I’m new to VPN’s and have been reading up a lot about them these past few days. There’s tons of articles about how and why to use a VPN, but I haven’t really come across any topics regarding what NOT to do while using a VPN.
What shouldn’t I be doing while on a VPN? Are there certain sites I shouldn’t visit? Should I avoid social media, email and other login style websites that require my username and password? If I log into say Facebook with my real IP and again with the VPN IP, is that a bad thing? Is that basically linking the two IP addresses together in a log?
Can I just do whatever the hell I want while logged into the VPN or are there certain precautions to take?
**Sorry if this is a dumb question, but I’m trying to learn the ways here.
This depends on exactly what your objectives for using a VPN are.
Judging by the line of questioning, you are wanting anonymity. The P in VPN is for Private, and it is not Anonymous.
If you want anonymity, and are worried about things like:
If I log into say Facebook with my real IP and again with the VPN IP, is that a bad thing? Is that basically linking the two IP addresses together in a log?
Then good - you understand the kinds of problems you face, but VPN isnt all you need here, you need to learn some behaviours that will be part of your cloak of anonymity.
If you have not already you probably need to start making some untraceable burner email addresses and using tor (probably from TAILS).
Generally it is said that when you are connected to a country where torrenting is forbidden, you shouldn’t torrent anything. E.g, when torrrenting, prefer norway,finland,sweden,switzerland INSTEAD OF united kingdom,france,germany(germany has PRETTY strict rules).
Other than this ofc you shouldn’t visit child pornography sites.
don’t use any real life financial institution web sight such as a bank, credit card, stock portfolio, smartphone, public utility, etc. their web security system likes to see you login from the same public IP or their app to make sure it’s you.
I use a VPN to stay private, which means I log into social media all the time when on a VPN. I basically do whatever I would normally do. I only use a VPN to mask my activities from my apartment complex, other people who use the connection (prevent MITM attacks and snooping), and their ISP; I’m not really looking to protect myself from government agencies and I have a moderate amount of trust in my VPN provider (meaning I don’t think they log my information, nor will they take advantage of my browsing habits in any way). It sounds like from your questions that your goal is to stay anonymous rather than private. If that’s the case, then Tor or I2P might be more up your alley and depending on what you’re doing, might be worth considering doing both a VPN and Tor/I2P. Whether you do tor through VPN or VPN through tor will depend on who you trust more with your real or exit IP and your browsing habits; do you want your VPN to know you use tor (your VPN will know your real IP and that you use tor but your they won’t know your browsing habits), or are you ok with your exit node knowing your VPN’s exit IP (your VPN will be able to know your browsing habits, but they won’t know your real IP)? There’s a few other details to consider when using both a VPN and tor, so that’s something to think about.
Using sites that contain any identifiable information should be avoided, like social media as you pointed out. Sites that require any kind of login or identifiable information should be avoided if you’ve used them on your normal IP or an IP that could be cross referenced with another site to identify who you are. For example, if you used this reddit account on the same IP that you use to log into facebook (meaning both sites have the same recorded IP for you), then you shouldn’t use this reddit account while in a VPN or Tor/I2P (if your goal is to stay anonymous).
That being said, the OS you use, the browser you use, any applications that run in the background should be considered suspect and could potentially give you away, so monitoring your internet traffic is important as well. Using a site that you’ve used before can be dangerous, even if they don’t have a login or anything like that. There’s a chance they or their advertisers use browser fingerprinting to identify and track you around the web (which goes far beyond cookies). Since most browsers give off a unique fingerprint, that means visiting a site you’ve visited before with the same browser, or even visiting a new site that happens to use the same ad agency as a site you previously visited, might give away who you are, despite using Tor/VPN.
Using Tails (from bootup, or from a VM) will help alleviate that problem since the OS is built with anonymity in mind, and because the browser in Tails can’t be fingerprinted (at least I don’t believe it can since it’s fingerprint should be the same as everyone who uses Tails, making fingerprinting it useless).
One thing I would not recomend doing while on VPN would be internet banking. I personally would trust an ISP over a 3rd party provider when such sensative information is being transmitted over the net. I know that banks use incredibly secure protocols when you log onto them, but like anything netsec, you really can’t be 100% bullet proof.
You can visit any site you want. Just don’t do anything illegal the VPN knows exactly what sites you visit and what your IP is. We put trust in them to keep no logs but at the end of the day that’s a matter of trust, if they ever wanted to they could lie.
The VPN alleviates the need to trust your ISP, rather your trust in who handles your traffic/information is in the VPN. So if you what to hide to your ISP that’s what a VPN is great for. But it doesn’t make you anonymous, it makes you pseudonyms with one central authority have the ability to determine who’s behind the pseudonym.
Since we’ll assume your a law abiding citizen it’s likely you only law that you’d want protection from breaking is copyright. This a VPN is fine for, it will protect you from copyright that’s their job and government doesn’t care enough to do anything. Note that some VPN companies only permit torrents in some of the countries that they have servers in.
If you want actual anonymity because your paranoid, or live under an oppressive regime then you need multiple hops in order to prevent any given operator from knowing both what sites you visit and your ISPs IP. For this you would want to use networks such as TOR and/or I2P as they intelligently use multiple hops.
Most VPN providers are just very lazy and don’t want to deal with DMCA notices and finding a new data center when the data center shuts them down. There are tons of VPN providers that allow P2P on US servers like AirVPN, PIA, Mullvad. I think even NordVPN is allowing P2P on some of their US servers now (NordVPN are actually routing P2P traffic on their US servers to CA servers) and that is how all VPN providers should handle it. We aren’t paying them to censor their servers. If the VPN provider doesn’t log and are trusted. There is no point using a server that has a higher ping and slower speeds over the US servers.
I’ve been torrenting on US servers with PIA for 4 years and never got a single notice and they never contacted me once.
I’ve had no problems doing my financial stuff on VPNs. Though VPN should be off for credit card transactions as these are high risk so use of a VPN may result in the transaction bring declined due to anti fraud system. So it’s not end of the world of you log into your bank account with VPN. But disabling it for credit card transactions is something you should do.
if your visiting a site that has SSL unless your VPN provider does MITM attacks like cyberghost because they install a root certificate on your machine… then its perfectly safe to use a VPN for banking because the traffic is encrypted they are unable to view this information anyway. Its only when using clear text i.e non SSL a provider might be able to review the information passing through the VPN nodes
Canada is good for VPN to torrenting. There’s other countries that are better for privacy but in regards to simply torrenting a VPN is no issue and serves you the protection you need. Most VPN providers allow for torrenting on Canadian servers.
It’s forbidden by law, but any good VPN provider will be in a country that doesn’t have logging laws. So they can’t be responsible for what people do with their servers. The only thing that can happen is the data center can terminate their contact (They simply find a new one) or they can get a court order to see if the person is still connected to the server (This is why you should always disconnect daily to get a new IP/Server and to wipe your session data) as they can see data for the current session as Torguard has proven with their no refunds if you go over 10gb while not logging, but monitoring live sessions on the server.
I wouldn’t be worried though and still use US servers to torrent. They aren’t going after people downloading as that would be a waste of money for the FBI and others with very little outcome. The only thing people torrenting have to worry about is hiding the traffic from their ISP and any location will do that. They go after the people running sites and actually ripping and spreading the releases. Downloading on US servers with a non-logging VPN provider is fine as long as they are a decent provider who doesn’t log and doesn’t block P2P on US servers.
They go after the people running sites and actually ripping and spreading the releases
Well, regarding this, recently Kickass got down, and its owner got arrested -I think-, but Kickass always deleted torrents when copyright owners wanted torrents to get deleted in view of DMCA. If Kickass deleted as they are told, then why all system got shut down? I know, this is not a question related to VPN, but still, I’m not grasping the all idea here…
He was also arrested for money laundering. I’m pretty sure he was anyway. I didn’t fully read into it, but from the bit that i did. The guy sounded like a moron and left a pretty huge internet footprint for running one of the largest torrent sites in the world.
