this post was submitted on 04 May 2022
25 points (93.1% liked)

Privacy

31874 readers
549 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Anyone know if a self-hosted VPN is 100% secure?

all 10 comments
sorted by: hot top controversial new old
[–] Slatlun@lemmy.ml 11 points 2 years ago (2 children)

Honest question - Would self hosting a VPN (for the purpose of bypassing your ISP) even do anything? The end point would still need an ISP (that you've signed up for) and would be just as exposed as you are from your original connection, right?

[–] DengueDucky@lemmy.ml 8 points 2 years ago (3 children)

The privacy you get from a VPN service is mainly from mixing your traffic with many other users and not keeping logs. No one knows for sure who visited which site.

If you self host a VPN, that protects you from your own ISP, and the sites you visit will not get your real IP, but your server host still knows what's going on.

[–] X_Cli@lemmy.ml 3 points 2 years ago (1 children)

I don't think this argument is valid in a world where a global observer can already distinguish Tor traffic using timing and volume analysis.

Today, the best defense a VPN has to offer, privacy-wise, is protection against observers close to the victim, on hostile local network. Self-hosted VPNs can do that as well as any paying VPN service. The only reason I'm using a paying service myself is to circumvent geo restrictions. That's basically the only valid use-case.

[–] leanleft@lemmy.ml 3 points 2 years ago

vpn or searx [and sometimes].. Tor, are all not 100% perfect but they make identification more difficult and less certain.

[–] fadelkon@info.prou.be 2 points 2 years ago

This, assuming you self-host the other-host way, that is, hiring a vps and alike. Don't centralize the internet to commercial data-centers yet, please

[–] Slatlun@lemmy.ml 2 points 2 years ago
[–] Pan_de_dulce@lemmy.ml 3 points 2 years ago

I have the same question

[–] leanleft@lemmy.ml 1 points 2 years ago

one solution is to double down on Tor.
more usage means that every user needs to conserve bandwidth and also needs to run a relay. this assumes we might also be talking about ultra-light filesharing.
we could also see growth in migration to privacy-conscious internet overlay networks.

[–] sunblocker@lemmy.ml 1 points 2 years ago

It depends on what kind of threat you want to protect yourself against. VPN technology was never meant to do what most every day people are using it for these days.

A self hosted VPN will encrypt your network traffic between your device (laptop, smartphone, you name it) and your VPN server. So that cute hacker chick in the internet café can't see what websites you're browsing. But from your VPN server to the final destination, you'll have the rely on TLS (as in, HTTPS for example) which is secure but then the question is, what do you need the VPN for in the first place?

An argument can be made that websites have a harder time following your smartphone around the real world by tracking the changes of your IP address. Because the VPN server has a fixed IP address and websites will only see this one IP address when you use your VPN instead of seeing "oh, now they're using their home router's IP address after having used their mobile internet provider's IP address, so they must be home now". But then again, using this fixed IP address as the only user, websites can easily identify that it's you because nobody else uses your VPN server's IP address.

A commercial VPN service lets many different people use the commercial VPN server's IP address so there's much noise and it's hard for websites to make conclusions just based on the IP address.

But there's a catch: beyond masking your IP address no VPN service (self hosted or not) can add additional protection. There are so many more things besides your IP address that websites use to track your every move across websites and even across different devices you use. A VPN cannot protect you from cookies, fingerprinting techniques, malicious downloads, hackers, ...

So what can you take away from all this? While a VPN can be one part of your online security strategy, it alone isn't enough for privacy or security online. I'd recommend you do your own research on the topic and get a feeling for the evil things that websites and other actors can and will do to you, what data they collect and what they can learn from it. Armed with that knowledge you can evaluate what you see as the greatest risk in your situation/circumstances and protect yourself effectively using the measures you really need. Maybe you'll come to the conclusion that a VPN will help you achieve your goals, most likely you will need additional measures on top of or independent from a VPN.