#internet security | Explore Tumblr Posts and Blogs

catgirl-catboy · 1 year

Text

Antis talk about groomers a lot (as they should! Online grooming is a serious issue.)

But I rarely see young antis practicing internet safety that helps them avoid groomers. Internet security is my livelihood, so it really worries me.

Here are some tips to avoid groomers on the internet.

First off "Groomers DNI" or "Adults DNI" doesn't help. You are welcome to keep it in your DNI if you want, but the sort of people that respect that DNI are the sort of people that likely don't pose a threat to you anyway.

Never say your age. I'm serious. "Teenager" is as specific as you can get. "But then, how do you make friends your own age online?" you start talking to people, and you get an estimate about their age.

Never put your face online either. Not only can groomers and stalkers use it, your future boss might find it and link you back to this social media account.

Be vague about your location. If I know your timezone, and you tell me about the weather, I have a pretty good idea of where you live. Hell, actively lie about your timezone/location.

This is a helpful skill to learn, because some (not all, but enough that you need to be careful) of the people that have "15 y/o, above 18 DNI" are actually grown ass adults that will eventually coerce you into doing shit you aren't comfortable with.

If a place happens to be mostly teens, you are a-okay. If a place explicitly bans adults, run.

If someone is giving you a bad vibe for any reason, block them. "But give people the benefit of the doubt!" No. Not on the internet. I give a bad vibe? Prepare the block. Your intuition is a huge tool to keep you safe, don't doubt it.

Don't post pictures you took online. It isn't the content of the photo you should worry about, it's the data that comes with it. Most photos have locations attached.

Do mention parents/supportive adults in your life that care about you. If none exist, make some up. If it seems like you talk about your internet friends, you don't look like an easy target.

Say no to your internet friends on occasion. Watch their reactions. If someone begins to act controlling, thats a red flag.

#internet safety #internet security #groomers #grooming #privacy #antis

1K notes · View notes

joyflameball · 7 months

Text

Making my own post abt this actually, since there is a more popular version running around that has shitty advice and I sure as hell ain't gonna manage to hijack that

Switching to Firefox: What do?

Now a lot of us are neurodivergent and have FAR too many tabs for our own good, and I can understand if you're nervous about switching because of that, since that's a LOT of tabs and you don't wanna lose them. Trust me, I relate to that immensely. I have FAR too many tabs open for my own good.

So what you should do in that case is save your tabs. I personally saved my tabs in a private Discord server, since that let me open the tabs again easily, and make categories for each type of tab, but you can use something like Notepad to save them as well. So, you copy-paste all your tabs over to wherever you're saving them (and additionally, copy-pasting all of them will allow you to see tabs you don't need and delete them, since they're no longer buried).

Once you're into Firefox and signed in, head to Settings. You should see in the general tab the button that says "Import Browser Data." You'll see a dropdown arrow that will let you pick whatever browser you wanna import your data from.

That easy! From there, pull up ALL your tabs and you're good to go!

Simplified explanation:

Save all your previous tabs, maybe in Notepad (I personally used a private Discord server, for the reasons I explained).

Once in Firefox, head to Settings and import your Chrome data.

Pull up your tabs that you saved, and you're in!

Settings

So, you're in the general tab with your data from Chrome imported. Now, keep going through the Settings, because there's a LOT more you can do, and Firefox's settings are fairly simple to navigate. I can't give you any advice for the general tab, that's all for you to handle.

Head to Home, and this is where you'll need to start changing some stuff. I recommend disabling "Recommended By Pocket" for the safest experience, not just because it's better for privacy, but also because the Pocket stuff is annoying. Also disable "Snippets" at the bottom.

Head to Search. From here, you'll be able to disable Google as the default browser, which is good for everyone. You CAN use DuckDuckGo, which allegedly is safest, but I'm personally suspicious of that (look up "duckduckgo safety issues"). However, it is 100% safer than Google, so if you just wanna use that, go ahead.

If you wanna use a different search engine from what is shown, it's gonna be a bit more complicated to set up. In the Search tab of settings, set it so there's a search bar in the toolbar.

Go to the address of whatever new search engine you wanna use (I'm personally using ecosia.org, as it helps w the environment by planting trees, AND it's got a really good privacy policy). Let's use as example: youtube.com .

You'll see a magnifying glass with a plus sign in the smaller search bar. When you click it, you'll be shown a dropdown that says "This time, search with: [all the search engines]." Click the YouTube icon that has a plus sign next to it (again, YouTube as example).

I'm explaining this somewhat confusingly- Mozilla's website has a much better explanation.

Head back to the Firefox settings, and set your default search engine to the new site. Bam.

(Additionally: to disable ever searching with Google, scroll down to Search Shortcuts, and remove the check mark next to Google.)

Simplified explanation:

Set it so there's two search bars.

Go to the address of whatever search engine you wanna use.

Click the magnifying glass, then the icon of the new search engine.

Head back to the Search settings, and switch to the new engine.

Privacy and Security

THIS is what you're here for. Firefox has LOADS of settings to make you more secure. My personal recommendations are:

Set enhanced tracking protections to Strict, or if you wanna customize it yourself, Custom. This will allow you to block cryptominers, trackers, cookies, and fingerprinters.

Set it to clear history when Firefox is closed.

Set it so that the search bar will not show you suggestions from sponsors, and don't allow Mozilla to process your search queries.

Under Permissions > Location, set it to block all requests to access your location. You can do the same for whatever other permissions you'd like, but especially block Location.

Block Firefox from making personalized extension recommendations, at the very least. If you don't want Firefox to use telemetry data, set it so Firefox won't send technical and interaction data to Mozilla.

Block dangerous downloads, obviously, and set it to HTTPS-Only Mode on all windows.

Enable secure DNS stuff using Max Protection. I'm personally using NextDNS (recommended by r/piracy).

Again, I'm not the arbiter of information here. You do whatever you want with your privacy and security settings. These are just my personal recommendations.

Extensions

A point of contention in the original post was how many fucking addons the OP had that essentially did the same thing, like several different adblockers when just one is enough. This is risky not just because it'll slow your browser down to hell and back, but also because it'll make you MORE traceable.

However, this doesn't mean you should go around with zero extensions. Especially since In Today's Day And Age, you WILL get ambushed with ads wherever you go. So at the very least you'll need an adblocker. However, there are extra extensions you can use to help clean up, for example, YouTube Search.

Here's my personal list of extensions, with ones that I feel you will DEFINITELY need marked in pink. I made sure these aren't redundant, or don't cover settings that Firefox already has.

I could be wrong in places, so if anyone wants to push back on this, I encourage it.

Ublock Origin: GET THIS ONE. Everyone and their mother loves this bad boy. Great adblocker that works REALLY well to clean up the web and make things less... awful. It lets you block specific website elements (so if Tumblr's pulling shit you can block it), and in settings it has a WHOLE lot of privacy/safety settings you can turn on which I won't go over, since this is a post about Firefox. The point is: GET UBLOCK. Everyone loves it, it's great, it's reliable, 10/10.

SponsorBlock: This is a GREAT addon that completely skips sponsored sections in YouTube videos. It feels kinda seamless sometimes. It also lets you skip a lot of extra unnecessary stuff as well.

Youtube Search Fixer: Unclogs YouTube's search so you won't get playlists, shorts, unrelated search results, all that fun stuff, so you can just find what you're looking for.

Youtube Shorts Block: Automatically turns YouTube Shorts into standard YouTube videos so you can get away from the fucking TikTokkification of the Internet.

Return Youtube Dislike: Remember how YouTube inexplicably removed the ability to see dislikes? This addon reverts that. You can see dislikes again.

Shinigami Eyes: Marks anti-trans sites with red, and trans-friendly sites with green (with the ability to change those colors, in case of colorblindness). It works with Tumblr blogs, Youtube, Twitter, a fuck load of sites. Great for knowing FOR SURE if a post is an anti-trans dogwhistle, and for going through gender critical blogs and blocking them on masse. It's INCREDIBLY reliable at catching transphobic sites, and finding trans-friendly ones.

Auto Tab Discard: We're all neurodivergent here and have way too many tabs, and that slows down our fucking computers. Auto Tab Discard basically puts those tabs into sleep mode- not deleting them, but making them go offline for a bit so they aren't taking up as much running time. It also lets you mark specific sites to NOT get put into sleep mode, if you need them up for whatever reason.

XKit Rewritten: Look. We're on Tumblr. We know this site's bullshit and how it's impossible to use. XKit helps fix a LOT of the bullshit on this site and adds on helpful stuff. Seriously, get XKit, they're the ones carrying this whole fucking site.

Again- I could be wrong. And I think the only one you 100% DEFINITELY NEED is uBlock. The others are just for convenience, or in the case of Shinigami Eyes, safety. You don't need to install any of these extensions except uBlock. It's just my personal recommendations.

TLDR

Get Firefox. Save all your tabs from Chrome, sync your data, do all that jazz.

Set your default search engine to anything but Google. You can do DuckDuckGo, or if you're suspicious of DDG like I am, use something like Ecosia (and you can add that as a default browser with the instructions I laid out).

USE FIREFOX'S GREAT SECURITY SETTINGS. You don't need a million extensions to do stuff Firefox already CAN do.

The only extension you 100% need is uBlock Origin, but here's my list of ones I personally recommend to help clean up the web and have a better experience.

Get off of Chrome. Google is currently on trial, brought there by the fucking DOJ, for being an illegal monopoly. The trial started about a week ago, and will last for about three months. Depending on how this goes, this could shake up Google's whole monopoly, and change the future of the entire internet.

Firefox is better in every way than Chrome. Firefox will actually try to protect you and lets you opt out of unnecessary data collection. Firefox is not based on Chromium. Firefox is open source, and its code has been scrutinized and deemed as safe. It's not perfect, no corporation is- and Mozilla is ultimately that, a corporation. But god, it's leaps and bounds ahead of Chrome. Switch to Firefox.

#cassie rambles #switch to firefox #firefox #google #google chrome #mozilla firefox #web browsers #browsers #chrome #browser #fuck google #internet privacy #internet safety #digital privacy #internet security

141 notes · View notes

the-final-sif · 4 months

Text

One of the things I think people as a whole don't understand about the internet today is that so much of what's wrong/dangerous/flawed about the internet exists because so much of the internet started as one person's hobby they built in their spare time or as a specific task for a specific function that was just useful/functional enough that literally everyone started using it. There's tons of biases built into the modern internet and some of that is carelessness but a lot of it is... just like. This was invented by a group of grad students fucking around for a few weeks. How the fuck were they supposed to know it'd be become the global standard and that nobody would bother to address or change these things?

Like, the whole reason that the US government gets the ".gov" domain name is because this entire system was invented in the US primarily for use in universities. Under the original system, you had to phone in to talk to the center who owned the list, tell them what name you wanted and then a person would type your name/ip onto the list attached to a nickname much like a phonebook. Then people slowly figured out domains and maintaining domain registries. And then the system became useful enough that more of the US started using it, and then people realized "oh shit, other countries want to use this too, guess we need to figure that out".

The "world wide web" or the thing we all know as the internet (and the reason that every website you visit has www in front), was invented originally by one dude trying to make his own job easier (Tim Berners-Lee). He thought it was pretty cool and shared it, and he was one guy who only spoke English and was just doing what he thought was going to work.

Like, this is a very lighthearted article talking about him, but I think it illustrates the point really well,

Sir Tim Berners-Lee, the creator of the World Wide Web, has confessed that the // in a web address were actually "unnecessary". He told the Times newspaper that he could easily have designed URLs not to have the forward slashes. "There you go, it seemed like a good idea at the time," he said. He admitted that when he devised the web, almost 20 years ago, he had no idea that the forward slashes in every web address would cause "so much hassle". His light-hearted apology even had a green angle as he accepted that having to add // to every address had wasted time, printing and paper.

via "sorry for the slashs"

We have an entire internet and infrastructure built rather haphazardly but also in such a way that going back and trying to change or fix things either requires an insane amount of work or could render vast swaths of the prior internet inaccessible.

Like, I think everyone here remembers Flash getting shut down and how much of childhood games got wiped off the generally accessible internet and relegated to projects like Flashpoint. It was really hard to see, but Flash was also a project started in 1996 (or 1993 if you count the OG version that turned into flash) that was supposed to be for a limited set of use cases, and not the medium on which major parts of the internet would run. By the time Adobe shut it down, Flash was incredibly dangerous with the constant risks of malware, it was buggy, slow, and there were a million better programs. It had to be killed to make way for better things, but because of how the internet was built, that death came at a pretty high cost.

So if you're ever wondering why it feels like the web is a bunch of dominoes ready to fall down at any time, it's because it is. And it does. And so many people spend so much of their time combating all the problems created by using systems that were never intended to handle everything they are currently handling because the alternative is a task of monstrous undertaking that would almost certainly turn decades of history to dust.

#sif speaks #internet culture #internet security #idk I just like #see people talking about the internet in such a way that shows they do not understand it #like I'm pretty sure the vast majority of people these days could not describe the difference between the internet and #www #and like #that says a lot

61 notes · View notes

melyzard · 10 months

Text

Time for a new edition of my ongoing vendetta against Google fuckery!

Hey friends, did you know that Google is now using Google docs to train it's AI, whether you like it or not? (link goes to: zdnet.com, July 5, 2023). Oh and on Monday, Google updated it's privacy policy to say that it can train it's two AI (Bard and Cloud AI) on any data it scrapes from it's users, period. (link goes to: The Verge, 5 July 2023). Here is Digital Trends also mentioning this new policy change (link goes to: Digital Trends, 5 July 2023). There are a lot more, these are just the most succinct articles that might explain what's happening.

FURTHER REASONS GOOGLE AND GOOGLE CHROME SUCK TODAY:

Stop using Google Analytics, warns Sweden’s privacy watchdog, as it issues over $1M in fines (link goes to: TechCrunch, 3 July 2023) [TLDR: google got caught exporting european users' data to the US to be 'processed' by 'US government surveillance,' which is HELLA ILLEGAL. I'm not going into the Five Eyes, Fourteen Eyes, etc agreements, but you should read up on those to understand why the 'US government surveillance' people might ask Google to do this for countries that are not apart of the various Eyes agreements - and before anyone jumps in with "the US sucks!" YES but they are 100% not the only government buying foreign citizens' data, this is just the one the Swedes caught. Today.]

PwC Australia ties Google to tax leak scandal (link goes to: Reuters, 5 July 2023). [TLDR: a Russian accounting firm slipped Google "confidential information about the start date of a new tax law leaked from Australian government tax briefings." Gosh, why would Google want to spy on governments about tax laws? Can't think of any reason they would want to be able to clean house/change policy/update their user agreement to get around new restrictions before those restrictions or fines hit. Can you?

SO - here is a very detailed list of browsers, updated on 28 June, 2023 on slant.com, that are NOT based on Google Chrome (note: any browser that says 'Chromium-based' is just Google wearing a party mask. It means that Google AND that other party has access to all your data). This is an excellent list that shows pros and cons for each browser, including who the creator is and what kinds of policies they have (for example, one con for Pale Moon is that the creator doesn't like and thinks all websites should be hostile to Tor).

#you need to protect yourself #anti google #anti chrome #anti chromium #chromium based browsers #internet security #current events #i recommend firefox #but if you have beef with it #here are alternatives!#so called ai #anti artificial intelligence #anti chatgpt #anti bard #anti cloud ai #data scraping

61 notes · View notes

humanrightsconnected · 1 year

Photo

Read an article by the civic technology organization Pollicy to learn about the biggest challenges to digital rights for women and discover the different ways to advance women’s digital rights!

👉 http://bit.ly/3YJkUpb

📸 by Gayatri Malhotra on Unsplash

105 notes · View notes

ktempestbradford · 8 months

Text

Someone just asked me about password systems that work without password managers (for those who simply don't trust them). My advice is based on this XKCD comic, but modified because now most password systems require a capital letter, a number, and a special character in addition to at least 12 characters overall. Here's how I do it.

You still want the phrase with the common words. At least one of those letters has to be a capital, and I tend to capitalize the first letter of the word; maybe that can be easily figured out by a computer, but I think the higher number of entropy points takes care of that. So, with the words from the comic, you'd have:

CorrectHorseBatteryStaple

Then you decide which one of those letters is a number. Every time you use the phrase it should be the same one so it's easy for you to remember. Example, you could say: the first o is always a zero/0. Or, with this particular phrase you could even say that all the o's are zeros since there are only two. Now we have:

C0rrectH0rseBatteryStaple

I always put the special character needed at the end of the phrase.

C0rrectH0rseBatteryStaple?

You want all passwords to be unique, which is hard, but this system still works for that because now you add one final thing to the end: the name of the thing being logged into. Examples:

C0rrectH0rseBatteryStaple?Amazon

C0rrectH0rseBatteryStaple?Gmail

C0rrectH0rseBatteryStaple?Spotify

Using a 4 word passphrase can get long! And if you're adding the name of the service to the end, that still creates many points of entropy, meaning your core passphrase can be shorter. So:

C0rrectBatteryStaple?Amazon

C0rrectBatteryStaple?Gmail

C0rrectBatteryStaple?Spotify

Remember to decide if service names will have a capital letter in front or not. I like doing that as it adds another capital. But choosing all lowercase is fine, too.

For systems that force you to change passwords and to create a new one each time you change, I suggest changing the special character. And keep a list of the special characters and the order you use them in. Like so:

and on and on. Having that saved somewhere won't tip off password stealing jerks cuz it's just a list of punctuation.

Another thing I like about this system is that it means you can keep a digital or paper list of passwords and still not worry if it falls into the wrong hands because you don't put the full password on there, you put:

?Amazon

?Spotify

!Gmail

Because you can likely remember the passphrase easily, whereas you might have trouble with the less easy to remember service names (like ones you log into maybe once a year or something).

Hope that's useful!

#passwords #password security #internet security #internet safety #long post

38 notes · View notes

demonic-shadowlucifer · 4 months

Text

(Image ID: A tumblr post that reads I need minors to learn how to lie online again. Your name is Derek, you’re 25 and work in accounting now. Please for your own safety learn how to fucking lie. And if you don’t want to lie, then don’t put your age anywhere. Don’t even say whether you’re a minor or not. It is perfectly easy to avoid adult spaces without signposting that you are doing so because you’re a child. Stating your age doesn't protect you this only makes you a target.". End ID) NO. NO. NO. Can we not encourage minors to lie about their age??? And can we ESPECIALLY not encourage them to lie about being an adult??? Predators do not fucking care if you lie about your age. Predators do not care if you tell the truth about their age. ENCOURAGING MINORS TO LIE ABOUT THEIR AGE ISN'T GOING TO PROTECT THEM. Hell, I'd argue that lying about your age is only going to cause *more* problems for folks. Also, saying that sharing your age makes you a target is straight up victim blaming (and fear mongering to an extent too!)

Sharing your age, regardless of if you're a minor or adult, is not going to hurt you by itself. If you're uncomfortable with sharing your age, saying "minor/adult" is fine. Saying that you're above/below a certain age is fine (ex. saying you're above 18).

And if someone is bothering you, breaking your boundaries or if you're an adult and don't want minors interacting (and vice versa), the block button exists for a reason. USE IT.

Seriously it's up to you if you want to share your age publicly or not. At the end of the day the internet is still a very dangerous place, regardless if you share your age or not.

(Image ID: A banner that is blue with flowers framing it. The text reads “OP is a minor. Please respect my boundaries” End ID)

#internet safety #internet privacy #safety #privacy #internet security #internet etiquette #listen i get being worried about other people's safety i really do #but encouraging people to lie about their age is not going to help. it really won't #instead of encouraging minors to lie about their age #how about we encourage people to just... not be creepy #or encourage people to use the block button more frequently #or better yet how about we encourage social media sites to start taking creeps seriously

17 notes · View notes

jennylongma21 · 2 months

Text

Stop KOSA

KOSA is a censorship bill that won’t make kids safe. Instead, it'll put all internet users at risk, especially youth. If you believe in a free and open internet, tell your lawmakers to reject #KOSA! https://stopkosa.com/

PLEASE SIGN THE PETITION!!! TODAY IS THE LAST DAY TO VOTE AGAINST THE KOSA BILL!!! GO GO GO!!!!!

#kosa bill #stop kosa #kosa #internet #internet safety #internet security #internet privacy

17 notes · View notes

d0nutzgg · 1 year

Text

I am currently coding a browser right now in pure Python. Let me explain all the steps it has taken at 300+ lines of code except in no particular order because I need to reorganize.

Fernet Encryption SSL Certificate Check Implementing a UI - Chose PyQt because its a prettier layout than Tkinter. Implementing a toolbar for the UI Implementing browsing history + browsing history tab + a clear button to clear the history - Done in the GUI / UI as well. Adding a privacy browsing mechanism - routed through Tor Added PyBlocker for Ad Blocking and Anti-Tracking on websites Added a feature to make Google not track your searches because fuck you Google you nosey assholes. Added a sandbox to avoid user getting infected with viruses Added additional functionalities including optimization that way the browser wasn't slow as fuck: Using JavaScript v 8 engine to load JavaScript Using slight mem caching <100mb to avoid slowing the computer but also let the program browse quicker Using one http request to send multiple http requests - need to set limit. Encrypted global security features. I am at over 300 lines of code. I am ready to pay someone to debug this shit when I am finished with it (lol) May the force be with you my #Pythonistas

129 notes · View notes

titleknown · 2 years

Link

While thinking about that terrible internet bill that California might pass (Call Governor Newsom ASAP if you live there and tell him to Veto it), it’s worth noting what these various terrible “protect the children” bills are wanting to do, as talked about in the article linked above, so we can prepare to fight against it.

Namely, all of them require age checks. And there’s a growing industry based around age checking that is pushing hard for this. That is not a coincidence.

And, it gets even scarier when you find out how this industry’s products work. Namely, they basically wants to mandate you record your face for the ability to basically visit any website at all, using “biometrics” to determine your age.

Anyone who knows about the way AI and “biometrics” handle faces; and more importantly how utterly inept it is at it, should be terrified about this digital phrenology becoming mandatory. Doubly so when you remember they’re going to store their data and it is inevitably going to leak.

Hell, according to activist Ashley Lake, they’re already using this sort of thing in the porn industry, and it is a fucking security nightmare.

They’re just going to get more and more bold on this push towards mass-surveilance in the name of “Protecting the Children,” so we need to stop it before it becomes embedded in the structure of our lives

So keep an eye out for these fuckers trying to normalize their product and; more importantly; keep an eye out on how we can fight back.

#surveilance #surveilance capitalism #biometrics #age check #age checking #anonymity #security #internet security

150 notes · View notes

catgirl-catboy · 23 days

Text

One of my old internet security posts is getting traction, so have another internet security post ^-^

2 emails. 1 for buisness/important things/life and one for social media, fun all that shit. Never the two shall cross. (also helps you with your work-life balance by not seeing fun stuff while being productive and productive stuff while having fun.)

With accounts connected to your buisness email, never post things online that you wouldn't tell... 1.) Your grandmother 2.) Your bully 3.) Your future employer If you wouldn't tell a stranger something, don't have it connected to this email.

For your fun email, don't post your face, full name, or ANYTHING about your job. You don't want those two connected to the average person looking you up.

Assume every discord server is a public space. Even if its private now, the admin might not keep it that way. If you wouldn't say it on the web proper, don't put it on discord.

Assume every screenshot is fake. It takes <2 minutes to fake a screenshot. Don't belive me?

NEVER use the same password. Remembering shit is hard, I know. However, it is much better to write it down/have it in a password protected file/use a password manager than lastpass than to risk having a hacker get into EVERYTHING.

Don't stick a USB drive into your computer unless you know where its been.

Never make your security questions something any person can google about you, like your mother's maiden name. Favorite book-type questions work better.

Less of an internet security tip and more of a general computer one, but BACK UP YOUR IMPORTANT FILES. A cheap flashdrive with all of your important documents will eventually pay for itself.

another more general tip, but have a backup charger before you need a backup charger.

#fandomless post #internet security #cybersecurity #security

41 notes · View notes

melikefish · 1 year

Text

I work in cyber security. While I agree that getting a VPN is a good idea, most people have misconceptions about it. I am here to dumb down as much as I can how a VPN works and undo some of the misconceptions.

The way your internet works usually is “Device —> Modem —> ISP —> Servers of the place you are trying to reach”. Now, your Device sends a request which is then enhanced by your modem and sent off to your ISP.

Basically, your computer makes & packs the package and adds the sender info (local ip, mac adress, etc) and the recepient info (the server where the request needs to be delivered to). Your modem then adds some other sender info such as your IP and then send it off to the ISP. Your ISP will then keep a copy of the package (request) and send the original to the recipient server. Now, if the tech team of the company did not fuck up and used https, the contents of the package itself should be encrypted, meaning that the ISP can’t see what you see, can’t see the password that you typed in, etc. and the package should be figuratively closed. They should only be able to see the sender and recipient information alongside all the other identifying info. Now, if the tech tram *did* fuck up and used http, your ISP can see the contents of the website you are visiting, can see the password that you entered, etc. and the package is figuratively left open and anyone can look in and see you know, the password you entered and stuff.

Now also, there could be someone in between your devices and your modem like this “Device —> Middle Man —> Modem —> ISP —> Servers of the place you are trying to reach”, the middle man will be able to read the same info as the ISP but that’s besides the point right now.

What a VPN does is, that it encrypts the request and puts it into a different request that is headed to the VPN’s servers. The request’s pathway will look something like this “Device (encrypted by a VPN) —> Modem —> ISP —> Servers of VPN (here the request is decrypted) —> Servers of the place you are trying to reach“. Using figuratively language, the VPN put your package inside another box, another package which is closed. So no-one can see the recipient & sender information of the original package, and if the original package was open no-one can see what is inside of that package. So the outer box/package now heads to the VPN’s servers, and once it arrives there, the VPN’s servers will unpack the outer box/package and send the original package to the original recipient

Now let’s point out some key points.

1. The VPN essentially becomes your ISP, it can read the request as if the encryption never existed.

2. By this complicated process, the IP from which you are sending the request changes to the IP of the VPN’s server.

3. Your ISP CAN NOT read your requests most of the time even without a VPN. If your browser has a lock icon next to the search bar, your requests are already encrypted, the website is using https, and the box is closed.

4. The only thing a VPN does, is make it seem like your requests are coming from a different IP, hides the original recipient info from your ISP & Man in the Middle attacks, hides the original sender information from the recipient server, and encrypts the contents… again. NOTHING MORE NOTHING LESS. If a VPN does something more (such as ad-blocking) they will advertise it separately, it is not a thing that comes by default.

Wrote this at 1AM on my phone in bed as a non-native English speaker. Sorry fir the bad grammar.

#vpn #vpn security #vpn software #vpn service #cybersecurity #internet #misconceptions #thought you should know #helpful #tech #security #privacy #internet security #internet privacy

66 notes · View notes