Are VPN's truly as secure as people make them out to be?

I’m constantly told to get a VPN to ensure no bad actors get into my phone / Computer. But I watched a short from PirateSoftware guy that basically it’s not what it’s cracked up to be. If that is the case, what should I do rather than bend over backwards?

Welcome! We’re here to help with any cybersecurity questions you may have. Get started protecting yourself online with these tools:

VPN - PrivadoVPN: VPN $1.48 Deal From PrivadoVPN | PrivadoVPN
Browser - Firefox: Get Firefox browser — Mozilla (US)
Password Manager - Bitwarden: Bitwarden Password Manager Pricing & Plans | Bitwarden
Search Engine - DuckDuckGo: About DuckDuckGo

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

Nope, VPN is as safe as the vendor that hosts it. It encrypts data between you and your service provider, but you can still download viruses and the government can still find out who you are.

This is a great article from Brian Krebs.

Why Your VPN May Not Be As Secure As It Claims

You’re right, though there’s nuance to it. Practice safe hygiene by not clicking on fishy links, not opening links from email unless you trust it, not downloading random shit, avoiding torrents, and keeping your system up to date. You can still use a VPN. There are use cases where they’re beneficial. But the better ones are not free.

A VPN doesn’t really offer more security than HTTPS. Most websites now use HTTPS so your connection to each website is already encrypted. If you happen to navigate to a site still running HTTP then your browser will warn you first before allowing you to proceed.

A VPN basically encrypts your traffic a second time (in case you’re really worried about browsing security - first most people not really an issue.

A VPN does also obfuscate the sites you visit from anyone monitoring your connection (which could include your internet provider), all they will see is an encrypted connection between your PC and the VPN server. This connection (tunnel) will carry all your internet traffic.

A VPN can also be used to obfuscate your geo location enabling you to access content that is restricted by region i.e. Netflix accessed from one country may offer different content to another. A VPN allows you to choose the country server you connect to so the site you access will be live you are in that region based on the IP address of the server. This is quite temperamental as lots of sites (like Netflix) now block IP addresses they know to be VPN provider servers.

A VPN is only as secure as the provider. I recommend Mullvad. To be fair, if you only access https sites (not http) your traffic is already encrypted to an extent, it just acts as a proxy that encrypts a little bit more info.

If u want optimal security without hard difficulty use IVPN or Mullvad and pay with crypto

No, VPN technology is about 30 years old, And lately there are multiple CVEs about vulnerabilities having to do with VPN.

You must have strong MFA with a VPN. Even better, use a solution like SASE.

The debate around VPNs and their security is definitely a hot topic! On one hand, VPNs (Virtual Private Networks) offer several advantages, such as encrypting your internet traffic and masking your IP address, which can help protect your data from prying eyes. However, it’s essential to understand that they aren’t a magical shield against all online threats.

The Security Perks of VPNs

  1. Encryption: Most reputable VPNs use strong encryption protocols, making it much harder for hackers or snoopers to access your data. This is particularly important when using public Wi-Fi networks, where attacks are more common.
  2. IP Address Masking: By hiding your real IP address, VPNs help you maintain anonymity online. This can be beneficial for avoiding tracking by websites and advertisers.
  3. Access to Restricted Content: VPNs can help you bypass geographical restrictions, allowing you to access content that may be blocked in your region.

The Limitations

  1. Trust Issues: Not all VPNs are created equal. Some free or lesser-known services may log your data or have inadequate security measures. It’s crucial to choose a reputable VPN provider with a clear privacy policy.
  2. False Sense of Security: While VPNs enhance privacy, they don’t protect against all threats, such as malware or phishing attacks. It’s essential to combine VPN use with other security measures, like antivirus software.
  3. Performance Impact: Depending on the VPN provider and the server location, using a VPN can slow down your internet speed, which might be a trade-off for security.

The Bottom Line

So, while VPNs like NordVPN are excellent tools for enhancing your online security, they shouldn’t be your only line of defense. It’s crucial to stay informed and practice safe browsing habits. If you’re looking for a reliable VPN that prioritizes your security and privacy, NordVPN is widely recommended for its robust encryption and no-logs policy.

If you’re curious to know more about how NordVPN can protect your online presence or if you have any specific questions, feel free to DM me for further information! :laptop::locked:

What else would you use for protection

VPN is just one of a series of measures.

Depending on how you wish to attack a person, a device, a company, it can pose a challenge or opportunity.

Say for instance I was attacking X company, I get an interview with any role that allows hybrid, it just comes as a question about what software they use at home (perhaps as a BYOD question). Most users know the name of the client app. Add a bit more tracking of that person to their home, attack their wifi, which likely doesn’t use port isolation, and then I have a great start to begin real intrusion actions.

If I’m just attacking anyone, ie. Not targeting anyone, I’d start from the server end and compromise from there, in which case a vpn is worthless.

When I’m using a coffee shop, I’d use a vpn. It’s not all I’d use though.

:man_shrugging:t4: