I’ve never completely understood this, but I think the answer would probably be “no,” although I’m not sure. Usually when I leave the house I turn off wifi and just use mobile data (this is a habit from my pre-VPN days), although I guess I should probably just keep it on since using strange Wi-Fi with a VPN is ok (unless someone at Starbucks is using the evil twin router trick . . . ?). I was generally under the impression that mobile data is harder to interfere with than Wi-Fi, but I could well be wrong and my notions out of date. So, if need be, please set me straight. 🙂

  • UndercoverUlrikHD@programming.dev
    link
    fedilink
    arrow-up
    6
    ·
    7 months ago

    What sort of protection are you after? Your VPN should encrypt your data to make it more difficult to snoop on your activity. I wouldn’t trust any random WiFi hot-spot just because you got a VPN encrypting your traffic though.

    • A1kmm@lemmy.amxl.com
      link
      fedilink
      English
      arrow-up
      9
      ·
      7 months ago

      Note that VPN is just trusting a different network.

      If you trust your VPN provider not to misuse your unencrypted traffic / inject exploits, but not your mobile phone provider (or any other network provider you might roam onto), then a VPN provider could help.

      If you trust your VPN provider less than the mobile phone provider, the situation is reversed - you would be better not to use a VPN.

      If you trust them equally, there is probably no point using a VPN (except for the roaming situation, which could be forced in certain circumstances).

    • hedge@beehaw.orgOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      7 months ago

      Before answering your first question (I’m actually not sure how to answer! I’ll have to think about it 🤔)–my laptop has wifi, which transmits and receives radio waves to/from my router; my router is connected to a cable (broadband cable? I guess? Not DSL at any rate), which is connected to the internet (and there’s also a MODEM in there somewhere too). My laptop doesn’t have the ability to connect by mobile data which uses, I guess?, cell phone towers, but my smartphone can use both. So they’re two different systems is I guess what I’m getting at, and I was never clear on how or if a VPN provided any sort of basic privacy if it was only using cell towers. This is a potentially really dumb question (the head injury doesn’t help 🤕), but remember, William Gibson used to think that computers were powered by these gleaming magical crystals (or so he claims), before he looked inside one and discovered that it was basically just a floppy plastic record spinning around really fast.

      • Justin@lemmy.jlh.name
        link
        fedilink
        English
        arrow-up
        9
        ·
        edit-2
        7 months ago

        The first step in security is to answer who you’re defending against. Someone stealing your phone? A cop with a STINGRAY device? All the security decisions you make are based on your initial threat model.

        Generally, home internet, wifi, and cellular data are considered safe against passers-by (assuming your wifi password is strong). However, they are also assumed to be eavesdropped on by your ISP and government. Details of your internet traffic can then also be revealed by your ISP to other people during legal action, such as if you’re being investigated for piracy.

        There are ways to further protect your internet traffic from being snooped on, even from your ISP and government, by using things like HTTPS, DNS over HTTPS, and of course, VPNs.

        • hedge@beehaw.orgOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          7 months ago

          ✔HTTPS 👍

          ✔VPNs 👍

          I thought DNS over HTTPS (DoH!) was not recommended for some reason . . . My VPN provider claims to be using its own DNS servers.

          • dfyx@lemmy.helios42.de
            link
            fedilink
            arrow-up
            5
            ·
            7 months ago

            Please note that the comment you’re replying to is leaving out a crucial piece of information: if your VPN provider is legally allowed to operate where you live, your government or law enforcement can get your data from them just as easily as they can get it from your ISP.

            (Sorry for repeating myself but security is an important topic so I’d rather correct incomplete or misleading information in multiple comments than have someone miss the crucial part because they read only one sub-thread)

            • Justin@lemmy.jlh.name
              link
              fedilink
              English
              arrow-up
              5
              ·
              edit-2
              7 months ago

              Definitely! If your VPN keeps logs, is in a surveillance-friendly jurisdiction, etc, then details of your internet traffic can be revealed by your VPN. I recommend Mullvad, paid with cash, for the most security. It can also help to pick VPN servers outside of the most egregious jurisdictions, like picking EU servers over US or HK servers.

            • jet@hackertalks.com
              link
              fedilink
              English
              arrow-up
              2
              ·
              6 months ago

              Then I’ll repeat my comment from your earlier comment.

              There’s no reason to make tracking easy for somebody just because it’s physically possible. Just because somebody can break into your house through your windows, doesn’t mean you shouldn’t lock your doors.

              Data hygiene is important, when you know your retail ISP will definitely sell your net flow, it’s a strict net benefit to use a VPN to prevent them from making money off of you if nothing else

              • dfyx@lemmy.helios42.de
                link
                fedilink
                arrow-up
                4
                ·
                6 months ago

                Sure, if you know that your ISP abuses your data, go ahead and do something. Though I would recommend changing ISPs before you give even more money to some other company who may or may not do the exact same thing to your data. I’m specifically not talking about TOR or some VPN that you host on your own. I’m talking about companies like NordVPN and Surfshark.

                The analogy of locking your door doesn’t quite fit. Locking your door doesn’t cost you 10 dollars per month and doesn’t require you to hand your keys to the guy who sold you the lock.

                • jet@hackertalks.com
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  6 months ago

                  You have more faith in your local ISP than I do. And I’m happy that you know for certain they are not selling your data. You must live in a very strong regulatory framework

                  • dfyx@lemmy.helios42.de
                    link
                    fedilink
                    arrow-up
                    4
                    ·
                    6 months ago

                    Oh I most certainly don’t have much faith in my local ISP. But I have even less faith in some VPN startup funded by venture capitalists who may or may not be cutting corners on security to save a few bucks on their ends even if they’re not actively malicious. At least my local ISP has been around for decades and is closely monitored by both a government agency and independent customer protection groups.

                    And yes, I do live in a place with a very strong regulatory framework. Our ISPs are bound by the EU GDPR and our highest federal court has confirmed multiple times that even saving connection metadata without a case-specific court order is illegal. Sure, they could break those laws but a commercial VPN provider can do just the same with the difference that not as many people would notice.

          • Justin@lemmy.jlh.name
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            7 months ago

            DoH is meant to hide your internet activity from your ISP/cell-provider since DNS is otherwise unencrypted. If you trust your VPN, then you can trust unencrypted DNS.

      • rudyharrelson@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        Definitely not a stupid question! Networking infrastructure is complex. I’ve been working in IT for years and still find myself scratching my head at times going, “Wait, how does the OSI model work again?”

        Connecting to a VPN on your phone while using mobile data basically means the cell phone tower handling your data only sees encrypted data. Whoever your VPN provider is will see your traffic instead of the cell tower.

        However, in modern times it’s fair to be wary of backdoors and exploits that can compromise your device and render the VPN encryption moot. There’s not much that regular people can really do to mitigate that possibility other than not use a phone.

        If you’re interested in learning more networking fundamentals, I’d recommend starting with the OSI model and its layers.

        A handy mnemonic I whipped up with ChatGPT last year for better remembering the order of the layers:

        Precise Data Navigation Takes Some Planning Ahead