and what Tom Scott’s video is about. And that’s not even a benefit of your VPN, your VPN is just a tool you’re using for remote access to your DNS filter/server which is what’s actually providing you that service. I could do the same exact thing with a recursive DNS server and Pihole using DOH without a VPN at all.
That is again an entirely different use case and product than what a commercial VPN service is offering. That’s not even for privacy, it’s for secure remote access to your company network.
That’s not a problem a VPN service solves.
With a VPN service like ProtonVPN, all you’re doing is changing the corporation that can see which sites you visit from your ISP, to Proton. It isn’t inherently any more private or secure, you’re just choosing which corporation you allow the ability to spy on you.
No, his argument was that outside of spoofing your location, and hiding which sites you visit from your ISP specifically, VPN services don’t provide the average consumer with any additional benefit over what you get for free by default due to the wonderful inventions of TLS, and HSTS. The point is that VPN service companies use scare tactics to get you to purchase a product you don’t need to solve problems you don’t have. NetworkChuck made a whole sponsored video about how somebody can man-in-the-middle you at a coffee shop to steal your credit card information to demonstrate the effectiveness of a VPN service and the attack he demonstrated was literally impossible. He created a fake, non-real world scenario straight out of 2003 to deceive the less tech literate public in order to shill a VPN service.
Tom Scott provided a fantastic public service by educating people on what a VPN actually DOES and what it DOESN'T DO. So people can actually make a decision as to whether they need one due to the facts, not misinformation and false advertisement. You on the other hand still can’t seem to articulate what exactly you think a VPN services does for you and how it does it. You have a lot of buzzwords and vague statements about “being spied on”, and never actually said why you think commercial VPN products should be used by the average user “On todays web”.
I agree with what other people said. And here's a new twist.
Any software that messes with the networking stack, can cause really difficult to debug errors. And it may induce errors in other programs. The more complicated your computer's networking, the more fragile it is.
So introducing, silently, unasked for, network drivers and VPN hooks into the operating system is harming the compute stability of their user base.
At the very least, it should be opt-in! There should be a dialogue asking hey we have this new awesome feature, click okay to install it, something like that. Informed consent
It's "all your mail is now redirected to a third party that makes money by mining it for data without you knowing" level of nastiness. Absolutely deplorable and a reason to never touch anything made by the people behind Brave even with a ten foot pole. Brave is a scam and why people pretend its not is beyond me.
that's what the new outlook 'app' (replacing win 10/11's mail 'app') does with gmail accounts. routes all your mail from gmail through microsoft servers before delivering to the app on your pc.
They're apprehending ALL of your browsing activity to their lucky vpn provider of choice.
a service has far more privs on the system than a browser should have or need (which can be installed on a per-user basis, no admin/root required).