There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Is a VPN needed with DNS over HTTPS and Encrypted Client Hello?

I was wondering if a VPN would add any kind of security or privacy if one is connecting to a host with a client/browser that supports DNS over HTTPS and that host supports encrypted client hello. Is there a way for the ISP or anything in between to shape traffic or even know what is being accessed? The only thing that should be visible is traffic between two IP addresses right?

Kushan ,
@Kushan@lemmy.world avatar

That "traffic between two IP addresse"s is enough reason to use a VPN you trust.

Put it this way, bit torrent traffic can be encrypted and routed over standard ports to make it look like regular web traffic, so still “just traffic between two IP addresses” but you wouldn’t run that without a VPN, would you?

twistypencil ,

In this case, a VPN only offers obscuring that you are connecting to the dns over http end point.

lemmyvore ,

To add to what the others have said, a VPN requires one end to authenticate to the other. Regular HTTP and DNS connections don’t.

If you need to access a service remotely, doing it over VPN requires the user to authenticate (to use the VPN).

If you simply expose the service publicly, even if the connection to it is encrypted, it doesn’t prevent random strangers from accessing it or trying to break in.

teichflamme ,

HTTPS does enforce at least one sided authentication though. In the scenario the service they access is most likely being hosted by a server that does authenticate via X.509 cert.

Unless it’s p2p of course.

Psiczar ,

The DNS traffic might be encrypted but that doesn’t mean that other protocols are. A VPN tunnel encrypts all traffic passing through regardless of protocol.

ultratiem ,
@ultratiem@lemmy.ca avatar

This is the correct answer. A VPN encrypts and obfuscates all your connections, not just the web browser.

If all you care about is hiding the websites you visit from your ISP, DNS over TLS is fine. But just remember that you’re bleeding data by using your real IP (ISP, geolocation, etc.). And any other connection, is just unabashedly, you.

joaojeronimo OP ,

Well I was mostly thinking about Usenet but I guess everything else applies. Websites really can leak everything.

joaojeronimo OP ,

But so does TLS right?

Psiczar ,

Yes, HTTPS traffic is encrypted also, but I wouldn’t trust that all of your activity online is hidden just because DNS and HTTPS are encrypted.

Up to you, but I use a VPN when online.

mintycactus ,
@mintycactus@lemmy.world avatar

deleted_by_author

    •
  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • [email protected]
  • lifeLocal
  • goranko
  • All magazines
    •