Anyone know if a self-hosted VPN is 100% secure?

  • Slatlun@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    3 years ago

    Honest question - Would self hosting a VPN (for the purpose of bypassing your ISP) even do anything? The end point would still need an ISP (that you’ve signed up for) and would be just as exposed as you are from your original connection, right?

    • DengueDucky@lemmy.ml
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      3 years ago

      The privacy you get from a VPN service is mainly from mixing your traffic with many other users and not keeping logs. No one knows for sure who visited which site.

      If you self host a VPN, that protects you from your own ISP, and the sites you visit will not get your real IP, but your server host still knows what’s going on.

      • X_Cli@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        3 years ago

        I don’t think this argument is valid in a world where a global observer can already distinguish Tor traffic using timing and volume analysis.

        Today, the best defense a VPN has to offer, privacy-wise, is protection against observers close to the victim, on hostile local network. Self-hosted VPNs can do that as well as any paying VPN service. The only reason I’m using a paying service myself is to circumvent geo restrictions. That’s basically the only valid use-case.

        • leanleft@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          3 years ago

          vpn or searx [and sometimes]… Tor, are all not 100% perfect but they make identification more difficult and less certain.

      • fadelkon@info.prou.be
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        This, assuming you self-host the other-host way, that is, hiring a vps and alike. Don’t centralize the internet to commercial data-centers yet, please

  • leanleft@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    3 years ago

    one solution is to double down on Tor.
    more usage means that every user needs to conserve bandwidth and also needs to run a relay. this assumes we might also be talking about ultra-light filesharing.
    we could also see growth in migration to privacy-conscious internet overlay networks.

  • ~sunblocker@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    3 years ago

    It depends on what kind of threat you want to protect yourself against. VPN technology was never meant to do what most every day people are using it for these days.

    A self hosted VPN will encrypt your network traffic between your device (laptop, smartphone, you name it) and your VPN server. So that cute hacker chick in the internet café can’t see what websites you’re browsing. But from your VPN server to the final destination, you’ll have the rely on TLS (as in, HTTPS for example) which is secure but then the question is, what do you need the VPN for in the first place?

    An argument can be made that websites have a harder time following your smartphone around the real world by tracking the changes of your IP address. Because the VPN server has a fixed IP address and websites will only see this one IP address when you use your VPN instead of seeing “oh, now they’re using their home router’s IP address after having used their mobile internet provider’s IP address, so they must be home now”. But then again, using this fixed IP address as the only user, websites can easily identify that it’s you because nobody else uses your VPN server’s IP address.

    A commercial VPN service lets many different people use the commercial VPN server’s IP address so there’s much noise and it’s hard for websites to make conclusions just based on the IP address.

    But there’s a catch: beyond masking your IP address no VPN service (self hosted or not) can add additional protection. There are so many more things besides your IP address that websites use to track your every move across websites and even across different devices you use. A VPN cannot protect you from cookies, fingerprinting techniques, malicious downloads, hackers, …

    So what can you take away from all this? While a VPN can be one part of your online security strategy, it alone isn’t enough for privacy or security online. I’d recommend you do your own research on the topic and get a feeling for the evil things that websites and other actors can and will do to you, what data they collect and what they can learn from it. Armed with that knowledge you can evaluate what you see as the greatest risk in your situation/circumstances and protect yourself effectively using the measures you really need. Maybe you’ll come to the conclusion that a VPN will help you achieve your goals, most likely you will need additional measures on top of or independent from a VPN.