technology

23296 readers

236 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 4 years ago

MODERATORS

Jadzia_Dax@hexbear.net

blashork@hexbear.net

context@hexbear.net

EmmaGoldman@hexbear.net

SexUnderSocialism@hexbear.net

gaycomputeruser@hexbear.net

ZoomeristLeninist@hexbear.net

VPN Recommendations for left organizing? (hexbear.net)

submitted 4 months ago by MayoPete@hexbear.net to c/technology@hexbear.net

30 comments fedilink hide all child comments

With ever more Supreme Court fuckery going on I'd like to help comrades in my local org be better secured against potential breaches.

Ideally I'd like to recommend 1-3 options that meet these needs:

Easy to use
Can be used on phones as well as mobile devices
Doesn't retain any network traffic data

Any ideas on what options we have?

you are viewing a single comment's thread
view the rest of the comments

[–] silent_water@hexbear.net 5 points 4 months ago (1 children)

under most cases, they only have this data via DNS. it's encrypted once the actual https request is made - only the destination ip address is available at that point. so encrypting DNS and securing that is probably more important than the protection a VPN provides. if you use a VPN without some form of DNS encryption, you're trading one ISP you don't trust for a second you shouldn't trust but inappropriately are. DNS anonymization is an extra step you can and should take to ensure you're not trusting your DNS provider, either - it works by tunneling encrypted DNS requests through shared, public relays.

what you actually need a VPN for is to mask your ip address to the website you're visiting and to mask the ip address you're visiting from your ISP. these are important considerations but it's useless if you don't first protect DNS, ensure you can't be tracked via cookies/be fingerprinted, and ensure you're only connecting to websites over https.

VPNs are an important and useful tool but they're not the first or best tool for digital hygiene. you have to tackle each layer, one at a time. start at the top and work down the hierarchy.

[–] sovietknuckles@hexbear.net 7 points 4 months ago

it's encrypted once the actual https request is made - only the destination ip address is available at that point.

HTTPS includes the domain of the site you're visiting in plaintext, and your ISP will get that information about every request you make unless you're using a VPN/a proxy/Tor, DNS aside.