If two separate clients on Starlink want to talk to each other they’re going to have to pass through ground station…
and every major VPN has a third-party regularly audit that they aren’t retaining any logs/data
ROFL. Yeah right. Most VPN services are fly-by-night business hosted in unknown possibly hostile countries. It’s doubtful they’re audited at all given how sketchy the software for many of these services is.
Legitimate VPNs don’t work at all the way you describe them. They don’t sell your data, in fact, most try very hard not to even log anything about you.
Of course that’s what they’ll tell you, as they want your business. You have no way of verifying any claim they make.
I use NordVPN and it is one of the best VPN services out there.
No you use NordVPN because you watched a youtuber’s paid advertisement for NordVPN and believed their corporate PR. The paid advertisement worked.
Many legitimate services do encrypt data.
Given all current web browsers will refuse to visit unencrypted websites, it’s glaringly obvious when they don’t. ALL websites with even the most remote legitimacy encrypt your data connection. If they didn’t your VPN provider could just steal all your data.
But there are also many that don’t.
I dare you to name even one. This is one of the lies that VPN providers sell you to get your business.
And one big benefit of VPN is that the provider of Internet can’t know what you’re doing with the Internet service.
This is the simple connection proxying I was just talking about and it’s not guaranteed to work. Websites can still pretty easily geolocate your connection by querying your browser which will often willingly tell the website your rough geographical area via things like your time zone.
Note: if using Apple devices and you subscribe to iCloud services then they provide a service called Private Relay that hides who you are and what you’re doing, so this is an alternative to paying for a VPN.
Private relay is just an apple provided paid (real) VPN service.
However, there are things Private Relay can’t do, like if you specifically want to pretend you’re using Internet in Florida but you’re actually in London and you want to watch Netflix, then Private Relay won’t help you.
Yes that’s things that proxies do, not VPNs. VPNs are intended to be a centralized location for all corporate internet connections to connect to to enter the company’s private intranet.
Here’s some more for you: https://x.com/ErrataRob/status/1842302366185574668
Hi.
Cybersecurity expert here. I’m tweeting this from a public Wi-Fi network without a VPN. I never use a VPN when using public Wi-Fi.
VPN company security claims are (mostly) scams. They sponsor a lot of podcasts to promote their claims.
#CyberSecurityAwarenessMonth
SSL/TLS encrypts all HTTPS headers. Your banking and other sites where you would “typically” want to use VPN for have all standardized on TLS encryption a long time ago.
From your ISP, the only information present is at Layer 3/4 - TCP and IP. Now… if I’ve set up a honeypot server and am monitoring for requests, I could capture your IP, identify your ISP and then pursue legal action… but in this instance, 1) the traffic is not HTTPS or 2) the only people who should reach your server are ones that are performing an activity they shouldn’t be (e.g., torrenting a file that you’re seeding)
On that point, for torrenting, the reason why folks use VPN is so that the source IP is obfuscated. A tunnel is established between you and the VPN provider, and traffic is then sent out the VPN (via NAT). This means that from the other party, the Source IP is your VPN provider, not your ISP.
From a performance standpoint, unless your ISP is throttling based on IP or some other parameter, not sure how putting a VPN would have impact.
Mullvad is in Sweden
PIA is in Boulder, Colorado
Nord is in Panama.
Proton is in Switzerland.
Tunnel bear is in Toronto
Hardly hostile nations.
You can pick a lane. Either VPNs don’t do anything or they can spy on you. If they can spy on you, so can Starlink.
Your ISP can see every IP address that you’re connecting to regardless of HTTPS headers. TCP/UDP IP headers aren’t encrypted. Reverse DNS will tell someone where you went. If someone is worried that the US government is spying on them, then knowing what websites you visit is useful information.
I’m not personally paranoid about such things. But OP is, so they should be using a trusted VPN if they are afraid of their ISP spying on them in any way.
If you’re afraid of the US government spy agencies and are visiting a banking app then you’re visiting a government regulated entity that can just be subpoenaed to hand over all your information and neither HTTPS nor a VPN will help you. If you’re visiting sites that are unsavory though, simple routing logs and reverse DNS will be incriminating enough or be a solid foundation for spear phishing, court orders to the website (if it’s within US Jurisdiction), know which systems you’re connecting to if they’re remote, what country your email server might be in etc. You can learn a lot from spying on IP addresses alone.
That’s just using VPNs as a proxy. Starlink and the VPN can both read metadata. Both can log what servers you connect to. Both can be subpoenaed by the government to track all your connections regardless of what their zero-logging policy says. Both can lie that they don’t log anything.
Both cannot read the content of your communications even with a subpoena.
You’re spending money to buy something that provides you no security benefit besides moving the physical location where your traffic exits into the internet, and notably centralizing it with a lot of other people making it a juicer target for both governments and malicious types for those who want metadata collection.
I said Layer 3/4 are outside TLS encryption. Regardless yeah agree about the reverse DNS. What I don’t get is “you need VPN for safety when browsing banking.” Unless there’s a DNS hijack for the network you’re on and you ignore all the cert mismatch errors thrown by your browser, you’re pretty well protected from someone snooping your traffic and finding sensitive information. The need for VPN is overblown
Well we’re starting from a place of paranoia whether that’s well placed or not. Regardless of the paranoia’s basis you can again trace a connection using just Ethernet headers.
CIA/BigData: “hey, look at that they sent and received a good deal of data from Deutsche Bank. Hey DB, which account connected at 12:31:07.64825UTC from this Starlink IP address?”
Tada now you go to a judge/ request “anonymized” tracking id for more info and you now know a lot more about their banking behavior.