1 |
On Wed, 15 Jun 2016 14:46:34 +1000, Adam Carter wrote: |
2 |
|
3 |
> There's typically no need to use a VPN when accessing an HTTPS website, |
4 |
> as the SSL/TLS already provides most of the privacy that a VPN would |
5 |
> supply. The extra that the VPN gives you in this case is to hide which |
6 |
> websites you're visiting. So the data is protected in both instances, |
7 |
> but the VPN also hides the connection metadata. So if you use just |
8 |
> SSL/TLS then your ISP can deduce which bank you have an account with. |
9 |
> If you use the VPN as well, then cant even tell that. |
10 |
|
11 |
Making a VPN useful in those oppressive regimes that require ISPs to log |
12 |
all web metadata for all customers. |
13 |
|
14 |
There is another use for a VPN, to spoof your address to the site that |
15 |
you are connecting to. For example, some BBC video services are only |
16 |
available in UK (when I don't need them because I can watch it on TV) so |
17 |
a VPN in the UK allows me to watch the stuff I have paid for when I am on |
18 |
holiday. |
19 |
|
20 |
Some of what Dale wants can be achieved to a greater or lesser extent |
21 |
with Tor, so he should be looking at that too. |
22 |
|
23 |
|
24 |
-- |
25 |
Neil Bothwick |
26 |
|
27 |
If at first you don't succeed, well...darn. |