Firstly, thanks for all the great videos Dave! I just wanted to say that I've lived in China for about 10 years now, and I have been using Astrill VPN for about 2-3 years now (which I've found is very terribly rated on thatoneprivacysite.net). I think the rating is probably accurate, Astrill is probably logging/reselling my data, which I'm not at all a fan of. However, when I looked into your VPN, Mullvad, I was slightly dismayed to note the following: for credit/debit they don't accept UnionPay, a must for Chinese bank account holders; no app for mobile Android/iOS systems. So a little note of context on users in China: we don't primarily use the VPN for anonymity per se, and anonymity is difficult anyway because most services/apps require identity verification and are essentially backdoors into your system (I'm talking about you, Wechat). What do we use it for? To get around the Great Firewall, which uses DNS poisoning, IP blocking, and other means of preventing access to certain websites, such as Google, RUclips, and Facebook. Astrill has an amazing architecture that works on Linux (both Debian/RHEL based versions), Windows, MacOS, iOS, Android, and more I think. The user experience is generally consistent across platforms, which is no easy feat, and on Android you can decide which apps use the VPN and which don't, allowing you to be on it for RUclips, but off it for, say, Alipay. This itself may be a threat to anonymity, as if you allow Alipay to access system files, it could potentially go into places it doesn't belong. Anywho, my point is it would be great to see some of these features come to Mullvad as they grow. Perhaps I'll write them a similar note of encouragement to try to break into the Chinese market, as 1 in 5 people on Earth is Chinese, so it's kind of an important market.
7:30 Question: The internet provider might not see you're going to netflix, but he will still see that a lot of traffic is coming in, right? I mean there probably is a certain pattern of packages that can be associated with streaming, right? So he could still cut back on that bandwith, because if you're watching a movie, you probably wont use other services at the same time. I guess the main risk is that the slow bandwith will be blamed on the internet provider and not netflix.
But you ISP still can see what kind of traffic it is, since streaming packages differ from 'just' browsing websites data, since streaming is mostly done via UDP.
@Domy No Buddy, the intensity of mediastreaming is way higher, compared to 'just' browsing websites. And UDP doesn't know data integrity, something that matters less for mediacontent, but HTTPS traffic is TCP /TLS.
@Domy it's correct that VPNs use UDP, because of the overhead, the ISP still can see the data flow (also within the tunnel, though it is encrypted. And the fact that you are streaming, it's more intense than casual browsing, is perfectly visible for them and the even can Fingerprint the traffic. Same goes for Tor, it's visible for the ISP... 512->586 bytes
I think that VPNs are worth the trouble...but people assume that they are the end-all, be-all privacy tool. This video (ruclips.net/video/if_RYUiHDio/видео.html) explains why VPNs aren't totally private and secure. People still need to be cautious when connected to the internet.
Holy crap, 60k subs -- thanks for letting me know! I've been super distracted (moving, finishing up a side project, etc. etc.). Time to make a bunch of the YT videos I've been planning! Woohoo!
So https encrypts the text on the pages your browsing but not the sites addresses? so the isp or hackers can still see what sites your visiting, but if you use a vpn then does the vpn encrypt the sites your visiting too? Also if your browsing data is encrypted between you and the vpn server then is your data unencrypted between the vpn server and the site your browsing? So the sites your browsing can still see what your browsing and also your IP address etc? Also what’s the best vpn for EASE of use on Linux like Mint/Ubuntu/Qubes etc? I hear only AirVPN have a proper GUI client/interface? I currently use expressvpn for iPhone and windows 10 but it’s awkward using the terminal client until my linux skills are better, so it’s been hard to to find a single but excellent vpn to use on all 3 platforms so I’m considering using the slightly cheaper nordvpn for windows 10 and iPhone, plus AirVPN for Linux with long term contracts to keep the costs down? Someone suggested using just AirVPN for windows and Linux and using free Windscribe for iPhone but not sure I should trust free windscribe? Any suggestions would be appreciated
It's safe as long as you're using HTTPS to connect to your webmail provider or online store, since TLS encrypts between your machine and the target server. Even a malicious VPN provider can't listen in on your traffic, although they *could* see which sites you're going to, just as a malicious ISP could. Unlike your ISP, they have strong incentives *not* to do this, though. The important thing to remember is that a VPN (and HTTPS) only gives you privacy from the people *between* your laptop and the service you're connecting to -- your ISP, compromised routers, government spying, etc.. If you have an account/identity at that service (e.g. Gmail, Netflix, etc.), and they are selling your private information to 3rd parties, your privacy has still been compromised.
thank you, your channel is one of my favorite, in the next video is it possible to point out the different between { vpn service } like wireguard and openvpn ? if there is a different at all
Yes, there are ways to find out if you're in a sandbox -- often relating to the abstractions Linux gives you around hardware access. Look for recent papers/exploits/research that allow breaking out of KVM -- there are new Xen exploits every few months, for example.
I'm personally comfortable with the level of risk and the (known) threats there, but that doesn't mean it's the right answer for everyone. I have friends who are comfortable with far more risk than me (a VPN in a five eyes country) and some who are comfortable with far less (avoiding fourteen eyes). It's definitely a question worth answering for yourself, though.
Yeah, those are great. I've been super happy with Mullvad. I use Arch for all my 'real' work at home. Full list of stuff I use here: tutorialinux.com/linux-everyday-carry-distro-editor-software-hardware-tools-use/
Netflix doesn't really care. The big studios behind them are putting a lot of pressure on Netflix because they don't like it at all when region locks are bypassed.. But this might change soon as some laws are on the way in the EU to prevent region locks. Amazon actually played their cards well by giving you content based on for which domain you bought prime instead of checking if you are using a VPN...
that's the thing, the VPNs know that and try to bypass at any cost. I know only few that actually works with Netflix, I can recommend the one I'm using - NordVPN.
Hi, i need some help. fflush(stdin) not work in linux I use while((getchar() != ' '); And work for some exercises but I need now go out of a while of string so need fflush so take the word correct i enter. Can you help me you know a lot of linux! While(strcmp(day, "tuesday") || strcmp(day, "monday")){ printf("Error.Enter a valid day: "); fgets("day,10,stdin); fflush(stdin); //not work } Thanks
vpns are good but your doomsday stuff regarding net neutrality seems un founded almost 2 years later. I work for a small ISP and this will allow more ISP's to pop up and long term I do think it's good over all because it spurs innovation and start ups and more competition for ISPs. Especially with 5g coming up, and ideally will allow more competition in the future.
I don’t think we suggested the internet would burn down, just that regular people would get screwed. Which they did! Internet access is more expensive than ever for Americans, most don’t have a choice of providers, and customer information is being sold off more or less as the doom-and-gloomers predicted. The situation kind of sucks. No need to be flippant.
It's definitely a good start, but there are lots of devious things that bad people can do to de-anonymize you even with VPN + incognito. Your best bet for something approaching true anonymity is something like the Tails Linux distro, Tor browser, VPN which you created with a separate identity, and then (if you want to get really crazy) creating a new identity every few months to keep more advanced content correlation stuff from working. True anonymity is unbelievably difficult to achieve, and involves training yourself to never mention time of day, weather outside, hobbies, gender, identifying marks, etc. in your online conversations. But you're right -- Tor, VPN, and Firefox Incognito gets you about 80% of the way there for 10% of the effort.
Unplug your router, burn the house, kill everyone you know, get to Siberia without being seen and live in the bushes. Starting then you would be almost untraceable.
Couldn't resist featuring Deus Ex again! Thanks for reminding me that I need to start using a VPN.
Hah, I put it in there for the OG tutorialinux people who remember me doing that regularly back in the day. More coming!
Firstly, thanks for all the great videos Dave! I just wanted to say that I've lived in China for about 10 years now, and I have been using Astrill VPN for about 2-3 years now (which I've found is very terribly rated on thatoneprivacysite.net). I think the rating is probably accurate, Astrill is probably logging/reselling my data, which I'm not at all a fan of. However, when I looked into your VPN, Mullvad, I was slightly dismayed to note the following: for credit/debit they don't accept UnionPay, a must for Chinese bank account holders; no app for mobile Android/iOS systems.
So a little note of context on users in China: we don't primarily use the VPN for anonymity per se, and anonymity is difficult anyway because most services/apps require identity verification and are essentially backdoors into your system (I'm talking about you, Wechat). What do we use it for? To get around the Great Firewall, which uses DNS poisoning, IP blocking, and other means of preventing access to certain websites, such as Google, RUclips, and Facebook.
Astrill has an amazing architecture that works on Linux (both Debian/RHEL based versions), Windows, MacOS, iOS, Android, and more I think. The user experience is generally consistent across platforms, which is no easy feat, and on Android you can decide which apps use the VPN and which don't, allowing you to be on it for RUclips, but off it for, say, Alipay. This itself may be a threat to anonymity, as if you allow Alipay to access system files, it could potentially go into places it doesn't belong.
Anywho, my point is it would be great to see some of these features come to Mullvad as they grow. Perhaps I'll write them a similar note of encouragement to try to break into the Chinese market, as 1 in 5 people on Earth is Chinese, so it's kind of an important market.
That's interesting; thanks for sharing.
7:30 Question: The internet provider might not see you're going to netflix, but he will still see that a lot of traffic is coming in, right? I mean there probably is a certain pattern of packages that can be associated with streaming, right? So he could still cut back on that bandwith, because if you're watching a movie, you probably wont use other services at the same time. I guess the main risk is that the slow bandwith will be blamed on the internet provider and not netflix.
Great video. There is so much disinformation out there regarding VPN and so many people that don't actually know what they are talking about.
Uplink is such a great game! So simple but challenging and interesting at the same time
But you ISP still can see what kind of traffic it is, since streaming packages differ from 'just' browsing websites data, since streaming is mostly done via UDP.
@Domy No Buddy, the intensity of mediastreaming is way higher, compared to 'just' browsing websites. And UDP doesn't know data integrity, something that matters less for mediacontent, but HTTPS traffic is TCP /TLS.
@Domy it's correct that VPNs use UDP, because of the overhead, the ISP still can see the data flow (also within the tunnel, though it is encrypted. And the fact that you are streaming, it's more intense than casual browsing, is perfectly visible for them and the even can Fingerprint the traffic. Same goes for Tor, it's visible for the ISP... 512->586 bytes
I think that VPNs are worth the trouble...but people assume that they are the end-all, be-all privacy tool.
This video (ruclips.net/video/if_RYUiHDio/видео.html) explains why VPNs aren't totally private and secure. People still need to be cautious when connected to the internet.
Congrats on 60k subs!!!!!!
(I've been following you since you had ~5000)
Holy crap, 60k subs -- thanks for letting me know! I've been super distracted (moving, finishing up a side project, etc. etc.). Time to make a bunch of the YT videos I've been planning! Woohoo!
So https encrypts the text on the pages your browsing but not the sites addresses? so the isp or hackers can still see what sites your visiting, but if you use a vpn then does the vpn encrypt the sites your visiting too?
Also if your browsing data is encrypted between you and the vpn server then is your data unencrypted between the vpn server and the site your browsing? So the sites your browsing can still see what your browsing and also your IP address etc?
Also what’s the best vpn for EASE of use on Linux like Mint/Ubuntu/Qubes etc? I hear only AirVPN have a proper GUI client/interface? I currently use expressvpn for iPhone and windows 10 but it’s awkward using the terminal client until my linux skills are better, so it’s been hard to to find a single but excellent vpn to use on all 3 platforms so I’m considering using the slightly cheaper nordvpn for windows 10 and iPhone, plus AirVPN for Linux with long term contracts to keep the costs down?
Someone suggested using just AirVPN for windows and Linux and using free Windscribe for iPhone but not sure I should trust free windscribe?
Any suggestions would be appreciated
How trustworthy do you think are those free VPN's provided by browsers like Opera?
It seems my router is broken, can you please fix it for me?
Hi Dave,
Love this series!! Just wanted to ask if this series is enough to get started with AWS.
Thanks!
+1 For uplink, Jesus that game takes me back man
I've loved the video series, and using uplink as an aid made me smile.
how is expressvpn?
Is a VPN safe to use when checking email or an online business?
It's safe as long as you're using HTTPS to connect to your webmail provider or online store, since TLS encrypts between your machine and the target server. Even a malicious VPN provider can't listen in on your traffic, although they *could* see which sites you're going to, just as a malicious ISP could. Unlike your ISP, they have strong incentives *not* to do this, though. The important thing to remember is that a VPN (and HTTPS) only gives you privacy from the people *between* your laptop and the service you're connecting to -- your ISP, compromised routers, government spying, etc.. If you have an account/identity at that service (e.g. Gmail, Netflix, etc.), and they are selling your private information to 3rd parties, your privacy has still been compromised.
Hi. What about proxy chains and anonsurf in Linux? Are they also not so good?
You have a great taste for video games.
But setting up your own can save us from ISPS?
Great video. Please if possible made a video on IPSEC
thank you, your channel is one of my favorite, in the next video is it possible to point out the different between { vpn service } like wireguard and openvpn ? if there is a different at all
hi Noob :). dont you install a OpenVpn server ? so you connect to?, there is a server side software.
but how do you know Vpn servers are not compromised ?
You don't. But you do know that your ISP IS compromised.
I have a question that is unrelated, sorta. If someone was sandboxed would they know it? Would there be any possible indicators?
Yes, there are ways to find out if you're in a sandbox -- often relating to the abstractions Linux gives you around hardware access. Look for recent papers/exploits/research that allow breaking out of KVM -- there are new Xen exploits every few months, for example.
What's your thoughts on "fourteen eyes" countries, should you avoid them?
I'm personally comfortable with the level of risk and the (known) threats there, but that doesn't mean it's the right answer for everyone. I have friends who are comfortable with far more risk than me (a VPN in a five eyes country) and some who are comfortable with far less (avoiding fourteen eyes). It's definitely a question worth answering for yourself, though.
use DNS over HTTPS (DoH) for more privacy :)
I caught the part in the Deus Ex email about an "anonymous email!' hehe! Oh, and you're right. Deus Ex is the best game ever! hehe!
thatoneprivacysite.net and mullvad ftw. Thanks for the video. Also, was wondering what distro do you use at home?
Yeah, those are great. I've been super happy with Mullvad. I use Arch for all my 'real' work at home. Full list of stuff I use here: tutorialinux.com/linux-everyday-carry-distro-editor-software-hardware-tools-use/
Thanks for the response!
U P L I N K B O Y S
Ahh I remember this game, its sooooooo old but very good.
Good content, as usual!
Most vpns are broken or snooping.
Eyy, i love Uplink! :D
There it was! was looking! :)
Netflix won't let you use their service if they detect you are using a VPN.
Ah, good to know -- I must have been getting lucky exit IPs...
Netflix doesn't really care. The big studios behind them are putting a lot of pressure on Netflix because they don't like it at all when region locks are bypassed.. But this might change soon as some laws are on the way in the EU to prevent region locks. Amazon actually played their cards well by giving you content based on for which domain you bought prime instead of checking if you are using a VPN...
that's the thing, the VPNs know that and try to bypass at any cost. I know only few that actually works with Netflix, I can recommend the one I'm using - NordVPN.
Hi, i need some help.
fflush(stdin) not work in linux
I use while((getchar() != '
');
And work for some exercises but
I need now go out of a while of string so need fflush so take the word correct i enter.
Can you help me you know a lot of linux!
While(strcmp(day, "tuesday") || strcmp(day, "monday")){
printf("Error.Enter a valid day: ");
fgets("day,10,stdin);
fflush(stdin); //not work
}
Thanks
Sorry Luciano; wrong place -- try StackOverflow's C programming tag.
tutoriaLinux oww thank anyway
why is this related to vpn?
vpns are good but your doomsday stuff regarding net neutrality seems un founded almost 2 years later. I work for a small ISP and this will allow more ISP's to pop up and long term I do think it's good over all because it spurs innovation and start ups and more competition for ISPs. Especially with 5g coming up, and ideally will allow more competition in the future.
Its 2021, I am from the future, the internet did not burn down, the sky did not fall when Net Neutrality went away... Just sayin....
I don’t think we suggested the internet would burn down, just that regular people would get screwed. Which they did! Internet access is more expensive than ever for Americans, most don’t have a choice of providers, and customer information is being sold off more or less as the doom-and-gloomers predicted. The situation kind of sucks. No need to be flippant.
aye
VPN + Incognito Mode = *Untraceable*
It's definitely a good start, but there are lots of devious things that bad people can do to de-anonymize you even with VPN + incognito. Your best bet for something approaching true anonymity is something like the Tails Linux distro, Tor browser, VPN which you created with a separate identity, and then (if you want to get really crazy) creating a new identity every few months to keep more advanced content correlation stuff from working. True anonymity is unbelievably difficult to achieve, and involves training yourself to never mention time of day, weather outside, hobbies, gender, identifying marks, etc. in your online conversations. But you're right -- Tor, VPN, and Firefox Incognito gets you about 80% of the way there for 10% of the effort.
Unplug your router, burn the house, kill everyone you know, get to Siberia without being seen and live in the bushes. Starting then you would be almost untraceable.
Ignorance is bliss
I was just making a little joke but thanks for letting me learn a little more about networking and privacy
VPN + Tor = untraceable
Thank god im not living in US.