Basic VPN Questions
-
mike88 last edited by
Hello, I like to know as much about a product as possible before I attempt to use it. Because of certain changes being made in my Country, people have suggested they may use a VPN to overcome them. .In my case it would be on an occasional basis. I wondered are Operas VPN Countrys all safe to use and which is the best to use for speed, as I am on a slow connection already ! I should say that should I use a VPN it would NOT be for anything illegal !
-
blackbird71 last edited by
@mike88 It's important to recognize that using a VPN will only hide from prying eyes (by traffic encryption) the URL address of the website a user is seeking and the ensuing traffic to/from that website. In dealing with national censorship, a VPN cannot hide its own IP address from traffic snooping and blocking, since the user must openly include it in packet headers needed for connecting to and maintaining communication with the VPN's client server over the Internet. As a result, if the censors are determined enough, they can also block users from accessing those VPN IPs as well as blocking various censorship-targeted websites. In the past, agile VPNs have often succeeded in varying their IPs and obfuscating their specific VPN header protocol terminology to try to avoid the VPN blocking, but as censorship software has become more sophisticated, that avoidance is becoming less successful. This is one reason many such users have increasingly tried resorting to Torrent, but that carries its own issues (and risks).
The "VPN Countrys", as you describe them, are simply the locations listed for where the VPN operator runs/leases an exit-portal server for the last leg of user VPN traffic sent to the website. That traffic only carries the VPN's exit-portal IP as its originating address, so the user remains anonymous in that sense (though there are other elements that can betray the user's physical location only to the target website itself - WebRTC, OS geolocation, system details obtainable by website JavaScript, etc). Ordinarily, a VPN operator might be required to maintain connection logs for overall traffic carried over their network and their various portals, but disseminating that information to authorities would depend on the laws applicable in where the VPN operator is chartered and conducts business (in Opera's case, Norway, which has excellent privacy laws).
A VPN will never reduce your connection speed (with one exception), since it can only add complexity to the traffic flow as a result of the user traffic to a website having to pass through the browser/computer's VPN software, the VPN client server, the VPN's internal networking, and the VPN exit server... and then back again in reverse with any/all traffic from the website back to the user. This can be an especially cumulative effect when first visiting a website due to the impact of the handshaking required to set up a proper https connection. The one exception is that, depending on the VPN operator, his DNS IP lookup of the user-sought website URL might be significantly faster than a particular DNS service used directly by the user himself... but, if so, that will still be more than likely submerged by the added VPN delays.
-
sgunhouse Moderator Volunteer last edited by
@blackbird71 said in Basic VPN Questions:
A VPN will never reduce your connection speed
Obviously he meant "improve", not "reduce".
Opera Turbo is not a VPN, though it is a proxy and in rare cases has allowed people to access sites they "should not" be able to. The purpose of Turbo was strictly to speed up connections by compressing web content - though if you use a metered service (like most mobile data plans) it also reduced your total data usage. But I did say "was", as Turbo is being dropped from the desktop browser and will not be available in version 60.
-
blackbird71 last edited by
@sgunhouse Indeed, I meant that a VPN will never increase the connection speed. I'm sorry for any confusion I created... I was thinking in terms of a VPN never reducing connection and transit 'times' across the connection network, and the other side of my brain led me to type connection 'speed' instead.
-
A Former User last edited by
That's just my personal assessment, but I wouldn't rely too much on the assumption that VPN use can really reliably hide my Internet activities, especially if my freedom and well-being depend on it.
For example, users of the TOR browser should know that some of the VPN servers they contact are operated by security agencies that may share their findings internationally and without much thought about exposing innocent people to danger.
I do not have by far the profound knowledge like @blackbird71, but I follow the relevant news with interest. I read, for example, that highly specialized companies worldwide distribute software for analyzing Internet traffic and for determining disguised identities, and that many buyers of such software are dictatorships. These companies are very successful with their products.
I am happy every time I read that investigating authorities have succeeded in tracking down criminals in Darknet, for example, but every time I also become a little bit more aware that the idea of anonymity in the Internet (via VPN) is ultimately a dream: A disclosure of someone's identity seems to depend only on how much ambition and interest the persecutors of any kind are willing to spend on it.
-
blackbird71 last edited by
@yanta said in Basic VPN Questions:
... For example, users of the TOR browser should know that some of the VPN servers they contact are operated by security agencies that may share their findings internationally and without much thought about exposing innocent people to danger.
THIS!!
Without moving too far into the realm of paranoia, my advice for those considering the use of VPNs or Torrent specifically to bypass censorship from local authorities is to always carefully count their costs, which includes gaining enough clear understanding of how the bypassing works to intelligently balance their risks/rewards.
VPN security depends on: its encryption techniques to obscure traffic content, the VPN's server security, and the VPN's organizational trustworthiness not to create traffic logs (or to reveal them if they do). BitTorrent security depends on: the integrity and balance of the dispersed 'swarm' user-relays to obscure a given user's traffic, as well as the encryption employed if the user independently is applying that.
Both technologies will betray the fact that they're being used to access the Internet, and both have finite weaknesses in terms of blockability and/or covertly being monitored. Using the Internet, no matter the technology, involves using a public, shared network for at least some of the traffic path; there will always be those sufficiently determined and well-funded who will find ways of prying open public traffic content and snooping within it. A user wanting to bypass censorship should, indeed must, always soberly consider how important the purpose and goal of their bypassing are to them and the personal costs of being discovered and sanctioned by the censorship authorities. In some places on the planet, the consequences can be mortal.
-
A Former User last edited by
I wanna bump this and piggyback with my own question about the VPN. For some reason, on this version on this computer, there is NO VPN option. It only offers to sell me SurfEasy. On my other five devices, there is the VPN. I prefer my anonymity. Can anyone tell me what's up?
-
blackbird71 last edited by
@mcmahon85 Also, from where was that version downloaded and installed (the one without VPN)?
-
A Former User last edited by
the consequences can be [...]
Since the OP also asked concretely about the security of Opera VPN:
Some VPN providers offer to choose between different VPN protocols, and in this context they point out that e.g. PPTP and L2TP-IPsec offer a lower security level (*):
Is it known which VPN protocol the Opera web browser uses?
(* Example)
-
blackbird71 last edited by
The VPN/proxy subject can get complicated, since there are a fair variety of protocols and encryption levels/features that can be employed in combination, depending on what the service provider offers and the user chooses to do. There are multiple tradeoffs of security, speed, system compatibility, and ease-of-use with the different protocols and combinations.
Suffice it to say that a proxy is simply a server that stands in the path between a user's system and a target website. If the proxy is 'anonymous', it provides the website with the server's IP address rather than the user's IP, which hides the user from the website (at least in terms of the user's IP address). If the proxy uses traffic encryption (typically https) from the user to the proxy server, the website IP the user is seeking will also be encrypted into the traffic moving from his system to the proxy server's IP, and thus will be hidden from prying eyes at that end of the path. Likewise, if traffic encryption is employed by the proxy server, the traffic content coming back from the website will also be encrypted on its way down to the user.
A true VPN may employ a variety of transport protocols (UDP, TCP, L2TP, PPTP) along with IPSEC, OpenVPN, etc. and various encryption protocols. It also functions much like a proxy, but with more extensive packet encryption and tunneling capability, usually needing to utilize a non-http/https port through the user's firewall. Consequently, system provision may have to be made for that (in the firewall and antimalware programs). The tradeoffs between the various VPN protocols have to do with traffic speed, efficiency, packet reassembly, levels/layering of packet encryption, complexity of setup, etc.
In general, a well-set-up, true VPN will offer more robust and flexible security against traffic snooping than an anonymous proxy. However, it's important to realize that the user's employment of either a proxy or true VPN is itself detectable via traffic sniffing of the proxy/VPN IP affixed to the data packets from the user to the proxy/VPN server... that in itself may constitute a 'red flag' to snoopers, who may then either apply deeper attempts at cracking or place the user on a "watch" list.
Opera's 'VPN' indeed acts as an anonymous proxy, which is sufficient for most 'ordinary' anonymous web browsing. However, where undesired detection of the user's browsing presents a critical risk to the user, they would probably be better served with a full-blown VPN at maximum security or with encrypted usage of BitTorrent. Even then, there will exist the vulnerability that their use of the VPN or BitTorrent will be detected, and there also remains a finite risk of cracking of the traffic regardless. This is why I stressed the caveats earlier that in such cases a user absolutely must understand the tradeoffs and risks in depth (not just based on advertising claims), and all that goes well beyond the level of these forums.