If you’re using a VPN to stay safe, this will anger you.
You were told a VPN would shield you. Protect your data. Keep you anonymous. But what if the tool you downloaded for privacy was literally designed to watch you?
This video uncovers the full story behind the most dangerous VPN ever made—used by Facebook to spy on teenagers—and how today’s most trusted VPNs are following the same exact blueprint.
If you’ve ever felt unsure about who to trust online, this video will give you the receipts, the checklist, and the countermeasures you actually need.
Inside this video, you’ll learn:
• How Facebook turned a “privacy app” into a surveillance weapon
• The Israeli cyber intel unit behind Onavo and why it matters
• What Project Ghostbusters did to break HTTPS encryption
• Why 20+ top VPNs are secretly owned by spyware vendors
• The real story behind ExpressVPN, Kape Technologies, and fake “independent” review sites
• The 7-point checklist every VPN must pass to be trusted
• Better tools to protect yourself: DoH, hardened Firefox, Tor, browser isolation, and more
A VPN is not a privacy tool. Any VPN being sold on the claim that it protects your personal data is lying.
Yes a VPN can help, but simply using one does almost nothing, by itself, to protect your privacy.
Would you care to expand upon this point? I know that a VPN is not going to protect me from everything, but “almost nothing” seems harsh.
I would like to know more.
You just move your trust from your ISP to the VPN.
For many, that might be a sensible choice though. It also moves trust from Google to the VPN as well.
It’s all a question of threat model. If you are a government or megacorp whistleblower, don’t use NordVPN. If you want to get around regional restrictions and general tracking, VPNs are nice.
At least in the US, we 100% know our ISPs are evil and spying on us.
I can take a stab at this.
So let’s talk Internet traffic first. When you go to a website, your device first has to do a DNS lookup to find out the IP address that corresponds to youtube.com. The DNS server sees your IP address and probably logs that request, and that it has responded. Next, your browser attempts to connect to the IP, get a response from youtube, and render it.
If this was back in the day, youtube would probably let you connect with an unencrypted connection -
http://youtube.com/, but pretty much everyone uses https these days (SSL encryption).Encryption is basically just a way to secure a connection from eves droppers (namely, your Internet service provider/government). But the end points of the encrypted communication (in the example above, your device and youtube) is decrypted at your browser and at their servers. All your ISP can see is the DNS lookup (assuming you are using their DNS servers, or that you aren’t doing something like DNS over HTTPS - encrypted lookups), after that all the youtube traffic is encrypted so your ISP just sees a bunch of data going to a specific IP address.
So what does a VPN get you?
Well, now your source IP when you reach youtube isn’t your phone or your home in Ohio, it’s wherever that VPN terminates. This is probably the best use for VPNs - to get around region locks.
Your local ISP only sees the DNS request, then a bunch of encrypted traffic (same as before).
But critically, the VPN owner can log every single bit of unencrypted traffic that passes through. Also, they can link your behavior to a paying account via username/password and payment methods (not great for privacy). They effectively fill the role of your original eves dropper - your ISP.
So what did using a VPN actually do?
The only other thing I’d say is that VPNs + torrents can may e protect you from DMCA take down notices. It’ll be that VPN termination IP that shows up in trackers, not your ISP provided IP.
I think I’m dramatically overestimating normal people’s understanding of computers.
I know a VPN isn’t a cloaking device. I just want my ISP to not know what I’m looking up, and my website top not know where I am located.
Yeah the whole reason I started using a VPN was because the United States government made it legal for Internet service providers to sell our browsing data, and I am forced to use Comcast due to a monopoly in my area on broadband Internet, and I want to give them as little profit as possible.
A VPN will help with the first, but probably not the second item.
GeoIP lookups will get fooled by VPNs, but that’s not the only way to figure out where you’re located. A browser leaks a ton of information that can be used to validate your location, and public VPN endpoints are fairly well known (that’s why you can see YouTube/Netflix blocking known VPN egresses.
Knowing I’m using a VPN is not the same as knowing where I’m using it from.
The browser thing is bloody irritating, though.
Also web tracking is not stopped in any way by VPN.
People buy a VPN, log into Facebook and Google and expect to browse privatly…
It’s kind of like if you hired me to browse the internet for you.
Am I gonna protect your privacy?
If you don’t trust me - random guy - why trust VPN company - with vested financial interest in collecting and selling your data?
Not to mention browser issues.
Pooling connections does really mess with fingerprinting though
A VPN just means you’re relying on someone else to obscure your identity. It can absolutely protect your privacy, but it’s fully dependent on trust.
Really comes up against what you want to protect yourself. it can be a privacy tool , its not a anonymous tool.
This is literally exactly what the video explains from 10:30 on.
(Edit: autocorrect)
Except the video took 10 whole minutes to get there and probably wasted more than 2 sentences describing the problem.
I hate videos that could just be a 2-minute read.
The video is about a whole lot more than just that. I found it quite info dense and appreciate that someone posted it here