How does a VPN protect me even from my ISP?

Morad Tamer

Commendable
Apr 21, 2016
43
0
1,590
I have been thinking of it for a while now
Doesn't literally all my data have to go through them to get anywhere on the internet?
I understand that they can not know what my data is (about) but they know that I sent it and that it is going to a VPN
Right?
Please correct me If I am wrong

Thanks in advance
 
Solution
Yea, they can intercept the data and where it's going, and draw contextual clues from that. However, there is nothing whatsoever illegal about using a VPN (in free countries, anyhow). So they can do nothing to you for that offence alone. The trouble is that many VPN's are not quite as "no log" as you might think - they often just purchase server time from server farms, who would have full access to the data in their own logs. The company technically is not logging, but the output node is, and so if it's subject to jurisdiction could be used to nullify the benefits of a VPN.

Best practice is a no-log VPN in a country you are not subject to the jurisdiction of. Realistically at that point it's more effort than anyone can be bothered for...

kanewolf

Judicious
Moderator
They know that encrypted traffic is going to a known VPN address. That is all they can know. What "protection" do you believe you need from your ISP? You could argue that the VPN provider knows your decrypted data. Why don't you think you need protection from them? They are really an ISP also.
 

canadianvice

Distinguished
Jul 25, 2012
235
1
19,115
Yea, they can intercept the data and where it's going, and draw contextual clues from that. However, there is nothing whatsoever illegal about using a VPN (in free countries, anyhow). So they can do nothing to you for that offence alone. The trouble is that many VPN's are not quite as "no log" as you might think - they often just purchase server time from server farms, who would have full access to the data in their own logs. The company technically is not logging, but the output node is, and so if it's subject to jurisdiction could be used to nullify the benefits of a VPN.

Best practice is a no-log VPN in a country you are not subject to the jurisdiction of. Realistically at that point it's more effort than anyone can be bothered for to try and track you down.


The data if anything is the incriminating part, and they only get to know it came from you, and that it's going to a VPN server. The VPN server gets the actual stuff that would otherwise be incriminating, and sends it back - but when it's sent back, it's fully encrypted, so your ISP doesn't know what it is.

When I say context, I mean something like this:
I will admit I torrent unabashedly. My ISP cannot see what I am downloading, but they can see that data is coming from my IP, and going to a VPN server. Given that torrenting is somewhat unique in its fingerprint (packet sizes, upload bandwidth and download bandwidth required) they could almost certainly put two and two together based on the common properties of such a connection, but they can't actually prove anything. Just like in a random photograph - you can draw a fair amount of clues from it (for instance, if there's a person in the photo casting a long shadow, you can probably deduce it's early or late in the day. But in and of itself, that information isn't enough to do anything with)

The thing is that they have no proof, however, and nothing happens without proof. That's why it's critically important to make sure the nodes are not in your own country, because thankfully international search is pretty awkward on a warrant, and one would hope that a company would require that much at least.
 
Solution
Apr 30, 2018
7
0
20


True about the traffic. Depends on the VPN provider though. Maybe free ones sell your data to make money, but I doubt any big names would risk their rep using their users' browsing habits etc. I personally use NordVPN because it has zero log policy and doesn't collect anything + based in Panama so it is outside the 14 eyes jurisdiction.
 

Morad Tamer

Commendable
Apr 21, 2016
43
0
1,590


Actually my idea was to acquire a web hosting subscribtion/plan and make my own VPN
Even this might be a bit more expensive it gives me the piece of mind of being in control of everything plus you get to have your dedicated non shared connection with other users