VPN companies are usually private companies. There is no way to know how and if they are making money. The fact that they have so much money to sponsor RUclipsrs is a gigantic red flag.
Wise man Tom Scott once said "You need **beep** VPN. The best choice gay people, pirates, assassins and gay pirate assassins" His video on VPNs was legendary
Depends on your use case... people are so tarded it's funny...and seriously sad. Also... if you can't see the clickbait titles of this channel someone knifed your eyes out 😂
Good take, terrible solution. Recommending AWS of all cloud providers available is very funny. You know, the Amazon company is very famous for being "good".
your traffic is encrypted as well under ALOT OF VPNs, or atleast they claim so, does anyone know if Nord is trustworthy? even if you did illegal activities?
Amazon has virtually no control on the data you store on AWS. The reason why the solution is terrible is not because it's on AWS, the solution is terrible because handling servers is a pain in the ass if you are not a system engingeer... and at that point, I'd rather pay 200$ for two years of VPN + 1TB of cloud storage like some promo NordVPN sells from time to time.
The thing is I don't care if the VPN is recording my traffic. It is encrypted, and I have to trust the destination server anyway. I pay for a VPN because I trust literally every VPN company more than my ISP who'll shut down my service when the MPAA sends them a C&D notice about me.
The greatest use case for VPN's is piracy. On top of that, Amazon AWS is a bad solution, if you want to have the proper VPN experience (Servers in multiple countries) that means you would need to buy multiple servers, in the end, this would cost you more money than using your typical VPN service, you solved the problem by making it worse.
I think there are few more benefits for using paid services. - I want to use Japanese, USA and many other Country's IP addresses but buying many VPS instances will cost me very much. - I want a well made graphical user interface. Like when jumping between multiple regions, I don't want to do manual setup every time. I just want to click a pretty widget on my home screen. - Do you live in USA? Then you'll never understand, but most governments around the world are actually very authoritative on internet traffic. E.g, some Asian countries are very sensitive to sexual contents so they actively filter all traffics to such domains by screening SNI field.
Exactly, there absolutely are use cases outside the bs marketing, especially for self-hosted services. I really want to start relying on custom solutions and recommending others to do the same, but the biggest obstacles are flexibility and ease of use. For example, where can you find an app for self-hosted VPN that supports at least Windows, Linux, macOS and Android? A preferrably FOSS client that allows you to connect to your custom VPN servers, be it OpenVPN, IKEv2, WireGuard, etc. and being able to split tunnel (include or exclude) different user applications and IP address ranges? No such thing exists yet, at least to my knowledge. I have asked around about this in the past, consulted people that I know in the sphere, but nobody could point me towards what I was looking for. I would even be happy to help develop such project together with some knowledgeable people, but I don't know C well, or understand the underlying network stack of the OSes to work efficiently on this scale. To be fair I'm not surprised nobody has taken the burden to work on something like this, knowing the time and effort it takes to maintain cross-platform applications.
Wireguard android app has a nice UI, can import all the tunnels you need, and you can switch VPN from quite the title or from the app (it shows the list of all your tunnels)
@@reinmarvonzweter666 Still got your God given downstair organ Xir? Not sure what explicit proof you're after, other than the fact that various bodies of the world government are known to leverage private companies/NGO's to conduct their business. The idea that we're all being monitored is far from a crazy stretch, it's rather a well established fact at this point. To suspect private companies that handle ALL your internet traffic to at the very least profit off the intercepted data, is a healthy take given the circumstances. It's important to understand that a "no-log" policy is not the same as "no data retention", and these )ews always get at us through cleverly worded phraseology. If they supposedly kept no data at all, how is it that the police can intervene and request data leading to arrests? On top of that, each vendor audit is always performed by one of the top globochomo firms, which shouldn't come as a surprise. Jed Cheng made a great point down below. "VPN companies are usually private companies. There is no way to know how and if they are making money. The fact that they have so much money to sponsor RUclipsrs is a gigantic red flag." Go figure you foolish imbecile
@@CrittingOut Only works if more people actually used Tor. ISPs and/or the network admin of your LAN (as in the case of dorms) will see that you're the lone person using Tor in the network/region which will put a gigantic red flag on your back immediately. See the Harvard bomb threat incident. A random VPN server you connected to wouldn't raise as big a red flag.
The only paid VPN I'd trust if self hosting is not an option (which let's be honest, it's virtually always an option) would be mullvad for two reasons: they almost don't advertise, so it feels less sketchy, and they accept both cash and XMR, so you can limit the data you share with them...
Sounds exactly the opposite to what you say to me. If it isn't advertised, then it is a: bad or b: hidden purposefully. You wouldn't want to use it in both cases imo. In any way, there are lots of paid vpns that don't ask for any personal information whatsoever. Some only ask for an email, for example. You can use a temporary email and they will randomly generate a login and password for you. You can use a prepaid visa card which couldn't be tracked to you for your payment (it is grey but). Pair it up with zero logs policy (better if it is proved by a third party) and I don't see a reason to avoid vpn at all. If you need it, that is.
@@twothreeoneoneseventwoonefour5 They have large ads on trams here :D Mullvad has zero logs, they don't ask for email and you can send them payment in cash if you so wish. They are a great VPN
@twothreeoneoneseventwoonefour5 using a temporary email is not a good solution (especially if you buy long term subscription). The day you will want to connect from another PC or device and they will send you a 2FA code on your temp email, you will be in trouble. Also, temporary cards are linked to your bank account anyway. I tried different VPN and I found Mullvad looks like the most trustworthy: no personnal information asked (no email, no phone number, no login), and you can pay with crypto (especially XMR), leaving few financial traces. Also, they claim zero log policy, but like with every VPN, it's hard to verify. I think CyberGhost got in troubles (or their CEO) and we learnt that finally they were logging traffic.
This is called falling for a honeypot. Whether it being a honeypot is on purpose or not, doesn't really matter. Unless you know you want to avoid your ISP specifically for some reason. It really is equivalent to getting a second ISP.
@@mskiptr It is not equivalent, literally because you are choosing dear. Do you understand the difference between being forced to hand over your data to an ISP that you are not sure is reliable or not, and choosing a company or institution that you ? Because this is what defines privacy, it's choosing who you want to hand over your data to, it's having that right to choose, in any instance using the internet will leak your data to , the choice of is which will set the level of privacy. And of course, of course you could be wrong in your choices, but that doesn't take away from the criterion that they were choices and not something practically inescapable like an ISP.
@@diadetediotedio6918 Being able to choose is good for your privacy, but that doesn't change the fact that using a VPN always increases the number of parties that get to touch that metadata and doesn't change the fact that a VPN company will always be closer to being a honeypot then an ISP. When you're using the internet with only your ISP, they get to know: a) your billing information b) which servers you connect to c) when you're using the internet d) how much data you're using e) which protocols you're using (web, e-mail, torrents, etc.) (and the routers along the way can learn everything except a - just with less certainty) When you add a VPN into the mix, it's them that know that instead. And your ISP still knows a, c and d. As for the routers between you and the VPN, they can see c and d. The routers after the VPN learn what routers in the no-VPN case did, except sometimes mixed with traffic from other people using the same VPN server - as opposed to other people behind the same NAT. And why VPNs are basically honeypots? Because you're going to use them across many devices and from different locations. Thus, the VPN company can learn a lot more about you then your ISP ever will. There are some situations when getting a VPN makes sense, but doing so will be good for privacy only in vary rare and specific cases.
@@mskiptr 1. This information about my devices is of absolutely no use when I am using a paid VPN with anonymous methods, they will only be able to sell general and not specific data about me (if they are going to sell it), so it doesn't make much sense what was stated here. 2. About 'd', you can judge this in many ways, as the data is encrypted (and depending on the encryption method used) they (ISP) may get inaccurate information about my data usage, still I will concede this point as the variability will depend on several factors. 3. Routers cannot know from 'b' to the point where we are on the VPN servers, because the network traffic is encrypted, they will only know that I am directing my data to VPN servers (and in some VPNs some relay servers are partially community and distributed, which makes it difficult to use this information for something useful). After the VPN the routers will know about 'b', but this information will be practically useless for them. Point (1) defeats your assertion that VPN's are honeypots, if my identity is anonymous (and there are VPN services capable of being used basically completely anonymously) then there is no way for them to learn anything useful about my behavior, all they will know is my origin IP (and they won't be able to know if it's my home IP, or if I use some other service before theirs, etc). (2) and (3) are bonuses.
@@diadetediotedio6918 If you get an anonymous VPN service (pay with crypto, etc.) then sure. Especially if you use many different VPN servers and remain anonymous to them (and not just pseudonymous).
I use a paid VPN for geofencing reasons. I'm an expat living abroad and there are particular things I need that are geofenced inside my native/home-country. But regarding the privacy concerns, I totally agree with you.
There‘s also the case of bypassing firewalls though - e.g. some restaurant Wi-Fi‘s or university networks won‘t allow you to connect to anything that isn‘t on http or e-mail ports, or even do packet inspection to even block any OpenVPN traffic on 443, which sucks if you happen to need to ssh into some server or just plain use an app which needs to connect to something that isn‘t http.
Love your videos, not sure about this one. There are numerous reasons to use a VPN which have already been pointed out. I also don't trust AWS any more than any decent paid VPN plan (pointed out in comments as well). What I'd like to add is that I don't find the pricing suspiciously cheap at all. A few dollars per month seems reasonable to me. In one of LTT's more recent WAN Shows it was actually brought up that they looked into building a VPN, and the profit margins would have been huge (they did not pursue the market because of legal issues). Let's not take their word for it though: Take your $10 a month AWS VPN, how many people do you think you could serve a VPN connection to with that one instance? I don't think it would be unreasonable to say at least four, if I can push 2.5 Gbps on my router's Intel Celeron cpu, I better be able to reach 400 Mbps on my EC2 instance to give acceptable speeds to 4 people. At which point you're at $2.50 a month. Add in users who only need a vpn on occasion, dedicated hardware accelerators, bargaining power with data centers, and you're really paying basically nothing to host a VPN. The only things you need to worry about are lawyers and competitors. Tell Venture Capital about this business plan and flooding youtube sponsorships is easy. No data selling needed. I'm not saying that VPNs aren't selling your data, the free ones almost certainly are and some paid ones may be as well, but I think it's an error to suggest that there's no way they could possibly make any money without selling your data.
@@Winnetou17 if you use AWS to host it for you and multiple people, doesn’t that include the internet connection since you are renting a cloud service?
If you think about how little people will actually use a VPN and how little traffic they will put through it then it makes sense how they can charge so little. People using it to get around geo blocks probably will only have it on for as long as they need to, since connecting through other countries is slow. People using it for privacy will probably only keep it on when on public wifi so again they won’t use it much, same with people using it to get around restrictions on wifi. Say I was using the wifi on the train or bus or hospital or similar, who is to say that they aren’t collecting data on their free wifi and selling it or keeping logs of everything you do. I would far more trust a company I am paying, even if it is only a little, than I would a company offering free wifi. Same with things like university wifi or student accommodation “free” wifi, who is to say that these wifi providers aren’t tracking you and selling your information for advertising. These companies whole business is to make as much money as possible out of students, from expensive rent, to expensive laundry facilities, to pretty insecure wifi, I wouldn’t be surprised if they sold your data on the side too. In a previous student accommodation I was at, every device on the wifi was all connected to the same network, I could go and cast youtube to any smart TV in the building, a network scan brought up every device on the network, a building of over 500 people. What’s to stop some bored CS student from trying to mess with people or try to see what they can find. In that case I would much rather have the added protection of a VPN.
@@conorstewart2214 Yeah, I misread a bit, he started to mention things like a Celeron CPU and bargaining power with data centers and I thought he started to check how much it would cost if it would've been self hosted. For the AWS instance, the internet connection is included in those $10, of course.
I use a VPN simply because there are some companies/websites that restrict traffic from my country. For instance, Chat Jippidy isn't available to me unless I use a VPN.
That's a big hole in this argument, besides him arguing for using corporate vpns if you're hiding from your goverment.... even though in that case, besides big tech they have the easiest methods of spying on you vpn or not.
Amazon doesn’t care what you watch on RUclips don’t worry. The amount of people using aws as a makeshift vpn server is so small that the idea of Amazon risking billions in court and public image to get maybe 1000 extra dollars max is pure lunacy. Think logically not just “rich people bad popular video game bad iPhone bad government bad” hating stuff just because it’s popular or big makes you as basic as the rest. Instead, try to have an informed opinion and don’t be afraid to like or use a service just because other people enjoy it too.
I need to look into this more, but im pretty sure there’s encryption stuff that’s standard with VPS software that makes it really hard for hosts to look into the VPS, you’d want to check what the host in running though!
Im thinking about the same thing when it comes to these unreasonably cheap VPN services and good to know that Im not the only one having these concerns. Thanks for the content
They are probably unreasonably cheap because a lot of people buy them and only use it occasionally or just stop using it, if everyone used it all the time the network probably couldn’t cope and would cost the company a lot of money. If you can imagine people buy it just to get around geo blocking, how often do most people have to do that? And it slows down your connection, so most will have it switched off when not needed. They can probably offer it so cheap because of how little people actually use it.
Another important point is the claim "We don't keep logs". I've heard people, who should know better, make that claim that toward me, and my answer is always the same: Prove it. You don't trust your ISP when they say they don't slow down or monitor your traffic, but you'll openly believe X service when they say they won't. There's benefits to keeping logs, so I can't willingly believe any company who says otherwise.
The "We don't keep logs"-claim is insane. The vpn provider is relaying my data for me, but what if I start communicating with seedy people about toppling the government, sharing bomb recipes, joining isis and those sorts of things, is it really plausible that when the FBI tracks my traffic back to my vpn provider and kicks in the door, guns blazing, my vpn provider will take the blame for me for those 2-3 dollars per month I pay him? Would you trust a $3 body guard to take a bullet for you, heck no! So why trust a $3 vpn provider not to rat you out if things get rough? I trust my vpn provider to be a speed bump/inconvenience if someone takes interest in my torrenting, I trust him with my netflix watching, but that's it. I would never do my online banking and serious stuff like that through a vpn provided by some random guy.
@@strandvaskeren There's also the common carrier thing. A VPN can't be held responsible for what its users do on their service. Much like now a telephone company, AT&T for example, cannot be held responsible for someone using their phone to threaten violence towards the president.
$10/month for a dedicated AWS instance is actually pretty expensive by VPN standards. There are VPS hosting companies that offer instances for ~$2 or less. Or just get a cheap "unencrypted" proxy service.
I love this rant and it is so true. The wife has been getting a TON of VPN adds and brought it up to me. I'm just like "Why though?" The AWS instance idea is fantastic though. Nice!
Here is why I use a VPN: - I don't like that my government gets to tell youtube to tell me what I can and can not watch (I live in Canada, yes, there is content that is blocked in Canada and not in other parts of the world) - Region locked licensing is a garbage practice, it just punishes everyone else - I trust my ISP less - The VPN I chose has been proven in court not to keep logs
Another use case is not wanting to give my actual IP address to some sketchy website/service I want to use. But now that I think about it I could use tor for that as well. I have some Russian friends and I set up OpenVPN on my home network for them to use so they could access the internet freely, no need to anonymize here.
Not to the same extent as a VPN service does. Aws can track which IP addresses you are communicating with. And how much data is sent. But they can't read the data. They can't even tell that this vm is used as a VPN. Meanwhile, a VPN service knows exactly what you are doing.
As well as setting up a cloud server to be your VPN, you can also use an old PC or Raspberry Pi to do the same thing on your home internet. And unrelated to that, another use for VPNs is if you want to watch something that's not available in your country (like how Netflix has different shows depending on your location)
I'm using the free tier of AWS to make a VPN so I can have an alternative route to a game server and it's working great. Went from ~150ms to ~40ms. As for reasons to use a service: - Is convinient. - Has multiple servers in multiples countries: bypass regional blocking, alternative routes.
For me, I use a VPN for the following: 1. Downloading torrents. I don't want my ISP knowing since they have sent out passive-aggressive letters. I'll do this on my main laptop. 2. Exploring fake, scam, malicious and/or phishing sites. I usually do that in a VM with at least one VPN service (paid for). Always do a DNS Leak test before visiting any sites. That's all on an older laptop I use only for these tasks. I like seeing how the sites work, and see their vulnerabilities. None of my information, even my name, are associated with that laptop. If the drive or BIOS is compromised, break and chuck it. It's never come to that (knocks on wood).
Thank you for putting this out there. I for one, have to subscribe to a VPN service because of the former reason of the two. But I never, ever believe the ads saying that VPN could bring more security to your day-to-day interweb perusing.
Yes the someone in the connection I don't trust is my ISP who is legally obliged to hold all my browsing metadata for two years, for reporting to my country's government. Who's to say they don't also sell it to commercial third-parties? Also, the problem I have with setting up my own VPN on a cloud provider is that I don't get the benefit of mixing my traffic with many other users - it would make it easier for web sites to fingerprint me. P.S. is that a NordVPN sweater you're wearing? 😁
Would love a video on you building a VPN on AWS! I've thought about it but just haven't prioritized it enough. Totally agree with you on all points here, though.
What bothers me most about VPN providers is how they claim their service provides security against the "bad guys" and how those naughty hackers can no longer steal your data because of their protection. These ads are targeted towards the common man - as in they don't have an above average knowledge in cyber security. By far the biggest cyber threats for the everyday person are deployed through phishing. And no VPN provider offers you protection against such threats.
Yeah. And they also like to talk about how your ISP's spying on you through your traffic, so you should pay them so THEY could spy on you instead. If my ISP was caught spying on/selling my data, at least i have someone i can sue for damages in my local courts, what the fuck can i do if a random VPN i contracted leaked my data?
@@anomaly_echelon7994 the Cloud/VPS is hosted on a server not too far away from my own location, thus ping is lower. Instead having to play through steam's own server, which sometimes can get crowded, and probably hosted in a foreign country. I got far less timeouts after switching to VPN
@@redbuIIracing33 That's interesting, but can't you host it on your computer for essentially 0 Ping? Most modern computers are more than powerful enough to handle a few people on LAN Gaming sessions. Maybe it could be a Private multiplayer you're talking about but I could be wrong.
I use Tailscale to remote into servers I have behind several different NATs, as well as tunnel backups. I suppose it depends on your use case. I would never touch anything that claims to support OpenVPN, but I actually use a VPN as a private network, not as a proxy.
For use-case 1, there is TOR, which is intended for exactly that. I'd consider circumventing geo-blocking as the only legitimate use-case for VPNs (of cource, except the use-cases VPNs were invented for). VPNs also don't add any layer of security in practice, since practically all traffic to websites is HTTPS nowadays. And that uses the same technology as, for example, OpenVPN. Even if you are in an unsecured Hotel WiFi.
@@nexolec109 yes, if you have bad opsec it is painfully easy to get tracked by someone who wants to do it. but that applies to anything and not just tor i guess
3. Using a VPN can sometimes skip extra nodes youll encounter otherwise to get to a site faster, effectively speeding up your internet, but that mostly only applies to hotels or public networks.
Finally someone said that. It's the same with signal, telegram and e2e on apple. The worst thing is when this data is available to the company but not to democratically elected governments and agencies.
For me the whole paradigm of "modern" VPN services was confusing. I grew up with understanding that VPN stands for Virtual **PRIVATE** Network, in which Private means that you either own or trust both endpoints. All the YT ads and sponsored segments always made my left eye twitch a bit and raised my blood pressure...
I have one that I pretty much only use to watch athletic events that are blacked out in my market. I care about privacy, but that's not what I use my VPN for.
When I try to make this argument, they always point to DRM evasion. Can shoot down anything else with this logic but they're not willing to give up the piracy.
Agree with what you say, however I can think of two other reasonable use-cases. 1. When your employer blocks sites you want to visit - but isn't smart enough to block VPN traffic. 2. To watch TV shows from your home country when you're travelling abroad - which are often blocked. I'd not considered running OpenVPN on an AWS - that's a clever option. Instead I just run OpenVPN on an RPi on my home network. It seems to work OK most of the time and only cost a few $ for the hardware.
Another use is to watch videos online that are forbidden in your country. It could be seen as a lightweight version of the totalitarism state, except that it's typically enforced by the publisher, not the local government via the local ISP.
Alexa, please define 'authoritarian regime'. For some reason I cannot use r-word, n-word or f-word, t-word, etc. in playful and sarcastic context in youtube comments. =) Also AWS traffic may or may not be pumped through a some sort of TSA proxy. Saver then commercial VPN but not fool-proof. I guess gigachad way is to buy a raspberry pi, go to a different country and find a way to leave it connected to the internet and use it as a VPN.
One other reason to use a vpn when you're working is when you need to access some server that is only available in the local network. But you don't need to pay for a software to do that securely. At work we have an instance of openVPN where you need a couple of files (certificate, private keys, etc) and a set of credentials to be able to log in. Once I'm in I can use everything that is locally accessible there.
A VPN is also good when those other voyeurs are worse than your ISP. WiFi in the city can be as dangerous as wolves in the forest when you try to log in to your Google or Facebook account. It's always better to use your own LTE in the city. However, when the package is over, you are left with the risk+VPN=secure connection to a wi-fi network. Not every WiFi network is worth trusting.
Errr, my ISP likes to watch me and send threatening letters when I download an old movie or show you can't watch anywhere paid. They have a hard time doing that when you pay for a no-logs vpn. Also I work in places that have overzealous content blocking on their wifi so I can't use facebook messenger, twitter, or sometimes discord or youtube. The VPN makes it so they can't block me.
Another good use for VPNs: at work on their wifi and don't want your employer seeing your personal devices connecting to either non-work sites like RUclips, or actively searching Indeed or something for another job. A tool can have many uses, but people should be educated on what those tools do and when they should use them. I have no doubt my $2 a month Windscribe VPN service spies on me or sells my data, but if I wanted to avoid that I would use TOR or set up my own VPN hosts in various locations with AWS/Vultr/etc.
The only reason I use a vpn is to hide my IP when doing stuff that could leak my ip to people who would like do dox me, and I use it to view content on streaming services where it is region locked.
So now we're waitning for video how to create own VPN server ;) I wanted to make my own, but I think I still don't know enough. I have many questions about how VPN works, because in the internet most of sources don't explain how exactly it works.
There was a Defcon talk by some guy who setup a VPN and allowed the public to use it. Users were informed that all of their traffic could be seen by the VPN owners. People continued to use it though. Another misconception about VPN is that, those VPN companies have to follow the law. So if they receive a warrant, they have to hand over user data.
AWS - Ec2 instance + network + ebs & no data centres in certain countries which of content you may want to access . Usually the cost of running your own aws vpn is bigger than what specialised companies offer, especially when downloading a lot of data. tested myself.
Well with the OpenVPN on AWS you have more or less the same problem. Now all your traffic goes to Amazon. But yeah i get your point and these vpn ads drive me crazy sometimes...
There are a few VPN providers that I've found over the years to be trustworthy, but true, most are just looking to make a quick buck by selling data. They usually don't even set up their own hardware, just throw up OpenVPN on some rental servers.
Ah yes Amazon makes tons of money stealing data from users trying to make their makeshift vpn, unlike they poor company nord vpn that literally spent more money on ads than raid shadow legends 🥹
The ads are always so deceptive. They try to obfuscate and redirect. Claiming privacy and security, while if you listen closely you will find the privacy angle relies solely on convincing you that your ISP is the one snooping as that is what a VPN can hide data from at best, while security is always about connecting securely to their server specifically. The rest and only angle they got is about circumventing geoblocking. They used to promise more, but security experts pointing out your identity is easilly figured out via hardware fingerprinting but a stop to that. I personally only use a OpenVPN server running on my router. I trust my own network and ISP, but not so much public WiFi. Plus having secure access to my own network to send stuff like a "MagicPacket" to wake-it-up for remote control is also neat.
I use ProtonVPN, but only because it comes with my ProtonMail subscription, I should probably just be using nextcloud anyway (for mail), but don't like the idea of doing server maintenance... Also, whose to say AWS cannot collect your traffic data too? (can always use something like linode though) At this point I at least don't want the big boys like microsoft, google and amazon to have a monopoly on my data, though I guess the little guys would probably be selling to the big guys anyway.
Thats why, if you have to, use a reputable company, and pay the money for it. Typically paying for a block time of service will save you money. I use them personally for website testing, and my wife who's a French teacher also had access to the system of setup because it's easier to log into a french-based bpn to access some of the sites that she's geo locked out of. If you're worried about security get a mini PC like a Raspberry Pi and turn it into a self hosted VPN and put whatever kind of filters you want on it like I have on my server station
I use a VPN to get around the UK football tv license issue. If you are in the UK you cannot watch any football match which is on TV at 3pm matchday. My team provide a international account which allows me to watch the game every week if it looks like my pc is outside of the UK. Been using PIA for 8 years now, £40 a year. I also use it for downloading torrents
I have been telling this to people for years at this point, but the issue is that if you are not in the tech industry it's very hard to understand the mechanisms and so it's quite easy to fall for the fear. I bought NordVPN recently but just because it gives 1TB of cloud space for 6$/month and I will be nomading a bit while working in the next years and I don't want funny surprises in random coffee shops in the caucasus... If I was not doing nomading, I wold not even consider it at all.
I've been using a free vpn in Chrome to watch climbing competitions on IFSC's youtube channel because they sold the rights to Eurosports or whatever so I can't watch the streams from my home IP. That's the only thing I use VPN for, and the only thing I use Chrome for. Probably a bit more specific than whatever the vpn company had in mind, but it's really a great use case for me personally!
If you only need web traffic, you don't even need to install anything - just set up a server, `ssh -D1080 myserver` and configure your browser to use port 1080 as a socks5 proxy with DNS handled over the proxy (easy to do with Firefox). Done!
Telekom Speedport 3 even deploys Wireguard as a clicl, scan & go implementation. Just set up your pihole next get dynDNS and you're good to go wherever you are.
one more use case for a vpn that I can think of would be self hosting one so you have access to your local network without needing to expose everything to the internet
I only used VPN-s to get around geoblocking, and occasionally it works to access services (mostly in Asia) that has terrible international bandwidth on their own.
so I'm guessing that the TL;DR is that A) unless you are involved with a state actor your VPN isn't worth shit and can very easily be circumvented by anyone who cares to look B) even if you feel like you need a VPN to avoid casual scrutiny from an oppressive regime, VPS are cheaper and probably less suspicious.
My friends use a vpn because for whatever reason that makes zero sense to me, it makers their wifi connection/speed or whatever better, no idea how, but it actually does, as the wifi at my school is terrible.
What a great video but I agree with the other replies, a video setting up open vpn in an aws instance (linode?, Homelab vm server?) Would be even better. Thanks for the vids though they remind me of my CS architecture classes/labs.
I feel like they sell themselves as security/privacy tools because they can't sell themselves as geolocation block (for like netflix/etc.) workarounds.
Just a few nitpicks here, please correct me if im wrong though 1. you still have to go through your isp node. it's called a gateway for a reason, it opens up the whole internet to you, including that vpn node. the fact that you do not give info on anything about the metadata to that gateway is still true, however a country with smart enough censorship could still just stop the connection altogether. 2. let's not trust a random company when you can just spin up a random vm in amazon's pockets, definitely no suspicious activities coming from them 3. times where a vpn/pvpn could be useful are also when you want to avoid geoblocking but also avoid dos attacks. in general there are times when not giving your ip to random websites could be a good idea 4. i do like the cloud vm solution, dont get me wrong, but for most of the problems you mentioned tor is a far superior solution, and its only downside is that it is slower. for example aws could still have the knowledge of your original ip address and thus (hypothetically) sell your location to advertisers. with tor? good luck... 5. pvpn's require you to manage them, if you want to change the location you have to manually create a new vm and put the virtual images there. it may not be a hard task but it could be tedious, especially for users who dont really know what they are doing (most likely not within your viewer demographic but this vid could still blow up and influence others into thinking it is all rainbows and sunshine)
correct me if I'm wrong but using a VPN makes it so there's only a single DNS lookup (of the VPN server) and request to the VPN server that your ISP handles, then everything else to your ISP (and government) is just a 100% encrypted stream of bits passed along that one established connection with the server, no? So the only thing they could really do is if that initial request is flagged (e.g they recognize that this is a known VPN provider so must not be allowed), act on that (arrest you, report it to the authorities, etc., though can't try to spoof it because known public keys/certificates / w/e), or block the data stream as a whole (or arbitrary parts but they'd have no idea what they're blocking and it'd basically just be streaks of packet loss there)?
@@MH_VOID yes, it is just an encrypted stream, this is why i said that "the fact that you do not give info on anything about the metadata to that gateway is still true". Metadata covers all of that protected info you just mentioned. i just meant that they can detect that you are directly requesting a connection at the very beginning to a server that is either a known vpn node or simply an unknown service outside your country and they have the possibility to stop its connection. no arresting or giving away information, just simple denial of access to a potential vpn service so that you have to route your traffic through a node they can control. (edit: sorry for basically almost just rephrasing your point, i just wanted to make my stance clear and remove any misunderstanding that might have come up, as it seems you have expanded on my point but you thought i was maybe implying isp's could detect what is inside the encrypted tunnel? but what i meant by smart censorship was just this stoppage and making it seem as if the ip was invalid to the end user, regardless of if he knows it is censored it still blocks any way to do untracked business) my main point is that you cant just draw a direct connection between you and the vpn, as there is always some degree of control, even if as little as just this.
Can't say how relieved I am to hear this. I've always told my friends and family that VPN's are mostly a waste of time, money, and network speed. I wasn't 100% sure of myself, but I am now after watching this. Thanks for the vid!!
why do you give advice on things you're not sure of? and so you find the one video that confirms what you want to think about something so that makes it fact? there are plenty of use cases for running a vpn. this guys just raging for nothing so you'll believe the click bait. but whatever, cool, the less normies we got on the vpn just means more bandwith for us! todaloo, have a nice day
@@XX-121 I wasn't 100% sure, more like 95% sure. VPN's have their use cases, but they aren't the all in one security package they're dished up to be. I always find this video helpful to know when and where to use VPNs: ruclips.net/video/9_b8Z2kAFyY/видео.html
A VPN could be handy if you want to create an additional account on a site that already has you logged in. Some sites will disallow multiple logins from the same IP address.
The data between two points on a public network is encrypted using a key exchange algorithm. Why it need to be decrypted anywhere between source & destination? Something would have to be running on your PC that generates its own traffic.
I guess it would be good if you wanted to log into a website that uses unsecured http. As if you could find any that doesn't run https these days. And you really needed to do it over a public hotspot.
@@hottoniapalustris1541 all serious sites use https even RUclips. If a site has the very easy to notice “big scary red lock” and you type your bank credentials in there anyways, yeah you probably may as well have a vpn or only install apps from fking windows store
It's also crazy how to people don't understand that all their data over https is secure by default with the first party, that's why it is so hard to setup in the first place. The only thing anyone can spy on is what sites you visit, keep a log of it and do some social engineering on it, but that is not efficient or even legal in many places do be done by your ISP. You're also safe if you didn't sign a shady deal with your ISP about your privacy.
While I agree with the main point, as far as I can tell the security points are BS and you are definitely spot on about free VPN's several services (to use the obvious example NordVPN) have made a big deal publicly about their no-log policy and encrypted data streams. Because of this they would undoubtedly loose a huge chunk of business and get sued into the ground should they be discovered to be tracking user data. For that reason I can understand using a paid VPN provider which makes a big deal out of no-log policies for privacy concerns (also FYI your suggested alternative of an amazon server at $10 per month is more expensive than most of these services (at least on a yearly plan))
"You can setup your own VPN on AWS, and pump all your traffic through AWS semi-anonymously, without leaning on a VPN company to manage your traffic for you." That. And a lot of the major companies they advertise benefits from (like movie streaming, etc.) have blacklisted the endpoints of these commercial VPNs, so they don't work for that either. It's less likely they'll have blacklisted your personal cloud VPN instance.
MullvadVPN seems to a legit company you can trust, you don't even have to login, and you can send them actual money in the mail to pay for it if you want. Also always a flat rate monthly, no 2-year "deal".
I hate those VPN commercials and the flat out wrong info they sell. On TV there’s laws against false advertising why they don’t apply on the net is beyond me. And most people don’t know how VPNs work and believe the crap that is peddled. If you want a VPN just get yourself a cloud provider get a Docker container with OpenVPN and spawn it in a region of choice to watch Netflix in that region.
3rd use case: piracy. Avoid whoever's connection you are using to receive a notice of illegal download. Another alternative to a VPN that I used in the past was to connect to my web hosting service and use SSH tunneling. $140/3 years if I remember correctly. They no longer allow SSH tunneling unfortunately (probably because I used too much bandwidth).
VPN companies are usually private companies. There is no way to know how and if they are making money.
The fact that they have so much money to sponsor RUclipsrs is a gigantic red flag.
but if they sell data without users knowing that would breach a ton of gdpr laws
It could be anonamized perhaps - I think I would be OK with that.
@@OcarinaOfVali It is not illegal while nobody knows you are breaking the law :^)
@@OcarinaOfVali That's hilarious but no
Well the feds need to catch people somehow.
Wise man Tom Scott once said
"You need **beep** VPN. The best choice gay people, pirates, assassins and gay pirate assassins"
His video on VPNs was legendary
he also said that the main use case for VPN is streaming services, which is probably the only useful one lol
Depends on your use case... people are so tarded it's funny...and seriously sad.
Also... if you can't see the clickbait titles of this channel someone knifed your eyes out 😂
some of his newer videos have vpn sponsors
@@TheKodeToad money is money
@@infrakazos where?
Good take, terrible solution.
Recommending AWS of all cloud providers available is very funny. You know, the Amazon company is very famous for being "good".
your traffic is encrypted as well under ALOT OF VPNs, or atleast they claim so, does anyone know if Nord is trustworthy? even if you did illegal activities?
@@badfern7661 Torrentfreak has a yearly list of audited VPNs.
You can do some kind of encryption to hide it more but I agree with you, AWS has a very "good" reputation sbout privacy
What's even funnier is just like Microsoft, Amazon has signed a contract with the NSA too.
Amazon has virtually no control on the data you store on AWS.
The reason why the solution is terrible is not because it's on AWS, the solution is terrible because handling servers is a pain in the ass if you are not a system engingeer... and at that point, I'd rather pay 200$ for two years of VPN + 1TB of cloud storage like some promo NordVPN sells from time to time.
There's also a use-case for seeding torrents without your ISP getting upset.
The thing is I don't care if the VPN is recording my traffic. It is encrypted, and I have to trust the destination server anyway. I pay for a VPN because I trust literally every VPN company more than my ISP who'll shut down my service when the MPAA sends them a C&D notice about me.
The greatest use case for VPN's is piracy. On top of that, Amazon AWS is a bad solution, if you want to have the proper VPN experience (Servers in multiple countries) that means you would need to buy multiple servers, in the end, this would cost you more money than using your typical VPN service, you solved the problem by making it worse.
I think there are few more benefits for using paid services.
- I want to use Japanese, USA and many other Country's IP addresses but buying many VPS instances will cost me very much.
- I want a well made graphical user interface. Like when jumping between multiple regions, I don't want to do manual setup every time. I just want to click a pretty widget on my home screen.
- Do you live in USA? Then you'll never understand, but most governments around the world are actually very authoritative on internet traffic. E.g, some Asian countries are very sensitive to sexual contents so they actively filter all traffics to such domains by screening SNI field.
that is all really crucial tbh, spot-on
You don’t need a VPS
Just use a container in a cloud provider like AWS or Azure.
Exactly, there absolutely are use cases outside the bs marketing, especially for self-hosted services. I really want to start relying on custom solutions and recommending others to do the same, but the biggest obstacles are flexibility and ease of use.
For example, where can you find an app for self-hosted VPN that supports at least Windows, Linux, macOS and Android? A preferrably FOSS client that allows you to connect to your custom VPN servers, be it OpenVPN, IKEv2, WireGuard, etc. and being able to split tunnel (include or exclude) different user applications and IP address ranges? No such thing exists yet, at least to my knowledge.
I have asked around about this in the past, consulted people that I know in the sphere, but nobody could point me towards what I was looking for.
I would even be happy to help develop such project together with some knowledgeable people, but I don't know C well, or understand the underlying network stack of the OSes to work efficiently on this scale. To be fair I'm not surprised nobody has taken the burden to work on something like this, knowing the time and effort it takes to maintain cross-platform applications.
Wireguard android app has a nice UI, can import all the tunnels you need, and you can switch VPN from quite the title or from the app (it shows the list of all your tunnels)
@@nikitapustovoi8987 The client isn't the problem it's the endpoint :D
How they get away with practically scamming is beyond me. Also most are honeypots anyways.
i use them because i pirate alot of shit and dont really wanna get a letter lol
Got proof?
@@reinmarvonzweter666 Still got your God given downstair organ Xir?
Not sure what explicit proof you're after, other than the fact that various bodies of the world government are known to leverage private companies/NGO's to conduct their business. The idea that we're all being monitored is far from a crazy stretch, it's rather a well established fact at this point. To suspect private companies that handle ALL your internet traffic to at the very least profit off the intercepted data, is a healthy take given the circumstances.
It's important to understand that a "no-log" policy is not the same as "no data retention", and these )ews always get at us through cleverly worded phraseology.
If they supposedly kept no data at all, how is it that the police can intervene and request data leading to arrests?
On top of that, each vendor audit is always performed by one of the top globochomo firms, which shouldn't come as a surprise.
Jed Cheng made a great point down below. "VPN companies are usually private companies. There is no way to know how and if they are making money.
The fact that they have so much money to sponsor RUclipsrs is a gigantic red flag."
Go figure you foolish imbecile
@@krellin You know what's cheaper than that? Using Tor for free and having actual trustless privacy.
@@CrittingOut Only works if more people actually used Tor. ISPs and/or the network admin of your LAN (as in the case of dorms) will see that you're the lone person using Tor in the network/region which will put a gigantic red flag on your back immediately. See the Harvard bomb threat incident. A random VPN server you connected to wouldn't raise as big a red flag.
The only paid VPN I'd trust if self hosting is not an option (which let's be honest, it's virtually always an option) would be mullvad for two reasons: they almost don't advertise, so it feels less sketchy, and they accept both cash and XMR, so you can limit the data you share with them...
Sounds exactly the opposite to what you say to me. If it isn't advertised, then it is a: bad or b: hidden purposefully. You wouldn't want to use it in both cases imo.
In any way, there are lots of paid vpns that don't ask for any personal information whatsoever. Some only ask for an email, for example. You can use a temporary email and they will randomly generate a login and password for you. You can use a prepaid visa card which couldn't be tracked to you for your payment (it is grey but). Pair it up with zero logs policy (better if it is proved by a third party) and I don't see a reason to avoid vpn at all. If you need it, that is.
@@twothreeoneoneseventwoonefour5 They have large ads on trams here :D
Mullvad has zero logs, they don't ask for email and you can send them payment in cash if you so wish. They are a great VPN
@twothreeoneoneseventwoonefour5 using a temporary email is not a good solution (especially if you buy long term subscription). The day you will want to connect from another PC or device and they will send you a 2FA code on your temp email, you will be in trouble. Also, temporary cards are linked to your bank account anyway. I tried different VPN and I found Mullvad looks like the most trustworthy: no personnal information asked (no email, no phone number, no login), and you can pay with crypto (especially XMR), leaving few financial traces. Also, they claim zero log policy, but like with every VPN, it's hard to verify. I think CyberGhost got in troubles (or their CEO) and we learnt that finally they were logging traffic.
1:41 This isn't ridiculous, this is called privacy, you choose who you trust with your data.
This is called falling for a honeypot. Whether it being a honeypot is on purpose or not, doesn't really matter.
Unless you know you want to avoid your ISP specifically for some reason. It really is equivalent to getting a second ISP.
@@mskiptr
It is not equivalent, literally because you are choosing dear. Do you understand the difference between being forced to hand over your data to an ISP that you are not sure is reliable or not, and choosing a company or institution that you ? Because this is what defines privacy, it's choosing who you want to hand over your data to, it's having that right to choose, in any instance using the internet will leak your data to , the choice of is which will set the level of privacy. And of course, of course you could be wrong in your choices, but that doesn't take away from the criterion that they were choices and not something practically inescapable like an ISP.
@@diadetediotedio6918 Being able to choose is good for your privacy, but that doesn't change the fact that using a VPN always increases the number of parties that get to touch that metadata and doesn't change the fact that a VPN company will always be closer to being a honeypot then an ISP.
When you're using the internet with only your ISP, they get to know:
a) your billing information
b) which servers you connect to
c) when you're using the internet
d) how much data you're using
e) which protocols you're using (web, e-mail, torrents, etc.)
(and the routers along the way can learn everything except a - just with less certainty)
When you add a VPN into the mix, it's them that know that instead. And your ISP still knows a, c and d.
As for the routers between you and the VPN, they can see c and d. The routers after the VPN learn what routers in the no-VPN case did, except sometimes mixed with traffic from other people using the same VPN server - as opposed to other people behind the same NAT.
And why VPNs are basically honeypots?
Because you're going to use them across many devices and from different locations. Thus, the VPN company can learn a lot more about you then your ISP ever will.
There are some situations when getting a VPN makes sense, but doing so will be good for privacy only in vary rare and specific cases.
@@mskiptr
1. This information about my devices is of absolutely no use when I am using a paid VPN with anonymous methods, they will only be able to sell general and not specific data about me (if they are going to sell it), so it doesn't make much sense what was stated here.
2. About 'd', you can judge this in many ways, as the data is encrypted (and depending on the encryption method used) they (ISP) may get inaccurate information about my data usage, still I will concede this point as the variability will depend on several factors.
3. Routers cannot know from 'b' to the point where we are on the VPN servers, because the network traffic is encrypted, they will only know that I am directing my data to VPN servers (and in some VPNs some relay servers are partially community and distributed, which makes it difficult to use this information for something useful). After the VPN the routers will know about 'b', but this information will be practically useless for them.
Point (1) defeats your assertion that VPN's are honeypots, if my identity is anonymous (and there are VPN services capable of being used basically completely anonymously) then there is no way for them to learn anything useful about my behavior, all they will know is my origin IP (and they won't be able to know if it's my home IP, or if I use some other service before theirs, etc). (2) and (3) are bonuses.
@@diadetediotedio6918 If you get an anonymous VPN service (pay with crypto, etc.) then sure.
Especially if you use many different VPN servers and remain anonymous to them (and not just pseudonymous).
I use a paid VPN for geofencing reasons. I'm an expat living abroad and there are particular things I need that are geofenced inside my native/home-country. But regarding the privacy concerns, I totally agree with you.
There‘s also the case of bypassing firewalls though - e.g. some restaurant Wi-Fi‘s or university networks won‘t allow you to connect to anything that isn‘t on http or e-mail ports, or even do packet inspection to even block any OpenVPN traffic on 443, which sucks if you happen to need to ssh into some server or just plain use an app which needs to connect to something that isn‘t http.
Love your videos, not sure about this one. There are numerous reasons to use a VPN which have already been pointed out. I also don't trust AWS any more than any decent paid VPN plan (pointed out in comments as well). What I'd like to add is that I don't find the pricing suspiciously cheap at all. A few dollars per month seems reasonable to me. In one of LTT's more recent WAN Shows it was actually brought up that they looked into building a VPN, and the profit margins would have been huge (they did not pursue the market because of legal issues). Let's not take their word for it though: Take your $10 a month AWS VPN, how many people do you think you could serve a VPN connection to with that one instance? I don't think it would be unreasonable to say at least four, if I can push 2.5 Gbps on my router's Intel Celeron cpu, I better be able to reach 400 Mbps on my EC2 instance to give acceptable speeds to 4 people. At which point you're at $2.50 a month. Add in users who only need a vpn on occasion, dedicated hardware accelerators, bargaining power with data centers, and you're really paying basically nothing to host a VPN. The only things you need to worry about are lawyers and competitors. Tell Venture Capital about this business plan and flooding youtube sponsorships is easy. No data selling needed. I'm not saying that VPNs aren't selling your data, the free ones almost certainly are and some paid ones may be as well, but I think it's an error to suggest that there's no way they could possibly make any money without selling your data.
most vpn plans are aws in the end
-There's a massive thing missing in your cost plan: the internet connection.- Edit: misread, ignore this.
@@Winnetou17 if you use AWS to host it for you and multiple people, doesn’t that include the internet connection since you are renting a cloud service?
If you think about how little people will actually use a VPN and how little traffic they will put through it then it makes sense how they can charge so little. People using it to get around geo blocks probably will only have it on for as long as they need to, since connecting through other countries is slow. People using it for privacy will probably only keep it on when on public wifi so again they won’t use it much, same with people using it to get around restrictions on wifi.
Say I was using the wifi on the train or bus or hospital or similar, who is to say that they aren’t collecting data on their free wifi and selling it or keeping logs of everything you do. I would far more trust a company I am paying, even if it is only a little, than I would a company offering free wifi.
Same with things like university wifi or student accommodation “free” wifi, who is to say that these wifi providers aren’t tracking you and selling your information for advertising. These companies whole business is to make as much money as possible out of students, from expensive rent, to expensive laundry facilities, to pretty insecure wifi, I wouldn’t be surprised if they sold your data on the side too. In a previous student accommodation I was at, every device on the wifi was all connected to the same network, I could go and cast youtube to any smart TV in the building, a network scan brought up every device on the network, a building of over 500 people. What’s to stop some bored CS student from trying to mess with people or try to see what they can find. In that case I would much rather have the added protection of a VPN.
@@conorstewart2214 Yeah, I misread a bit, he started to mention things like a Celeron CPU and bargaining power with data centers and I thought he started to check how much it would cost if it would've been self hosted. For the AWS instance, the internet connection is included in those $10, of course.
I use a VPN simply because there are some companies/websites that restrict traffic from my country. For instance, Chat Jippidy isn't available to me unless I use a VPN.
Why do you think that AWS won't spy on you? Like yeah, they don't run VPN directly, but why can't they spy on what you do on your VPS?
That's a big hole in this argument, besides him arguing for using corporate vpns if you're hiding from your goverment.... even though in that case, besides big tech they have the easiest methods of spying on you vpn or not.
Amazon doesn’t care what you watch on RUclips don’t worry. The amount of people using aws as a makeshift vpn server is so small that the idea of Amazon risking billions in court and public image to get maybe 1000 extra dollars max is pure lunacy. Think logically not just “rich people bad popular video game bad iPhone bad government bad” hating stuff just because it’s popular or big makes you as basic as the rest. Instead, try to have an informed opinion and don’t be afraid to like or use a service just because other people enjoy it too.
I need to look into this more, but im pretty sure there’s encryption stuff that’s standard with VPS software that makes it really hard for hosts to look into the VPS, you’d want to check what the host in running though!
Im thinking about the same thing when it comes to these unreasonably cheap VPN services and good to know that Im not the only one having these concerns. Thanks for the content
They're unreasonably expensive, not unreasonably cheap.
@@jesseparrish1993 in both cases, it's seems to be kinda pointless after watching this video
They are probably unreasonably cheap because a lot of people buy them and only use it occasionally or just stop using it, if everyone used it all the time the network probably couldn’t cope and would cost the company a lot of money. If you can imagine people buy it just to get around geo blocking, how often do most people have to do that? And it slows down your connection, so most will have it switched off when not needed.
They can probably offer it so cheap because of how little people actually use it.
Another important point is the claim "We don't keep logs". I've heard people, who should know better, make that claim that toward me, and my answer is always the same: Prove it. You don't trust your ISP when they say they don't slow down or monitor your traffic, but you'll openly believe X service when they say they won't. There's benefits to keeping logs, so I can't willingly believe any company who says otherwise.
The "We don't keep logs"-claim is insane. The vpn provider is relaying my data for me, but what if I start communicating with seedy people about toppling the government, sharing bomb recipes, joining isis and those sorts of things, is it really plausible that when the FBI tracks my traffic back to my vpn provider and kicks in the door, guns blazing, my vpn provider will take the blame for me for those 2-3 dollars per month I pay him? Would you trust a $3 body guard to take a bullet for you, heck no! So why trust a $3 vpn provider not to rat you out if things get rough?
I trust my vpn provider to be a speed bump/inconvenience if someone takes interest in my torrenting, I trust him with my netflix watching, but that's it. I would never do my online banking and serious stuff like that through a vpn provided by some random guy.
@@strandvaskeren how does the FBI know it's your traffic?
@@strandvaskeren There's also the common carrier thing. A VPN can't be held responsible for what its users do on their service. Much like now a telephone company, AT&T for example, cannot be held responsible for someone using their phone to threaten violence towards the president.
$10/month for a dedicated AWS instance is actually pretty expensive by VPN standards.
There are VPS hosting companies that offer instances for ~$2 or less. Or just get a cheap "unencrypted" proxy service.
I love this rant and it is so true. The wife has been getting a TON of VPN adds and brought it up to me. I'm just like "Why though?" The AWS instance idea is fantastic though. Nice!
You should make this a RUclips short, it might go viral given the prolific nature of VPN sponsorships
Here is why I use a VPN:
- I don't like that my government gets to tell youtube to tell me what I can and can not watch (I live in Canada, yes, there is content that is blocked in Canada and not in other parts of the world)
- Region locked licensing is a garbage practice, it just punishes everyone else
- I trust my ISP less
- The VPN I chose has been proven in court not to keep logs
Which VPN do you use?
@@hehe-te7ed I'm guessing Mullvad.
What content is blocked in canada?
Another use case is not wanting to give my actual IP address to some sketchy website/service I want to use. But now that I think about it I could use tor for that as well.
I have some Russian friends and I set up OpenVPN on my home network for them to use so they could access the internet freely, no need to anonymize here.
but if u spin up an AWS instance doesnt that mean that amazon is now spying on u ?
Not to the same extent as a VPN service does.
Aws can track which IP addresses you are communicating with.
And how much data is sent.
But they can't read the data.
They can't even tell that this vm is used as a VPN.
Meanwhile, a VPN service knows exactly what you are doing.
@@שחםהאי As long as the sites you visit use HTTPS your VPN provider cant read your data either
As well as setting up a cloud server to be your VPN, you can also use an old PC or Raspberry Pi to do the same thing on your home internet.
And unrelated to that, another use for VPNs is if you want to watch something that's not available in your country (like how Netflix has different shows depending on your location)
Unless you physically move your Pi/PC to another country VPN does absolutely nothing.
Another usecase is torrenting and that's about it. An AWS instance will not let you do that probably.
That's the only reason I see for one. Which when you're using it for that you essentially don't want to trust your ISP
@@silverwaffleslegal services from another country
I'm using the free tier of AWS to make a VPN so I can have an alternative route to a game server and it's working great.
Went from ~150ms to ~40ms.
As for reasons to use a service:
- Is convinient.
- Has multiple servers in multiples countries: bypass regional blocking, alternative routes.
For me, I use a VPN for the following:
1. Downloading torrents. I don't want my ISP knowing since they have sent out passive-aggressive letters. I'll do this on my main laptop.
2. Exploring fake, scam, malicious and/or phishing sites. I usually do that in a VM with at least one VPN service (paid for). Always do a DNS Leak test before visiting any sites. That's all on an older laptop I use only for these tasks. I like seeing how the sites work, and see their vulnerabilities. None of my information, even my name, are associated with that laptop. If the drive or BIOS is compromised, break and chuck it. It's never come to that (knocks on wood).
Thank you for putting this out there. I for one, have to subscribe to a VPN service because of the former reason of the two. But I never, ever believe the ads saying that VPN could bring more security to your day-to-day interweb perusing.
Didn't mentioned countries that block the heck out of the internet. In russia it gotten to the point that most of the smut websites are blocked
Yes the someone in the connection I don't trust is my ISP who is legally obliged to hold all my browsing metadata for two years, for reporting to my country's government. Who's to say they don't also sell it to commercial third-parties? Also, the problem I have with setting up my own VPN on a cloud provider is that I don't get the benefit of mixing my traffic with many other users - it would make it easier for web sites to fingerprint me.
P.S. is that a NordVPN sweater you're wearing? 😁
Would love a video on you building a VPN on AWS! I've thought about it but just haven't prioritized it enough. Totally agree with you on all points here, though.
What bothers me most about VPN providers is how they claim their service provides security against the "bad guys" and how those naughty hackers can no longer steal your data because of their protection.
These ads are targeted towards the common man - as in they don't have an above average knowledge in cyber security.
By far the biggest cyber threats for the everyday person are deployed through phishing. And no VPN provider offers you protection against such threats.
depends what kind of phishing. if we are talking about the login phishing yes, but it could still be useful against the ip grabber phishing.
Funny thing is VPNs are actually more useful to the "bad guys" than anyone else.
Yeah. And they also like to talk about how your ISP's spying on you through your traffic, so you should pay them so THEY could spy on you instead. If my ISP was caught spying on/selling my data, at least i have someone i can sue for damages in my local courts, what the fuck can i do if a random VPN i contracted leaked my data?
I am currently running my own VPN through a cloud for LAN Multiplayer. Totally worth it, little to none lag
You're right, higher the Ping, lower the lag.
@@anomaly_echelon7994 the Cloud/VPS is hosted on a server not too far away from my own location, thus ping is lower. Instead having to play through steam's own server, which sometimes can get crowded, and probably hosted in a foreign country. I got far less timeouts after switching to VPN
@@redbuIIracing33 That's interesting, but can't you host it on your computer for essentially 0 Ping? Most modern computers are more than powerful enough to handle a few people on LAN Gaming sessions. Maybe it could be a Private multiplayer you're talking about but I could be wrong.
That's too much work, I'd rather pay someone else to do it for me. If only there was a service that provided that for me...
I use Tailscale to remote into servers I have behind several different NATs, as well as tunnel backups.
I suppose it depends on your use case. I would never touch anything that claims to support OpenVPN, but I actually use a VPN as a private network, not as a proxy.
For use-case 1, there is TOR, which is intended for exactly that.
I'd consider circumventing geo-blocking as the only legitimate use-case for VPNs (of cource, except the use-cases VPNs were invented for).
VPNs also don't add any layer of security in practice, since practically all traffic to websites is HTTPS nowadays. And that uses the same technology as, for example, OpenVPN. Even if you are in an unsecured Hotel WiFi.
isnt TOR still easily trackable if someone wanted to track u
@@nexolec109 everything is trackable is someone wants to track you. Define easily. Both TOR and VPN would require a signifficant effort to track you.
@@nexolec109 yes, if you have bad opsec it is painfully easy to get tracked by someone who wants to do it. but that applies to anything and not just tor i guess
@@nexolec109 VPNs are easily trackable and are not anonymous whatsoever. Tor is simply superior in every single way except bandwidth.
@@CrittingOut that's one heck of a disadvantage when your use case is watching youtube videos while you live in China.
3. Using a VPN can sometimes skip extra nodes youll encounter otherwise to get to a site faster, effectively speeding up your internet, but that mostly only applies to hotels or public networks.
Finally someone said that. It's the same with signal, telegram and e2e on apple. The worst thing is when this data is available to the company but not to democratically elected governments and agencies.
These brief and important statements (that I personally already know anyway) got me subscribed (since I've seen other videos of you). Keep going!
For me the whole paradigm of "modern" VPN services was confusing. I grew up with understanding that VPN stands for Virtual **PRIVATE** Network, in which Private means that you either own or trust both endpoints. All the YT ads and sponsored segments always made my left eye twitch a bit and raised my blood pressure...
I have one that I pretty much only use to watch athletic events that are blacked out in my market. I care about privacy, but that's not what I use my VPN for.
There's also a third reasonable use case: creating a Virtual Private Network : )
Funny how the initial and most compelling use case is also the most overlooked these days.
When I try to make this argument, they always point to DRM evasion. Can shoot down anything else with this logic but they're not willing to give up the piracy.
Great video. I hope many people see this one. It drives me insane as well to see all these sketchy VPN ads.
Agree with what you say, however I can think of two other reasonable use-cases.
1. When your employer blocks sites you want to visit - but isn't smart enough to block VPN traffic.
2. To watch TV shows from your home country when you're travelling abroad - which are often blocked.
I'd not considered running OpenVPN on an AWS - that's a clever option. Instead I just run OpenVPN on an RPi on my home network. It seems to work OK most of the time and only cost a few $ for the hardware.
Another use is to watch videos online that are forbidden in your country.
It could be seen as a lightweight version of the totalitarism state, except that it's typically enforced by the publisher, not the local government via the local ISP.
Alexa, please define 'authoritarian regime'. For some reason I cannot use r-word, n-word or f-word, t-word, etc. in playful and sarcastic context in youtube comments. =)
Also AWS traffic may or may not be pumped through a some sort of TSA proxy. Saver then commercial VPN but not fool-proof.
I guess gigachad way is to buy a raspberry pi, go to a different country and find a way to leave it connected to the internet and use it as a VPN.
One other reason to use a vpn when you're working is when you need to access some server that is only available in the local network. But you don't need to pay for a software to do that securely. At work we have an instance of openVPN where you need a couple of files (certificate, private keys, etc) and a set of credentials to be able to log in. Once I'm in I can use everything that is locally accessible there.
A VPN is also good when those other voyeurs are worse than your ISP. WiFi in the city can be as dangerous as wolves in the forest when you try to log in to your Google or Facebook account. It's always better to use your own LTE in the city. However, when the package is over, you are left with the risk+VPN=secure connection to a wi-fi network. Not every WiFi network is worth trusting.
This video is sponsored by BEEPVpn *Cuts*
RUclips: Thats all I needed to hear. YOU DIDNT INCLUDE THAT IN THE PAID PROMOTION!!!!
Errr, my ISP likes to watch me and send threatening letters when I download an old movie or show you can't watch anywhere paid. They have a hard time doing that when you pay for a no-logs vpn. Also I work in places that have overzealous content blocking on their wifi so I can't use facebook messenger, twitter, or sometimes discord or youtube. The VPN makes it so they can't block me.
Dude I would LOVE to see a walkthrough from you about how to set up an OpenVPN instance on AWS. Sounds simple enough, but still.
Like always. A very useful video that has very few views. I'm not shocked!
“The best way to stay anonymous on the internet is to not use the internet” - I’m sure someone said it somewhere
Another good use for VPNs: at work on their wifi and don't want your employer seeing your personal devices connecting to either non-work sites like RUclips, or actively searching Indeed or something for another job. A tool can have many uses, but people should be educated on what those tools do and when they should use them.
I have no doubt my $2 a month Windscribe VPN service spies on me or sells my data, but if I wanted to avoid that I would use TOR or set up my own VPN hosts in various locations with AWS/Vultr/etc.
Short, sweet, informative and to the point.
It's just how I like my pie.
The only reason I use a vpn is to hide my IP when doing stuff that could leak my ip to people who would like do dox me, and I use it to view content on streaming services where it is region locked.
So now we're waitning for video how to create own VPN server ;) I wanted to make my own, but I think I still don't know enough.
I have many questions about how VPN works, because in the internet most of sources don't explain how exactly it works.
There was a Defcon talk by some guy who setup a VPN and allowed the public to use it. Users were informed that all of their traffic could be seen by the VPN owners. People continued to use it though. Another misconception about VPN is that, those VPN companies have to follow the law. So if they receive a warrant, they have to hand over user data.
They have to hand over all information that they keep. There’s no legislation that says what they have to keep on users.
In the end its TLS for the cheapos, some have Wireguard, but its not multi-peer random hopping for some providers.
Bypassing Geoblocking would be my third use case.
AWS - Ec2 instance + network + ebs & no data centres in certain countries which of content you may want to access . Usually the cost of running your own aws vpn is bigger than what specialised companies offer, especially when downloading a lot of data. tested myself.
Well with the OpenVPN on AWS you have more or less the same problem.
Now all your traffic goes to Amazon.
But yeah i get your point and these vpn ads drive me crazy sometimes...
Amazon is more trustworthy than a free vpn that you saw in a RUclips banner ad
"Your IP is exposed to that website you're visiting!"
"Yeah no shit lol"
There are a few VPN providers that I've found over the years to be trustworthy, but true, most are just looking to make a quick buck by selling data. They usually don't even set up their own hardware, just throw up OpenVPN on some rental servers.
I don't trust Nord but I do trust Amazon?
Changing location of Amazon server also is not as simple as a single button click.
Ah yes Amazon makes tons of money stealing data from users trying to make their makeshift vpn, unlike they poor company nord vpn that literally spent more money on ads than raid shadow legends 🥹
The same goes for your ISP. It's just a matter of who you trust (or mistrust) the most.
One super useful use case, when trying to reach your home network from any place
Thats a different type of vpn hes talking about vpn services not self hosted ones
The only reason I might use a vpn is because people are actively ddos-ing people in gta and many other games, so it's just way safer
The ads are always so deceptive. They try to obfuscate and redirect. Claiming privacy and security, while if you listen closely you will find the privacy angle relies solely on convincing you that your ISP is the one snooping as that is what a VPN can hide data from at best, while security is always about connecting securely to their server specifically. The rest and only angle they got is about circumventing geoblocking. They used to promise more, but security experts pointing out your identity is easilly figured out via hardware fingerprinting but a stop to that.
I personally only use a OpenVPN server running on my router. I trust my own network and ISP, but not so much public WiFi. Plus having secure access to my own network to send stuff like a "MagicPacket" to wake-it-up for remote control is also neat.
I use ProtonVPN, but only because it comes with my ProtonMail subscription, I should probably just be using nextcloud anyway (for mail), but don't like the idea of doing server maintenance... Also, whose to say AWS cannot collect your traffic data too? (can always use something like linode though) At this point I at least don't want the big boys like microsoft, google and amazon to have a monopoly on my data, though I guess the little guys would probably be selling to the big guys anyway.
Thats why, if you have to, use a reputable company, and pay the money for it.
Typically paying for a block time of service will save you money. I use them personally for website testing, and my wife who's a French teacher also had access to the system of setup because it's easier to log into a french-based bpn to access some of the sites that she's geo locked out of. If you're worried about security get a mini PC like a Raspberry Pi and turn it into a self hosted VPN and put whatever kind of filters you want on it like I have on my server station
I use a VPN to get around the UK football tv license issue. If you are in the UK you cannot watch any football match which is on TV at 3pm matchday. My team provide a international account which allows me to watch the game every week if it looks like my pc is outside of the UK. Been using PIA for 8 years now, £40 a year. I also use it for downloading torrents
I have been telling this to people for years at this point, but the issue is that if you are not in the tech industry it's very hard to understand the mechanisms and so it's quite easy to fall for the fear.
I bought NordVPN recently but just because it gives 1TB of cloud space for 6$/month and I will be nomading a bit while working in the next years and I don't want funny surprises in random coffee shops in the caucasus... If I was not doing nomading, I wold not even consider it at all.
I've been using a free vpn in Chrome to watch climbing competitions on IFSC's youtube channel because they sold the rights to Eurosports or whatever so I can't watch the streams from my home IP. That's the only thing I use VPN for, and the only thing I use Chrome for.
Probably a bit more specific than whatever the vpn company had in mind, but it's really a great use case for me personally!
If you only need web traffic, you don't even need to install anything - just set up a server, `ssh -D1080 myserver` and configure your browser to use port 1080 as a socks5 proxy with DNS handled over the proxy (easy to do with Firefox). Done!
1:10 so, a localised proxy
Telekom Speedport 3 even deploys Wireguard as a clicl, scan & go implementation. Just set up your pihole next get dynDNS and you're good to go wherever you are.
Good point. Also thanks for the suggestion.
one more use case for a vpn that I can think of would be self hosting one so you have access to your local network without needing to expose everything to the internet
I only used VPN-s to get around geoblocking, and occasionally it works to access services (mostly in Asia) that has terrible international bandwidth on their own.
so I'm guessing that the TL;DR is that
A) unless you are involved with a state actor your VPN isn't worth shit and can very easily be circumvented by anyone who cares to look
B) even if you feel like you need a VPN to avoid casual scrutiny from an oppressive regime, VPS are cheaper and probably less suspicious.
Interesting video. Got any resources that would walk through how to do this step-by-step?
My friends use a vpn because for whatever reason that makes zero sense to me, it makers their wifi connection/speed or whatever better, no idea how, but it actually does, as the wifi at my school is terrible.
The schema with setting up OpenVPN on AWS is actually how most of these VPNs work and make humongous profits
What a great video but I agree with the other replies, a video setting up open vpn in an aws instance (linode?, Homelab vm server?) Would be even better. Thanks for the vids though they remind me of my CS architecture classes/labs.
I feel like they sell themselves as security/privacy tools because they can't sell themselves as geolocation block (for like netflix/etc.) workarounds.
Just a few nitpicks here, please correct me if im wrong though
1. you still have to go through your isp node. it's called a gateway for a reason, it opens up the whole internet to you, including that vpn node. the fact that you do not give info on anything about the metadata to that gateway is still true, however a country with smart enough censorship could still just stop the connection altogether.
2. let's not trust a random company when you can just spin up a random vm in amazon's pockets, definitely no suspicious activities coming from them
3. times where a vpn/pvpn could be useful are also when you want to avoid geoblocking but also avoid dos attacks. in general there are times when not giving your ip to random websites could be a good idea
4. i do like the cloud vm solution, dont get me wrong, but for most of the problems you mentioned tor is a far superior solution, and its only downside is that it is slower. for example aws could still have the knowledge of your original ip address and thus (hypothetically) sell your location to advertisers. with tor? good luck...
5. pvpn's require you to manage them, if you want to change the location you have to manually create a new vm and put the virtual images there. it may not be a hard task but it could be tedious, especially for users who dont really know what they are doing (most likely not within your viewer demographic but this vid could still blow up and influence others into thinking it is all rainbows and sunshine)
correct me if I'm wrong but using a VPN makes it so there's only a single DNS lookup (of the VPN server) and request to the VPN server that your ISP handles, then everything else to your ISP (and government) is just a 100% encrypted stream of bits passed along that one established connection with the server, no? So the only thing they could really do is if that initial request is flagged (e.g they recognize that this is a known VPN provider so must not be allowed), act on that (arrest you, report it to the authorities, etc., though can't try to spoof it because known public keys/certificates / w/e), or block the data stream as a whole (or arbitrary parts but they'd have no idea what they're blocking and it'd basically just be streaks of packet loss there)?
@@MH_VOID yes, it is just an encrypted stream, this is why i said that "the fact that you do not give info on anything about the metadata to that gateway is still true". Metadata covers all of that protected info you just mentioned. i just meant that they can detect that you are directly requesting a connection at the very beginning to a server that is either a known vpn node or simply an unknown service outside your country and they have the possibility to stop its connection. no arresting or giving away information, just simple denial of access to a potential vpn service so that you have to route your traffic through a node they can control. (edit: sorry for basically almost just rephrasing your point, i just wanted to make my stance clear and remove any misunderstanding that might have come up, as it seems you have expanded on my point but you thought i was maybe implying isp's could detect what is inside the encrypted tunnel? but what i meant by smart censorship was just this stoppage and making it seem as if the ip was invalid to the end user, regardless of if he knows it is censored it still blocks any way to do untracked business)
my main point is that you cant just draw a direct connection between you and the vpn, as there is always some degree of control, even if as little as just this.
Can't say how relieved I am to hear this. I've always told my friends and family that VPN's are mostly a waste of time, money, and network speed. I wasn't 100% sure of myself, but I am now after watching this. Thanks for the vid!!
why do you give advice on things you're not sure of? and so you find the one video that confirms what you want to think about something so that makes it fact? there are plenty of use cases for running a vpn. this guys just raging for nothing so you'll believe the click bait. but whatever, cool, the less normies we got on the vpn just means more bandwith for us! todaloo, have a nice day
@@XX-121 I wasn't 100% sure, more like 95% sure. VPN's have their use cases, but they aren't the all in one security package they're dished up to be. I always find this video helpful to know when and where to use VPNs: ruclips.net/video/9_b8Z2kAFyY/видео.html
A VPN could be handy if you want to create an additional account on a site that already has you logged in.
Some sites will disallow multiple logins from the same IP address.
The data between two points on a public network is encrypted using a key exchange algorithm. Why it need to be decrypted anywhere between source & destination? Something would have to be running on your PC that generates its own traffic.
I guess it would be good if you wanted to log into a website that uses unsecured http. As if you could find any that doesn't run https these days. And you really needed to do it over a public hotspot.
@@hottoniapalustris1541 all serious sites use https even RUclips. If a site has the very easy to notice “big scary red lock” and you type your bank credentials in there anyways, yeah you probably may as well have a vpn or only install apps from fking windows store
Public wifi or some other shared network is an ok use case. But yeah, I get vpn with my proton mail and rarely use it.
Do you browse non-HTTPS web sites over public WIFI???
@@volodumurkalunyak4651 eh ti be honest people being this stupid is so rare no hacker would waste his time trying to find them
@@PanosPitsi novadays hackers have nouthing to hack on public wifi so inability to find those who try doesnt matter.
It's also crazy how to people don't understand that all their data over https is secure by default with the first party, that's why it is so hard to setup in the first place. The only thing anyone can spy on is what sites you visit, keep a log of it and do some social engineering on it, but that is not efficient or even legal in many places do be done by your ISP. You're also safe if you didn't sign a shady deal with your ISP about your privacy.
Getting https on your website is not hard what are you on about
Australian ISPs are required by law to hold data on your traffic for two years.
While I agree with the main point, as far as I can tell the security points are BS and you are definitely spot on about free VPN's several services (to use the obvious example NordVPN) have made a big deal publicly about their no-log policy and encrypted data streams. Because of this they would undoubtedly loose a huge chunk of business and get sued into the ground should they be discovered to be tracking user data.
For that reason I can understand using a paid VPN provider which makes a big deal out of no-log policies for privacy concerns (also FYI your suggested alternative of an amazon server at $10 per month is more expensive than most of these services (at least on a yearly plan))
"You can setup your own VPN on AWS, and pump all your traffic through AWS semi-anonymously, without leaning on a VPN company to manage your traffic for you."
That. And a lot of the major companies they advertise benefits from (like movie streaming, etc.) have blacklisted the endpoints of these commercial VPNs, so they don't work for that either. It's less likely they'll have blacklisted your personal cloud VPN instance.
You can also use free VPN's to bypass rate limits based on your IP. Helpful for free stuff
MullvadVPN seems to a legit company you can trust, you don't even have to login, and you can send them actual money in the mail to pay for it if you want. Also always a flat rate monthly, no 2-year "deal".
I hate those VPN commercials and the flat out wrong info they sell. On TV there’s laws against false advertising why they don’t apply on the net is beyond me.
And most people don’t know how VPNs work and believe the crap that is peddled.
If you want a VPN just get yourself a cloud provider get a Docker container with OpenVPN and spawn it in a region of choice to watch Netflix in that region.
reason number 3: You wanna watch shows that are not broadcasted in your country 😬
3rd use case: piracy. Avoid whoever's connection you are using to receive a notice of illegal download.
Another alternative to a VPN that I used in the past was to connect to my web hosting service and use SSH tunneling. $140/3 years if I remember correctly. They no longer allow SSH tunneling unfortunately (probably because I used too much bandwidth).