What the hell Proton!
What the hell Proton!
You're viewing a single thread.
253 comments
-
Well with https enforced and secure dns not much to worry about.
-
Maybe from a security perspective but in terms of privacy, no. SNI can still be read, and just because DNS isnโt plaintext doesnโt mean itโs not possible to see which servers youโre talking to. And like others have said, thereโs still a lot happening in plaintext at the OS and/or application level.
-
Still doesn't make a VPN the "magic all in one solution" it claims to be. And SNI is encrypted on newer servers using encrypted client hello (ECH).
In terms of privacy, you're switching around which entity gets to see a ton of details. Do you trust random public wifi enough, given modern security standards? Or do you trust a VPN company more, despite false advertising?
Use HTTPS and DoH (Becoming a default on some Android versions), and the average person will be just fine without a VPN.
-
That doesnโt really solve the issue of others near the public network being able to sniff out which IP addresses youโre connecting to. In fact, they could deny service to your DoH provider and force DoH not work (if they did the same to the VPN endpoint hopefully your VPN has a kill switch).
As for shifting the entity that sees your network traffic, thatโs true and you definitely have to trust the VPN provider (and whatever company their traffic is passing through).
-
-
-
253 comments