this post was submitted on 16 May 2024
36 points (100.0% liked)

Technology

37603 readers
517 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
Los@beehaw.org
coldredlight@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org
36
Does a VPN used on a smartphone with Wi-Fi disabled (mobile data only enabled) provide any sort of protection? (beehaw.org)
submitted 4 months ago by hedge@beehaw.org to c/technology@beehaw.org
65 comments fedilink hide all child comments
 

I've never completely understood this, but I think the answer would probably be "no," although I'm not sure. Usually when I leave the house I turn off wifi and just use mobile data (this is a habit from my pre-VPN days), although I guess I should probably just keep it on since using strange Wi-Fi with a VPN is ok (unless someone at Starbucks is using the evil twin router trick . . . ?). I was generally under the impression that mobile data is harder to interfere with than Wi-Fi, but I could well be wrong and my notions out of date. So, if need be, please set me straight. 🙂

you are viewing a single comment's thread
view the rest of the comments
[–] dfyx@lemmy.helios42.de 3 points 4 months ago* (last edited 4 months ago) (3 children)

While my threat model is not universal, it comes close, at least for the average user which OP seems to be from their question. In practice, there is very little unencrypted traffic these days and in the case of that traffic you will have to ask yourself if your (commercial) VPN provider is more trustworthy than your ISP.

If you need to ask if you need a VPN there's a 99% chance that you don't. There are certainly a few use cases for both commercial VPNs and TOR (see my other comment) but to even be aware that those apply to you, you probably already have enough technical knowledge to approach the question from the direction "I want to do XYZ, how can I be more secure?" and not "I've heard of VPNs, do I need one?"

[–] eleitl@lemmy.ml 8 points 4 months ago (1 children)

My national government has no business knowing which protocols I use to contact which endpoints and tamper with that traffic. Wrapping up that information in a tunnel is a good first protection layer.

[–] dfyx@lemmy.helios42.de 5 points 4 months ago (3 children)

If you're using a commercial VPN from a provider who can legally operate in your country, your national government can just as easily get that information from them as from your ISP.

[–] jet@hackertalks.com 6 points 4 months ago

Correct. But that's no reason to make it easy for them. Burglars can break my windows and climb through and steal my stuff. I'm still going to lock my doors

[–] eleitl@lemmy.ml 3 points 4 months ago

How would a national government (not TLAs) target particular individuals in a large number of users and what information can they gather given e.g. https://mullvad.net/en/help/no-logging-data-policy ? So perhaps not quite as easily as ordering a tap.

[–] to55@discuss.tchncs.de 3 points 4 months ago

While ISPs are in many jurisdictions obligated to log your connections (data retentions laws), VPN providers are not.

[–] jet@hackertalks.com 3 points 4 months ago

Even though most data traffic is encrypted who you're talking to is not encrypted.

So a third party can observe, who you're talking to, how much data you're sending to them, how frequently you talk to them....

The classic example is if you start visiting a suicide prevention website, even though they don't know the content that you're being served, they can guess oh you're having mental issues. We should revoke your security clearance... Etc

[–] to55@discuss.tchncs.de 1 points 4 months ago

It’s not just all about encrypting traffic. Many people connect to the internet over a static IP most of the time from their home network. A VPN provides protection against tracking in this case.