I’m not worried about NSA or any other three letter agencies. I just want to visit sites and download content without my ISP knowing where I go and what I do.
Yes and no. A VPN will obfuscate the websites you’re visiting, but visiting a website is a multi-step process and parts of those steps may not be hidden from your ISP. Let me explain.
Say you want to go to google.com. After you type the address out in your browser and press the Return key/click the go button, your internet enabled device needs to look up the IP address of google.com through an internet protocol called DNS, or Domain Name System. Most ISPs have their own DNS servers that handle these lookup requests and they’re usually not obfuscated by VPNs by default. A quick workaround is to manually route requests through Google public DNS server at 8.8.8.8. Read DNS leak test and What you’re revealing to your ISP, why a VPN isn’t enough, and ways to avoid leaking it | HackerNoon for more information.
tl;dr: if you’re going to use a VPN, be sure it’s not leaking DNS requests.
It creates a “tunnel” between your computer and the address. It veils the address your computer sends and receives traffic with.
Any traffic routed through the VPN is encrypted so the ISP can’t tell what it is.
As far as I understand the way how a VPN works is that it creates a secure (encrypted) connection to a gateway / proxy server (the so-called “tunnel”) which belongs to your VPN provider. All your internet traffic is routed through that proxy. The only thing that that your ISP should be able to to “see” is your connection to that VPN/proxy server, but not what’s happening beyond that. Also the content that you exchange or download through the proxy should be obfuscated to your ISP, due to the encryption. So your ISP should only be logging your connections to your VPN provider.
Of course your traffic might be logged by the VPN provider, so you basically need to find one that looks trustworthy to you and makes you feel comfortable (which is the major challenge). And you should make sure that there is no DNS or RTC leaking and that there is a kill-switch. There are various sites to check the appearance of your IP address and other information you provide while surfing (e.g. ipleak.net). For further reading I recommend thatoneprivacyguy’s site.
It depends on the VPN configuration. You can configure whenever all traffic is routed through the VPN or not, whenever traffic to the VPN server is encrypted or not, and whenever to use a specific set of DNS server or not.
The VPN services I tried all encrypted and routed all traffic and set specific DNS servers. In this case no DNS requests are send to your ISP DNS.
All the ISP will see is a connection to the VPN server.
What you’re asking isn’t hard to achieve. The VPN will get you most of the way there. But you have to take additional precautions.
See this FAQ from one of the VPN companies. It’s easier than typing it all out.
Oh wow! Okay, what if I change the DNS settings in my router/modem to use OpenDNS ( 208.67.222.222, 208.67.220.220 )? Would that fix the leaks?
Does that mean my ISP can not identify the web sites I visit? And that my ISP can not read the information I exchange with the web sites I visit?
So I am learning. The encryption thing is kind of hard to understand though.
WebRTC, which is a feature in Chrome browser
WebRTC is not just a Chrome/Chromium feature. All major browsers support it.
Not really. DNS requests aren’t usually encrypted and an ISP can track what domains you’re looking up. The hackermoon link explains this. The requests still traverse their network to reach OpenDNS’s DNS servers. It’s like changing your front door lock so your crazy ex-SO with a key can’t get into your house anymore, but leaving the door unlocked and relying on good faith they won’t just turn the handle and open the door.
That is true. However, it is possible for a VPN provider to log your history, so make sure to find a reliable one.
So I am learning. The encryption thing is kind of hard to understand though.
Picture & 1000 words etc: https://i.imgur.com/Ub5B0u1.png
I don’t really get the girlfriend part, but thanks for the links. I have lots of reading to do LOL.
How can I know if a VPN is trustworthy with my data, or verify whether the keep logs?
Ah sorry, “bone server”?
That helps. Thank you.
Use DNS from here https://servers.opennic.org/ Check out the flags and meaning of them so you will find a good one.
It can be difficult to know for sure. You should check around with people who use them and on forums to make sure. Most don’t log your history (if they don’t log it, they can’t check it retroactively, by the way) but free VPN services will almost certainly log it.