API tools faq
paste
opsanon77

Opsec Discussion VPN's

opsanon77
Jul 16th, 2023
73
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.97 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. >Welcome to the /XMR/ General opsec discussion!
  2. Firstly I just wanted to mention that its been a pleasure putting these together for the /XMR/ community! The feedback received so far has been overwhelmingly positive and I look forward to continuing these sessions into the future.
  3. In this session we will discuss Virtual Private Networks, What are they, how and why should we use them and what are their limitations. There are a LOT of misconceptions and false beliefs around VPN's and hopefully we can clear up some confusion and set you on the road to making informed choices.
  4.  
  5. >Previous weeks discussion
  6. PGP - pastebin.com/K5uK4vvg
  7. File Verification - pastebin.com/64jdYSua
  8. Compartmentalization - pastebin.com/fduPVLmV
  9. Case File Reading - pastebin.com/6Jgr2zsL
  10. >OpsAnon's public key
  11. pastebin.com/kiEVscyb
  12.  
  13.  
  14. >What is a VPN?
  15.  
  16. A VPN or Virtual Private Network is an encrypted connection over the Internet from an user's device to a network. The private connection runs on top of the public internet by using tunneling protocols and encryption that prevent an outsider from seeing where that data is coming and going from. VPN's are commonly used in enterprise networks to allow employee's to remotely access their employers LAN, this became even more popular with the increase of work from home employees, a VPN can also be used by a generic end user to hide their IP from websites and to obscure your traffic from your ISP.
  17.  
  18.  
  19.  
  20. >Why Should I Use A VPN?
  21.  
  22. For a generic end user, a VPN is a valuable tool to protect your privacy while connecting to the internet both from your home network and especially while using a public network. A VPN can help us in many ways but here is a short list of the most common use cases:
  23. -Avoiding "Man in the Middle" attacks on public networks
  24. -Obfuscating our IP when engaged in activities like torrenting
  25. -Preventing websites from gaining our true IP
  26. -Bypassing geographical blocking
  27. -Minimizing advertising tracking & ISP snooping
  28.  
  29.  
  30.  
  31. >Limitations OF VPN's
  32.  
  33. VPN's ARE NOT A HOLLISTIC PRIVACY SOLUTION AND WILL NOT MAKE YOU ANONYMOUS!
  34. When using a VPN you are essentially transferring your trust from your ISP to the company that provides your VPN. There are a multitude of ways in which your anonymity can be broken other than determining your IP ex: browser fingerprinting, DNS leaks and WebRTC leaks. New users are often misled by overstated advertising by VPN providers and other misinformed users that think a VPN will make you untraceable, this is a very common and dangerous misconception that I want to make absolutely clear is untrue. Other limitations include increased latency, encryption inherently slows connection speeds, as does the additional routing to the providers servers especially if the server you are connecting to is far from your IRL location. A false sense of security can also be considered a limitation, users may think that they are more protected than they actually are, resulting in a lack of attention or the outright disregard of other essential measures.
  35.  
  36.  
  37. >Choosing a VPN Provider
  38.  
  39. When researching a provider there are a few things you should always look for and keep in mind. Lets look at a few of the most important metrics by which we can judge a providers trustworthiness.
  40.  
  41. -Paid VS Unpaid
  42. There is a common saying in the security/privacy world, "If it's free, you are the product". When using a free VPN, it is more than likely that they are keeping your traffic logs and they may be sold off for profit by the provider. Unpaid VPN's also typically experience slower connections, less secure encryption and even the injection of advertising. You should always avoid "free" VPN services, if your privacy is worth enough for you to be reading these discussions, it is worth paying a few bucks a month for.
  43.  
  44. -Logging policy
  45. It is important to review the providers policy on log retention. Some providers will actually keep logs of your traffic while you are using the VPN. For obvious reasons this is an immediate "trash it" flag, if the provider is keeping logs they are likely using reselling the logs to data brokers and advertising companies. The retention of traffic logs also may pose a security risk if the provider experiences a breach, potentially putting your comings and goings in the hands of a malicious or state actor.
  46.  
  47. -Audits
  48. Reputable VPN providers should have third party audits conducted on their services and to verify their log retention commitment. Take note of when these audits took place and if there have been changes to their policies since the last audit.
  49.  
  50. -Country of Origin
  51. For many users, they prefer to deal with VPN providers who are based outside Five Eyes partner countries and ones which are not based in countries that have poor records with regards to data security. For example, you probably wouldn't want to choose a provider that is based in China as they often are required to hand over information upon request.
  52.  
  53.  
  54. >Providers
  55.  
  56. A big concern in making this discussion was that I do not want to come of as a shill for any particular VPN provider, there are already advertisements everywhere and enough braindead youtubers shilling overpriced and overstated services. We will look at a couple of popular providers as well as a few pro's and con's for each, but this is in no means an endorsement of any provider DYOR.
  57.  
  58. -Mullvad
  59. This provider is based in Sweden and provides a lightweight VPN UI for Windows, Android, MacOS and iOS.
  60. Pro's:
  61. - Audited by third party in June 2022
  62. - No logs retained
  63. - Can be paid by various methods including crypto and cash by mail
  64. - User accounts require no personal information (based on an account number)
  65. Con's
  66. - Port forwarding no longer supported
  67. - Fewer available servers than some providers
  68.  
  69. -Proton VPN
  70. Proton is a privacy oriented company that provides various services including a popular email service. The company is based in Switzerland.
  71. Pro's:
  72. - Audited by a third party in 2022
  73. - No logs policy
  74. - large number of servers including p2p optimized servers
  75. - Port forwarding
  76. Con's:
  77. - Free service limited
  78. - User reported inconsistent connection speeds
  79.  
  80. -Nord VPN
  81. Nord is a very popular provider based in Panama, you are likely already familiar with this provider as it is one of the most advertised.
  82. Pro's:
  83. - Large number of servers and specialty servers
  84. - Audit conducted in 2022
  85. Con's:
  86. - UI more heavyweight than other UI's
  87. - Payment processing done by an American third party
  88. - Expensive
  89. - Advertisements in the UI
  90.  
  91.  
  92. >Conclusion
  93.  
  94. Virtual private networks can provide a layer of protection for many users, weather you are torrenting, bypassing geographic clocking measures or want to increase your privacy during day to day browsing. While a VPN is not a method to achieve anonymity online, they still provide a valuable service and are another useful tool in our fight to reclaim some level of online privacy. Always be sure to research the provider you intend to subscribe to and remember that as with all tools and procedures we have discussed, know their limitations!
  95.  
  96.  
  97.  
Tags: Privacy
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!