EEVblog Electronics Community Forum

Computing => Networking & Wireless => Topic started by: bobcat2000 on February 15, 2021, 09:02:57 pm

Title: What is vpn service?
Post by: bobcat2000 on February 15, 2021, 09:02:57 pm
I set up a bunch of SonicWall and Cisco with site-to-site and client-to-site VPN for my clients.

I just don't get what a vpn service for consumers is.

Are they just a simple encryption service that use the word "VPN" as a marketing lingo?

Your data are routed to the vpn service providers.  They can just sell your data from their ends anyway.

Title: Re: What is vpn service?
Post by: retiredfeline on February 15, 2021, 09:12:48 pm
Client to site VPN is useful for employees WFH or on the go. It gives their computer an intranet address with an encrypted connection to the office.

Site to site VPN is used by companies wanting to link their sites together over encrypted connections.

Consumer VPN connections are often used by people wanting a different exit point, e.g. to bypass geoblocking. You could browse over https and the provider can't decode the traffic but they would know your destination. So you would have to trust them to some degree. In some cases nobody cases about that, e.g. watching a TV program only available in another country.
Title: Re: What is vpn service?
Post by: bobcat2000 on February 15, 2021, 09:32:18 pm
A friend of mine setup an open vpn server in his friend's house so he can watch local tv from another country.
I know what you say.

But I still don't get what the vpn service companies I see on tv commercial are selling.
I get it that they say if you want security surfing the web from Starbucks, you need a vpn service from them.

Most of the website are encrypted running off the HTTPS servers anyway.
Also, if you are working from Starbucks, you already have the vpn client connection from your office anyway.

Are they selling snake oil?

Title: Re: What is vpn service?
Post by: retiredfeline on February 15, 2021, 09:40:10 pm
Just making hay from FUD.
Title: Re: What is vpn service?
Post by: langwadt on February 15, 2021, 09:42:57 pm
https://youtu.be/WVDQEoe6ZWY
Title: Re: What is vpn service?
Post by: RenThraysk on February 15, 2021, 10:46:48 pm
VPN has become a much misused term.
People calling web proxies VPNs and so on.

Personally use a mesh VPN, tailscale, it forms a mesh between all my devices, so can do things like ssh from my mobile phone into a linux machine (assuming both have access to the wider internet).
Or run a private web server on a machine at home that is only accessible from my devices wherever they may be physically.

It's a breath of fresh air, over the previous generation VPNs. No configuration required. Just install tailscale on each device, login in and it becomes part of the private mesh network with each device having it's own static IP.
Title: Re: What is vpn service?
Post by: bobcat2000 on February 16, 2021, 12:13:20 am
https://youtu.be/WVDQEoe6ZWY

That was exactly what I thought about all those tv ads for VPN services.  You can find them on cnet, zdnet, pcmag, and a bunch of those online pc magazines.

They are just selling snake oil.


Title: Re: What is vpn service?
Post by: retiredfeline on February 16, 2021, 12:20:36 am
Well strictly speaking it isn't snake oil if it really is a VPN. Snake oil doesn't work. A VPN does but is probably unnecessary for most day-to-day usage. But you'll have your work cut out if you want to rail against every dodgy promotion aimed at the unwashed masses.
Title: Re: What is vpn service?
Post by: Halcyon on February 16, 2021, 05:34:43 pm
Personally use a mesh VPN, tailscale

Oh gawd, really? It seems these days tech companies throw the word "mesh" in front of a word and all of a sudden it becomes magic. Look at all the "mesh" wireless networking products available (never mind that a proper access point like Ubiquiti UniFi products do a better job at a cheaper price).

Not criticising you or your choices... I've never heard of or used Tailscale, but simply the trend of "meshing" everything. It's like adding Bluetooth to all and sundry. It's mostly marketing wank.
Title: Re: What is vpn service?
Post by: langwadt on February 16, 2021, 05:47:06 pm
Personally use a mesh VPN, tailscale

Oh gawd, really? It seems these days tech companies throw the word "mesh" in front of a word and all of a sudden it becomes magic. Look at all the "mesh" wireless networking products available (never mind that a proper access point like Ubiquiti UniFi products do a better job at a cheaper price).

Not criticising you or your choices... I've never heard of or used Tailscale, but simply the trend of "meshing" everything. It's like adding Bluetooth to all and sundry. It's mostly marketing wank.

throw in some 3d print, blockchain , cloud,  AI for good measure

Title: Re: What is vpn service?
Post by: Bassman59 on February 16, 2021, 08:26:52 pm
Personally use a mesh VPN, tailscale

Oh gawd, really? It seems these days tech companies throw the word "mesh" in front of a word and all of a sudden it becomes magic. Look at all the "mesh" wireless networking products available (never mind that a proper access point like Ubiquiti UniFi products do a better job at a cheaper price).

Not criticising you or your choices... I've never heard of or used Tailscale, but simply the trend of "meshing" everything. It's like adding Bluetooth to all and sundry. It's mostly marketing wank.

throw in some 3d print, blockchain , cloud,  AI for good measure

how could you forget IoT?
Title: Re: What is vpn service?
Post by: David Hess on February 16, 2021, 08:54:15 pm
A VPN service also provides security when using an untrusted service like any WiFi hotspot.

When I had internet access through AT&T's U-Verse service, access through my VPN to a point half way across the US was several times faster which suggests AT&T was transparently proxying anything which was not encrypted.  Eventually it was the only way I could get IPv6 after AT&T blocked protocol 41.
Title: Re: What is vpn service?
Post by: RenThraysk on February 16, 2021, 09:44:49 pm
Personally use a mesh VPN, tailscale

Oh gawd, really? It seems these days tech companies throw the word "mesh" in front of a word and all of a sudden it becomes magic. Look at all the "mesh" wireless networking products available (never mind that a proper access point like Ubiquiti UniFi products do a better job at a cheaper price).

Not criticising you or your choices... I've never heard of or used Tailscale, but simply the trend of "meshing" everything. It's like adding Bluetooth to all and sundry. It's mostly marketing wank.

It is an accurate description of what it does?  Mesh is a specific network topology.
All connections between devices are direct (unless for some reason both devices can't see each other then uses a relay), forming a mesh using WireGuard tunnels which are point to point.

Find it very strange supposedly technical people are having problems with simple networking terms.
Title: Re: What is vpn service?
Post by: NiHaoMike on February 17, 2021, 01:52:45 am
A VPN service also provides security when using an untrusted service like any WiFi hotspot.
For that use case, you can also consider running your own VPN server with PiVPN or similar.
Title: Re: What is vpn service?
Post by: David Hess on February 19, 2021, 10:12:35 pm
A VPN service also provides security when using an untrusted service like any WiFi hotspot.

For that use case, you can also consider running your own VPN server with PiVPN or similar.

I did that for many years with my VPN server on my home internet connection, which also gave me secure access to the systems on my LAN.
Title: Re: What is vpn service?
Post by: Halcyon on February 20, 2021, 10:05:05 pm
A VPN service also provides security when using an untrusted service like any WiFi hotspot.

Only as far as you can trust that VPN service. Even on completely unencrypted WiFi, most services are using strong encryption anyway.
Title: Re: What is vpn service?
Post by: bobcat2000 on February 21, 2021, 09:11:54 pm
Only as far as you can trust that VPN service. Even on completely unencrypted WiFi, most services are using strong encryption anyway.

Exactly.  I think those VPN services they want to sell you from the TV ads are a ripoff.

Unless you are sending email using SMTP.  That does not have any encryption.
Title: Re: What is vpn service?
Post by: madires on February 21, 2021, 09:36:19 pm
Unless you are sending email using SMTP.  That does not have any encryption.

https://tools.ietf.org/html/rfc3207 ;)
Title: Re: What is vpn service?
Post by: bobcat2000 on March 09, 2021, 01:04:56 am
They just has a post on this topic.  I think this article is full of it.  I read it as a "one-man opinion".  It proves nothing.

VPN services are secure because they know what they are doing.  "...Yea right.  Sure.  Trust me."  Something like this.

https://www.zdnet.com/article/reader-question-answered-if-i-have-https-do-i-need-a-vpn/ (https://www.zdnet.com/article/reader-question-answered-if-i-have-https-do-i-need-a-vpn/)
Title: Re: What is vpn service?
Post by: David Hess on March 10, 2021, 05:26:30 pm
A VPN service also provides security when using an untrusted service like any WiFi hotspot.

Only as far as you can trust that VPN service. Even on completely unencrypted WiFi, most services are using strong encryption anyway.

But I *know* that I cannot trust any ISP or hotspot, and with a VPN, I do not need to.
Title: Re: What is vpn service?
Post by: asrinur on June 11, 2021, 03:10:04 pm
Client to site VPN is useful for employees WFH or on the go. It gives their computer an intranet address with an encrypted connection to the office.

Site to site VPN is used by companies wanting to link their sites together over encrypted connections.

Consumer VPN connections are often used by people wanting a different exit point, e.g. to bypass geoblocking. You could browse over https and the provider can't decode the traffic but they would know your destination. So you would have to trust them to some degree. In some cases nobody cases about that, e.g. watching a TV program only available in another country.

thank you for your answer. I was also looking for this a while back and stumbled across it here.  :-+
Title: Re: What is vpn service?
Post by: Marco on June 11, 2021, 04:09:02 pm
A VPN will hide your IP too. Even without a static IP, big parties such as Google can trivially tie your IP to an identity unless you are super privacy minded and with a static IP a lot of smaller players can too. Just need one compromised endpoint with a known login to tie it all together.

If you download questionable materials it can be relevant.

PS. webrtc leaks your IP by default, because of course