Which VPN?

Krakkkers

Currently with PIA but subscription about to expire, is there a better, more secure one?

bob2302

You might want to say why you want a VPN, and more secure from whom. Paying for a VPN just to make you more secure in general has become pointless.

Bradden

bob2302 said:

You might want to say why you want a VPN, and more secure from whom. Paying for a VPN just to make you more secure in general has become pointless.

Why do you say it's pointless?... I believe it's a sensible precaution when using public wifi networks. I personally recommend express VPN.

HillStreetBlues

I went with NordVPN, no complaints, I did chose it because of price (40p per month after cashback)

bob2302

Bradden said:

bob2302 said:

You might want to say why you want a VPN, and more secure from whom. Paying for a VPN just to make you more secure in general has become pointless.

Why do you say it's pointless?... I believe it's a sensible precaution when using public wifi networks. I personally recommend express VPN.

When VPNs first became popular a lot of internet traffic was not secured and it was possible to read packets and extract passwords etc. These days everything is secured by TLS. . 

Krakkkers

I went with NordVPN.

Tassie_Devil

I use NordVPN. 

PHK

bob2302 said:

Bradden said:

bob2302 said:

You might want to say why you want a VPN, and more secure from whom. Paying for a VPN just to make you more secure in general has become pointless.

Why do you say it's pointless?... I believe it's a sensible precaution when using public wifi networks. I personally recommend express VPN.

When VPNs first became popular a lot of internet traffic was not secured and it was possible to read packets and extract passwords etc. These days everything is secured by TLS. . 

The flaw here is that initial https headers are sent in the clear (because they happen before the web site is contacted and so you can’t have set up encryption). This means that whilst someone who was snooping can’t see what you are doing they can see what you sites you are contacting. 

If that concerns you (because you might be profiled by what sites you visit) then a VPN is a good idea. Preferably an onion router with many layers. 

bob2302

PHK said:

bob2302 said:

Bradden said:

bob2302 said:

You might want to say why you want a VPN, and more secure from whom. Paying for a VPN just to make you more secure in general has become pointless.

Why do you say it's pointless?... I believe it's a sensible precaution when using public wifi networks. I personally recommend express VPN.

When VPNs first became popular a lot of internet traffic was not secured and it was possible to read packets and extract passwords etc. These days everything is secured by TLS. . 

The flaw here is that initial https headers are sent in the clear (because they happen before the web site is contacted and so you can’t have set up encryption). This means that whilst someone who was snooping can’t see what you are doing they can see what you sites you are contacting. 

That's a privacy issue, not a security issue. And it certainly doesn't protect you from the VPN company knowing  what  sites you visit.

FWIW websites are secured before http headers are sent - there's such thing as an https header. The  privacy from onion routers doesn't depend on the number of nodes beyond 3.

PHK

The destination website is still sent unencrypted in an https header. 

I disagree that it’s only a privacy issue. Data can be combined to cause a security issue.  You could for example, find out who someone banks with and use that for a phishing or social engineering attack. 

bob2302

PHK said:

The destination website is still sent unencrypted in an https header. 

I disagree that it’s only a privacy issue. Data can be combined to cause a security issue.  You could for example, find out who someone banks with and use that for a phishing or social engineering attack. 

Again, there is no such thing as an https header. HTTPS is HTTP over an encrypted connection.- the encryption is in place before any such headers are sent. The fact that so few people understand the basics of this is why VPNs are so easy to mis-sell.

A TLS connection will reveal the destination IP and it may reveal an additional host name that isn't already available through dns. Do you seriously think this is why most people are paying for a VPN?