Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Do you need a VPN
#1
There is a lot of talk about if people need a VPN. The thing is governments hate VPNs but to ban them like China and Russia are trying to do would give too much away about how they want to control you.
So what is the next best thing for TPTB, a government run VPN, a fast  VPN that is given for free where the government can see everything you do on the net.
If the deal for a VPN  seems too good then its for sure a honey trap.
Not that it helps much but you should always read the VPNs privacy policy, to see what logs they keep. Almost all VPNs say they dont keep logs but this is not true, for a VPN to work some logs must be kept, its what logs they keep and for how long that is important. Can you be identified by the logs is the big question.
Never fall into thinking that because you use TOR or a VPN that you are a 100% safe, you are not .
Not using a VPN is like leaving your house unlocked, using TOR or a safe VPN is like locking your house up, it stops most people from getting into the house but not all.
For the people who dont know what a VPN or TOR is i advise you read up about them and then think do I need it.
Stay safe on the net, look on a VPN as a condom, if used correctly it gives good protection, and remember the internet is one of the most infected places on earth.
WAR IS PEACE, FREEDOM IS SLAVERY, IGNORANCE IS STRENGTH, THE EU IS FATHER AND MOTHER
Reply
#2
(05-08-2019, 02:33 PM)Wallfire Wrote: There is a lot of talk about if people need a VPN. The thing is governments hate VPNs but to ban them like China
and Russia are trying to do would give too much away about how they want to control you.
So what is the next best thing for TPTB, a government run VPN, a fast  VPN that is given for free where the government
can see everything you do on the net.
If the deal for a VPN  seems too good then its for sure a honey trap.

Not that it helps much but you should always read the VPNs privacy policy, to see what logs they keep.
Almost all VPNs say they dont keep logs but this is not true, for a VPN to work some logs must be kept, its what logs they
keep and for how long that is important. Can you be identified by the logs is the big question.

Never fall into thinking that because you use TOR or a VPN that you are a 100% safe, you are not .
Not using a VPN is like leaving your house unlocked, using TOR or a safe VPN is like locking your house up, it stops most people
from getting into the house but not all.
For the people who dont know what a VPN or TOR is i advise you read up about them and then think do I need it.

Stay safe on the net, look on a VPN as a condom, if used correctly it gives good protection, and remember the internet is one
of the most infected places on earth.

With everything happening over here in the European forum of the internet-(and I'm not on about viewing porn!),
I'm seriously thinking of using this.
minusculethumbsup
[Image: attachment.php?aid=953]
Reply
#3
VPN's work by encrypting your communications end-to-end. It gets encrypted on your computer, and then sends encrypted packets from there across the internet. This means that what appears to be gibberish is all that leaves your computer, all that goes through your router, the only thing your ISP sees, and all that can be intercepted anywhere along the way.

That sounds pretty locked-up, and it is, if used correctly. However, as Wallfire pointed out, if someone wants to crack it, and your security is slack and rests solely in a VPN, they can. Speaking as someone who used to raid computers around the globe, I can say that if I were wanting in to a particular target's communications, I wouldn't waste time trying to crack or decrypt their data packets. Instead, I'd social-engineer a Trojan onto their computer. Remember, the VPN encrypts everything LEAVING your computer, but ON your computer it's in cleartext. So if someone manages to get a Trojan onto your computer, they have the keys to the kingdom.

Some Trojans are true wonders. An attacker can install a tiny "server" program, around 50kb (remember, a modest photo is going to be 3-5MB, 100 times larger than the server I mentioned, and each of us probably downloads dozens of them a day just loading up web pages). Now, once that server is installed on your computer, the attacker can connect to it and build whatever he needs on your machine modularly. Want passwords? No problem - a key logger module is what you need to add. With a keylogger, one can virtually read over the shoulder of the victim - except that it logs keystrokes, meaning those neat little stars that hide your password aren't shown in the key log. What IS shown is the actual keys pressed... the password you type.

This setup can be used to turn your camera and microphone on if you have any hooked up to or built in to your computer. Screenshots can be pulled to actually see exactly what you see on your desktop. Your file system, and all of your files, can be rifled through and downloaded to the attacker's computer. I know of at least one Trojan that can take over your desktop, and the attacker can do anything he likes to or on your computer, and see what he is doing on YOUR desktop. If he is a stealthy enough attacker, he will ransack your hard drive and then delete his own server program and modules, and you will never know he was there.

I know of one case where a fine young man got ticked off at someone, Trojaned their computer, then deleted the Windows directory and all the operating system files. Then wiped the hard drive, destroying even his own server program. Now keep in mind that Windows and his server (among other things) were still running in the computer RAM, so wiping the files was done surreptitiously, and the computer did not show what was happening in it's operation. After this fine young miscreant got all of that done, he then turned off the victim's computer from half way around the world, resulting in a computer that would now not boot up at all, because it had no operating system, together with the fact that all of the victim's files that had not been backed up were now destroyed, gone forever.

That is what can be done by a Bad Actor, even through a VPN. They simply tunnel through the VPN same as all the other communications, and do their deed in the cleartext of the computer rather than attacking the encrypted data. The moral of the story is that you have to be vigilant, and while VPN's are a good idea, they do not stand alone in a defensive perimeter around your computer.

At work, we use a VPN coupled with a "virtual machine" that communicates through the VPN. When I am in that virtual machine, the desktop I see is not actually on my computer. It's not even in the building... hell, it's not even in the same state, but half way across the country! So, if someone were to hack into "my" computer, they wouldn't actually be hacking into MY computer at all - they would be hacking into a file a thousand miles away, and inside that file is a replica computer, operating system, programs, files, etc that perfectly mimics an actual computer, but isn't really one. On top of that, the virtual machine software is "sandboxed", meaning that nothing can escape it and get on to my actual, local, physical computer. There is a barrier there to prevent that, kinda like the blood-brain barrier in a human body.

I think, if I wanted to be really secure from the gummint, I would get a VPN, and then set up a virtual machine. I would then set up that virtual machine inside of a VeraCrypt encrypted container. VeraCrypt is probably the best encryption software going - I doubt that any government has better. I'm dead serious about that.

Now, it would be a pain to get into, but the sequence of events would go like this: boot your computer. Log in to your account. Open the VeraCrypt container. Fire up your virtual machine that lives in it. Surf the net to your heart's content on the virtual machine. When done, shut down the VM, unmount (close) the encrypted container, and voila! All your surfing is now encrypted inside that container, locked up tight. The North Korean missile codes you stole from Pyongyang? Encrypted. All evidence of your tracks to get there and steal the missile codes? Encrypted. The traffic through your ISP that would tell where you went? Encrypted (by the VPN). North Korean Secret Police knocking on your door? Just wipe one file, the container containing the VM, and it's gone, gone, gone! Power outage shut your machine down in mid-communication? No problem! VeraCrypt containers are never decrypted to the hard drive, only to RAM... so when the power cut to your computer, it turned it off, everything in RAM was forgotten, and the encrypted container file is just sitting there, still highly encrypted.

As an added measure, I would probably run TOR inside the encrypted VM, and through the encrypted VPN. That would be a lot of unraveling for an attacker to do, PROVIDED that he didn't manage to get a Trojan on your virtual machine. If by some chance your VM DID get hacked, it's a simple matter to just wipe that file and start up another virtual machine, with a clean operating system - that would just be like getting a brand new, unused (and unHACKED), computer, but a lot less expensive.

Just some random thoughts from an old guy who knows the value, and the cost, of freedom.

.
" I don't mind killin' a man in a fair fight... or if I think he's gonna start a fair fight... or if there's money involved... or a woman... "

 - Jayne Cobb, Hero of Canton
Reply
#4
(05-08-2019, 02:57 PM)BIAD Wrote: With everything happening over here in the European forum of the internet-(and I'm not on about viewing porn!),
I'm seriously thinking of using this.
minusculethumbsup

A VPN would be a good idea, depending on your level of paranoia (and we've all got it to some degree, or we wouldn't be here at RN!). I don't know what the laws on VPNs are in the UK, but I DO know that there is a pretty draconian law against encryption - specifically, if I recall correctly, the law is not against encryption per se, but against forgetting a password - if you fail to cough up a password to anything encrypted on your computer, they can give you two years in prison there.

VeraCrypt to the rescue! There is something called "plausible deniability" built in to it. In broad strokes, you create an encrypted container that has ANOTHER, hidden, encrypted container within it, and create TWO passwords - one a throwaway that you can give government stooges in, for example, Iran, when they knock on your door at 3 AM and want to look through your hard drive, and another, secure password that only you know. The throwaway password unlocks the outer encrypted container, where you have strategically dropped in a few random innocent files, tax returns that the government would already have, for instance. The other, secret password unlocks the INNER, hidden container where you have hidden the nuclear codes for the North Korean missiles that you stole from Pyongyang, and don't really want your government to know you have.

So, the knock on the door comes, they threaten you with a rubber-hose beating if you don't give up the password to your encrypted container, and you sigh and say "alrighty then - it's 'dagummintsux' " and hang your head in shame. Then the stooges unlock your container with that password and exclaim "goddammit! All he's got in here are tax returns and bank statements, and we already HAVE those!", at which point you shrug and say "I dinna want the hackers to get into my financials! Can't be too careful these days, eh? wink-wink, nudge-nudge!". All the while, the NK missile codes stay safely hidden, and the stooges are none the wiser to them. There is no way for them to prove you have a second, hidden container because of the nature of the way the encryption containers are structured. Which one opens is a function of which password is input - both are never open at the same time.

Food for thought - again depending on your level of paranoia.

BTW - VeraCrypt is FREE software. It is built on the old TrueCrypt model (but considerably, CONSIDERABLY, strengthened), and coded by a guy in France who believe that governments should not have a monopoly on encryption or secret squirrel stuff. It can be found by Googling it, and downloaded for just the cost of the bandwidth to get it to your hard drive. It is, simply speaking, da bomb! There is a zip file I recommend that is probably around 125 MB which contains the Windows version, the Linux version, and the Mac version, along with a few other helpful odds and ends. A container created in any of those operating systems can be read by VeraCrypt running on any of the others. If you have low bandwidth constraints, just find the version for your operating system separately and download only that one at a considerable download time savings.

If you don't trust it, and can read coding, you can download the source code and go through it with a fine toothed comb. Lots of folks have, and to date no back doors into it have been found. 

.
" I don't mind killin' a man in a fair fight... or if I think he's gonna start a fair fight... or if there's money involved... or a woman... "

 - Jayne Cobb, Hero of Canton
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)