privacyguides/privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

vpn: add links & bold to not eDNS+Tor

Browse Source
This commit is contained in:
Mikaela Suomalainen 2019-09-23 22:26:25 +03:00
parent 033a9e96e2
commit d0002832be
No known key found for this signature in database
GPG Key ID: 0C207F07B2F32B67
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pages/providers/vpn.html
View File

@ -144,9 +144,9 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
<h3>What if I need encryption?</h3>
<p>In most cases, most of your traffic is already encrypted! Over 98% of the top 3000 websites offer <strong>HTTPS</strong>, meaning your non-DNS traffic is safe regardless of using a VPN. It is incredibly rare for applications that handle personal data to not support HTTPS in 2019, especially with services like Let's Encrypt offering free HTTPS certificates to any website operator.</p>
<p>Even if a site you visit doesn't support HTTPS, a VPN will not protect you, because a VPN cannot magically encrypt the traffic between the VPN's servers and the website's servers. Installing an extension like <a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> and making sure every site you visit uses HTTPS is far more helpful than using a VPN.</p>
<h4>Should I use encrypted DNS with a VPN?</h4>
<p>The answer to this question is also the not very helpful <strong>it depends</strong>. Your VPN provider may have their own DNS servers, but if they don't, the traffic between your VPN provider and the DNS server isn't encrypted. You need to trust the encrypted DNS provider in addition to the VPN provider and unless your client and target server support encrypted SNI, the VPN provider can still see which domains you are visiting.</p>
<p>However you shouldn't use encrypted DNS with Tor as that would put all your DNS queries through a single circuit instead of separating them to different exit nodes and thus allowing the encrypted DNS provider to deanonymize you.</p>
<h4>Should I use <a href="/providers/dns/#icanndns">encrypted DNS</a> with a VPN?</h4>
<p>The answer to this question is also the not very helpful <strong>it depends</strong>. Your VPN provider may have their own DNS servers, but if they don't, the traffic between your VPN provider and the DNS server isn't encrypted. You need to trust the <a href="/providers/dns/#icanndns">encrypted DNS provider</a> in addition to the VPN provider and unless your client and target server support <a href="https://www.eff.org/deeplinks/2018/09/esni-privacy-protecting-upgrade-https">encrypted SNI</a>, the VPN provider can still see which domains you are visiting.</p>
<p>However <strong>you shouldn't use encrypted DNS with Tor</strong> as that would put all your DNS queries through a single circuit instead of separating them to different exit nodes and thus allowing the encrypted DNS provider to deanonymize you.</p>
<h3>What if I need anonymity?</h3>
<p>VPNs cannot provide strong anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data.</p>
</div>