We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
VPN providers...Express VPN or something else
cem
Posts: 391 Forumite
in Techie Stuff
Looking at making lal of my traffic private / encrypted so the big brother is not watching everything..ExpressVPN offers a service where you encrypt at a router level https://www.expressvpn.com/vpn-software/vpn-router
Has anyone used them? Thoughts, experiences would be appreciated.
Many thanks in advance
Has anyone used them? Thoughts, experiences would be appreciated.
Many thanks in advance
0
Comments
-
Looking at making lal of my traffic private / encrypted so the big brother is not watching everything..ExpressVPN offers a service where you encrypt at a router level https://www.expressvpn.com/vpn-software/vpn-router
Has anyone used them? Thoughts, experiences would be appreciated.
Get a grip? If you are connected via https then your traffic is already encrypted. A VPN won't stop them intercepting your traffic at the ISP gateway and do packet sniffing if they really really wanted to. At some point it has to go from your PC to your ISP.This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com0 -
Paranoia will get you nowhere...0
-
I'm in the paranoia, tin foil hat camp - give nobody nothing, or at least make their attempt very difficult.
It is true that if you use https, all your isp will see is the site name, the amount of continent you access and the time taken to access the content, they wont see the individual web pages you accessed easily, but there are ways it can be cracked.
The tricky bits are page redirection and embedded stuff to third parties, where you have no real idea if you are using http or https and content targeted marketing advertising may hint at what you are into
I have never used them but winscribe offered free useage of about 10GB a month
If you use public hotspots, your computer in conferences, any open networks, or any network you do not trust, then vpn is the way to go as it will stop people sniffing your accounts and passwords etc.
Edit: lifetime offer for £49.99 for pro version???
https://sharewareonsale.com/s/windscribe-vpn-lifetime-subscription-91-discount0 -
I really want to know how TLS can be cracked where a modern certificate, plus fully patched browser and web server are in use.It is true that if you use https, all your isp will see is the site name, the amount of continent you access and the time taken to access the content, they wont see the individual web pages you accessed easily, but there are ways it can be cracked.
I'm talking about personally owned computers in the home here, not those running in AD, locked down under the control of corporate IT department (where anything can be monitored, including https transactions - I won't explain how but those in IT will know)Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 20230 -
onomatopoeia99, you could be right. The problem you are only as secure until the next vulnerability is found.
The other problem is that when you connect, you cant really be to sure with whom you are connecting, and if they have been patched their servers.
I personally know someone that stayed in an airport Hilton overnight and he was compromised. He got a nasty bit of s/w that captured his keystrokes and then phoned home. Nine months later he had other problems and I discovered this unrelated keyboard capturing issue, but he did not even know he had an issue.
[FONT=verdana, geneva, lucida, lucida grande, arial, helvetica, sans-serif]Wonder if the IT guys at Appleby's - the Paradise Paper leak are still employed there? 1.4T of data going out the door smacks of a data [/FONT][STRIKE]hemorrhage[/STRIKE][FONT=verdana, geneva, lucida, lucida grande, arial, helvetica, sans-serif] leak?[/FONT]
[FONT=verdana, geneva, lucida, lucida grande, arial, helvetica, sans-serif]
[/FONT]
[FONT=verdana, geneva, lucida, lucida grande, arial, helvetica, sans-serif]Personally, I'd rather side with caution.[/FONT]0 -
onomatopoeia99 wrote: »I really want to know how TLS can be cracked where a modern certificate, plus fully patched browser and web server are in use.
I'm talking about personally owned computers in the home here,
Zero day exploit, they're being found all the time. There's an annual security expo where Google, Microsoft, Apple etc will put up their fully patched browsers and operating systems and every single year they're cracked usually within a few hours by using methods previously people weren't aware of.
RC4 which TLS uses has been cracked in as little as 320 hours. Wifi WPA2 has been cracked so an attacker can now read all information passing over a wifi connection encrypted by WPA2 as pretty much everything is. Job done.
It wasn't that long ago that it came to light you could bypass all of Linux's log in security on almost all distros just by hitting backspace 28 times.This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com0 -
RC4 has been prohibited in TLS for almost three years and its problems were known long before that.RC4 which TLS uses has been cracked in as little as 320 hours. Wifi WPA2 has been cracked so an attacker can now read all information passing over a wifi connection encrypted by WPA2 as pretty much everything is. Job done.
I still want to know how to decrypt intercepted data secured with TLS using current encryption methods (and I expect the NSA, GCHQ and others would like to know as well).
The problem with WPA2 is an implementation one - that is, a bad implementation allowed a vulnerability which in turn allows (in a combination of circumstances by an attacker in close physical proximity) data exchanged over wifi to be monitored, rather than there being a fundamental problem that cannot be fixed without an entire new protocol. Not that my opinion on wifi has changed since forever: don't use it for anything important, always use a proper ethernet cable instead.Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 20230 -
onomatopoeia99 wrote: »I really want to know how TLS can be cracked where a modern certificate, plus fully patched browser and web server are in use.
As i suspect you already know - this would take an INCREDIBLY long time using current methods.
But the problem is, there are ways to circumvent the implementation of TLS occuring in the first place.
In a live environment, one can use the SSL strip feature of a Kali linux as part of a MITM attack.
Although this isnt cracking ssl as such, the results are the same.0 -
I use NordVPN - very happy and you can implement this at the router level as well. I don't, because I want to choose the country I'm connecting to more often than not, which is great for content hopping (e.g. watching US Netflix content, or when travelling being able to watch geo-restricted UK content such as iPlayer).0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.8K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 453K Spending & Discounts
- 242.7K Work, Benefits & Business
- 619.5K Mortgages, Homes & Bills
- 176.3K Life & Family
- 255.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards