You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 108 users / day
- 435 users / week
- 1.32K users / month
- 4.54K users / 6 months
- 1 subscriber
- 4.37K Posts
- 111K Comments
- Modlog
The only thing you gain from VPN is that the target server does not know your IP.
HTTPS is safe anyway and as such also the content of what you do.
The only other way you may leak information are DNS queries.
Not necessarily true. A VPN also prevents the ISP from collecting data on all of your connections. Currently ISPs (in the US at least) collect and sell what sites you visit even if they can’t see the data due to HTTPS. Additionally, some have implemented, but then removed due to backlash but may implement again some day, MitM attacks on HTTPS connections in order to insert ads. Using a trusted DNS server that they don’t also intercept can help avoid this, though. With a VPN the ISP won’t see any of this, only the connection to the VPN server and have no way to insert themselves as long as they don’t intercept the VPN connection itself before it’s established.
without encrypted client hello (which isn’t really adopted) the hostname ist submitted in plaintext, unencrypted. so the ISP can totally see which websites you‘re going to, even it you use a secure dns server
That should only happen with SNI, no?
deleted by creator
The queries are known to the DNS provider. Only thing is to use one you trust.
Couldn’t you run a DNS resolver that pings the authoritative servers directly? Yes initial requests will be slower
Who says the authoritative servers aren’t logging requests?
True but it seems to me that it’s an advantage to have your IP logged in this more decentralized way. most resolvers also cache the answers so it would be only logged the first time you visit a website.