1
0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-07-03 01:52:39 +00:00
This commit is contained in:
mfwmyfacewhen
2023-05-16 23:22:38 -05:00
committed by Daniel Gray
parent 036fe57eb4
commit cebae83f14

View File

@ -55,7 +55,7 @@ VPNs can't provide anonymity. Your VPN provider will still see your real IP addr
Encryption offered by VPN providers is between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Always check for the lock icon in your browser's URL bar to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
## Should I use encrypted DNS with a VPN?