VPN beginner here, explanation needed

VPN Forum
1

Hi people

I have always been interested in using VPN but never really paid too much attention into it, until now. I have a number of questions that hopefully you guys will be able to provide the answers for. Lets get straight to it:

  1. Does using VPN mean I can use any public wifi (restaurants/cafes/hotels/airports) and be 100% worry-free?
  2. How exactly do you use a VPN? Is it: connect to internet, turn on VPN, start browsing? or is it turn on VPN, connect to internet, start browsing?
  3. Lets say I decide to use VPN. Is the VPN going to be connected to my device/computer or will it be to the ISP? I ask because I am living with my brother. The question is, if I use a VPN, will it be only for my computer, or will it be connected to the ISP as well, in which case my brother will be able to use it as well?
  4. Is it normal to use VPN most of the time, when you connect to the internet?
  5. As long as I use VPN, connecting to public wifi and checking my social media accounts, my bank accounts, etc. will be safe, correct?

That is all. Thank you for reading

2
  1. VPNs don’t make you 100% safe on public Wifi, your data is encrypted, but you should still avoid sharing sensitive info on unsecured networks.
  2. Usage: Connect to the internet first, then turn on the VPN before browsing. Some providers may have different protocols.
  3. Device vs ISP: A VPN only works on the device it’s installed on. To cover all devices, install it on your router.
  4. Always on? Many users keep their VPN on 24/7, but some apps might require it to be off.
  5. Security: VPNs protect privacy but don’t stop malware or phishing, safe browsing is still crucial.

If you’re looking for the Top VPN, check out this Comparison Chart, It has multiple best options to choose from

3

Hello, welcome to the world of VPN.

  1. No, this is merely a lie that VPN providers tell you. Attacks are extremely rare and letting your guard down because you use a software is dangerous.
  2. This depends on the VPN software you use, but generally, the order is connect to internet first, before you turn the VPN on. But again, different protocols or software may be different.
  3. VPN applies only to the device it’s installed in. If you want the VPN to be used on multiple devices, simply install it one level up (i.e. your router.) Tomato firmware may be of your interest. ISP is simply, as the name suggests, a provider. They help forward your traffic onto the main internet, but you won’t be able to install any software onto them.
  4. Yes. I have my VPN on 24/7 unless an app tells me not to.
  5. No. Your VPN doesn’t do anything to secure you. You are your first and pretty much only line of defense. If you do not excersice common sense, even the strongest firewall can be breached. VPN is simply an aid, not a protection.
4
  1. no, you need to trust your vpn provider that is safe
  2. connect to internet, turn on vpn and start browsing
  3. if you use vpn app in your phone, then it will only connect to your phone. If you use it on router, it will be the whole house.
  4. i only use it for torrenting
  5. no, you need to trust your vpn provider that is safe
5

  1. Never let your guard down, but in general, this is the best use case for a VPN proxy.

  2. The VPN requires an internet connection. It does not provide its own internet connection. Connect to internet, then connect to VPN.

  3. This depends. Your router might be capable of running as a VPN client and tunneling its traffic over that VPN tunnel. If you don’t have a router capable of that, you will be installing a VPN client on your computer, which means it is ONLY for that computer.

  4. I only use my VPN connections when I need to access resources on my work network, or if I am away from home, I want access to my servers and resources at home. I do not use a “VPN service” like whatever the hot name is in VPN proxies these days. I use VPN to connect to remote networks, not to hide my internet traffic.

  5. This depends on what you are using, how you are using it, and how secure your accounts are. Using a VPN doesn’t somehow make your accounts more secure, it’s merely a way to tunnel traffic.

6
  1. Yes, almost all the VPN protocols are nearly unhackable.
  2. It is turn on internet and then turn on VPN and start browsing. It is very unlikely that your device will get hacked in this time period where you haven’t turned on VPN yet.
  3. The VPN service only works on the device you turned it on. For example, if you have turned on VPN on your mobile then all your web traffic (from your mobile) gets routed to the VPN servers instead of your ISP’s servers.
  4. If you are using a public wifi or any network that you don’t trust it is highly advised to keep your VPN turned on.
  5. Yes, it’ll be safe from hackers.
    If any info here is wrong please feel free to correct me :slight_smile:
    Edit: I have made most of the statements corresponding to my PiVPN that I have setup on my Raspberry Pi. So…pls don’t downvote me :slight_smile:
7

VPNs encrypt your traffic before being sent through your ISP’s servers, finally arriving at the VPN physical server of your VPN service provider. After it is then unencrypted and sent to the larger web (this is why https is still somewhat important). A VPN is not end-to-end protection, it hides you from your ISP.

You can imagine info being sent to you takes the reverse order of this.

8

What are you trying to achieve? Are you looking for a secure connection from home or also while mobile? Do you understand the difference between VPN and HTTPS?

9

What’s the risk between: when you connect to the internet & turn on your VPN?
I understand the computer may be communicating to servers for updates, verification, ??? Does windows & Mac encrypt stuff like when their app stores check the servers if there are updates to apps? Websites are https (mostly?) Apps like adobe verifying licences is done securely?

10

Your answer #1 is quite brave. I would never dare claiming that. VPNs are complicated under the hood, there are many aspects where it can go wrong in the implementation. In addition, no crypto algorithm is perfect.

Never take for granted that anything related to crypto is safe for too long. Sooner or later it will be broken. For many years, Blowfish,RC4 ciphers and many more were considered pretty good, until the SWEET32 attack vector appeared. Now these ciphers (together with anyone with less than 128 bits cipher block length - which is NOT the same as key length) are now considered vulnerable.

So even if the OpenVPN protocol itself is “nearly unhackable”, there are still way too many OpenVPN servers out on the Internet still using Blowfish for encrypting the tunneled network traffic - many of them based on ill-advised blogposts telling you “how to configure a VPN server in 5 mnutes”. (That said, OpenVPN 2.4 and 2.5 will complain about Blowfish and related ciphers, the coming OpenVPN 2.6 will remove them).

And your answer #5 is wrong. Plain wrong. A consumer VPN service is essentially just a virtual Internet provider. The VPN service provider can snoop your network traffic instead of the local Internet provider. So you just shift your trust level from the local ISP to the VPN provider. That said, using a VPN service may add some protection for some very specific scenarios (like DoS attacks, they will hit the VPN service provider instead of your local ISP or your computer if you have a public IP address instead of a private RFC1918 address). But using VPNs does not protect you much at all if the traffic out of the VPN hits the Internet on the VPN server side.

11

First of all in the first answer I used the word “nearly”
And then about 5 I am really sorry I was taking into consideration my PiVPN that I have setup on my Raspberry Pi so…
Thanks for educating and correcting me. Happy to learn :slight_smile:

12

The VPN still don’t protect you, even in if you use a self-hosted VPN service - as long as the network traffic exiting the VPN server side hits the Internet. You are more protected on the local public wifi, as the traffic between you and your own VPN server is encrypted. But in the moment the traffic hits the open public Internet, you’re again vulnerable.

This kind of setup just obfuscates your device location, that’s basically all which happens, as you use your home ISP as the exit node - it will look like you’re browsing from home when you’re travelling.

A VPN can only give you full protection as long as the network traffic does not hit an open public network, like accessing devices or services behind on local network behind the VPN server. That traffic is protected when accessing it via the VPN connection from an insecure network.

13

I seriously dunno why I am getting downvoted :frowning:

14

:+1:understood
Thx for educating (no pun intended, seriously thx) me :slight_smile: