vpn: encourage encrypted DNS & linkify https #1340
No reviewers
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1340
Loading…
Reference in New Issue
No description provided.
Delete Branch "vpn-warning"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Resolves: #1314
https://deploy-preview-1340--privacytools-io.netlify.com/providers/vpn/
Deploy preview for privacytools-io ready!
Built with commit
cf57d26ec8https://deploy-preview-1340--privacytools-io.netlify.com
Logic flaw. Encrypted DNS comes before HTTPS.
I rubber duck debugged this in the new issue page.
🌐 Website Issue | VPN questions / encryption doesn't mention encrypted DNS and may be a bit misleading
#1207 not fixed by #1340.
Nope, your DNS traffic is announced and modifiable in plain text unless you run a local DNSSEC validating resolver (which will only help with DNSSEC-signed domains), so better advice would be to encrypt DNS.
However that doesn't prevent SNI from leaking where you are connecting to except in the rare cases of using FIrefox + DoH + Cloudflared domain.
So maybe there is a missing question on whether I should use encrypted DNS with a VPN?
How about additional informationing self-contained networks to poke more holes into why someone would want a VPN? 😸
@ -12,3 +12,3 @@<p class="card-text text-danger">If you are looking for <strong>anonymity</strong>, you should use the Tor Browser <strong>instead</strong> of a VPN.</p><p class="card-text text-danger">If you're looking for added <strong>security</strong>, you should always ensure you're connecting to websites using HTTPS. A VPN is not a replacement for good security practices.</p><p class="card-text text-danger">If you're looking for added <strong>security</strong>, you should always ensure you're connecting to websites using <a href="/providers/dns/#icanndns">encrypted DNS</a> and <a href="https://en.wikipedia.org/wiki/HTTPS">HTTPS</a>. A VPN is not a replacement for good security practices.</p><p class="card-text text-secondary">If you're looking for additional <strong>privacy</strong> from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand <a href="#info">the risks involved</a>.</p>This is the main fix for #1314.
I am not entirely happy with this, but I welcome better suggestions. Otherwise I would say that it's good enough.
I think it's a fair warning even if maybe misplaced.
This was missing the fact that DNS was most likely unencrypted.
Don't forget what VPNs were originally for. And keep Tor hidden services and similar in mind :)
suggestion to add a semicolon after "helpful":
Suggestion: I think we don't need to hyperlink in this title since we already link to that page within the body of text.
Just a suggestion, a bit more terse:
looks great!