this post was submitted on 23 Dec 2025
162 points (96.6% liked)

Technology

77899 readers
3531 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
162
How VPNs really work: Protocols, safety and myth - Sentient Rant (sentientrant.com)
submitted 1 day ago by sentientRant@lemmy.world to c/technology@lemmy.world
29 comments fedilink hide all child comments
 

VPNs are often sold as a “privacy silver bullet,” but that framing causes more confusion.

A VPN does not make you anonymous.

It does not stop cookies, logins, browser fingerprinting, or payment-based identification.

What a VPN actually does is much narrower and more technical:

  1. It encrypts your internet traffic in transit
  2. It prevents your ISP or local network from seeing which destinations you connect to
  3. It makes websites see the VPN server’s IP instead of your real one
  4. That’s privacy at the network level, not identity hiding.

I wrote a detailed blogpost. Check it out.

you are viewing a single comment's thread
view the rest of the comments
[–] dan@upvote.au 24 points 1 day ago (3 children)
  1. It encrypts your internet traffic in transit

Note that most sites use TLS these days, so your data is already encrypted in transit.

[–] theunknownmuncher@lemmy.world 24 points 1 day ago* (last edited 1 day ago) (1 children)

True, however TLS does not encrypt the hostname/IP address of the servers that you are connecting to, so your ISP can monitor the servers you visit. A VPN provides an encrypted tunnel for your traffic, so your ISP can only see that you are communicating with the VPN server. However, the VPN provider can see the hostname/IP of the servers in order to forward the traffic to its destination.

Ideally the VPN provider does not monitor or keep logs of the connections, but this is not always the case. A VPN offers privacy from the ISP or from other clients connected to the local network when using public WiFi.

It can also provide some level of anonymity, because the server that you are connecting to will only be able to see the VPN IP address connecting to them, instead of your home IP address. It is possible to still be identified by other means besides your IP address, like using cookies or browser fingerpinting.

[–] dan@upvote.au 3 points 1 day ago* (last edited 1 day ago) (1 children)

The hostname will be encrypted eventually (ESNI) but you're right that the IP address is visible.

Destination IP is starting to mean less and less these days, given there's a large amount of sites that use shared IPs rather than dedicated ones (for example, if they use Cloudflare, Vercel, Netlify, AWS CloudFront, etc.)

[–] Anafabula@discuss.tchncs.de 6 points 1 day ago (1 children)

ESNI has largely been dropped in favor of ECH

[–] dan@upvote.au 2 points 18 hours ago

Thanks - I forgot about that.

[–] sentientRant@lemmy.world 7 points 1 day ago

Yeah but app dns requests and background services are sometimes not TLS. When using VPN all traffic is encrypted. Thus safer.

[–] Sxan@piefed.zip 4 points 1 day ago

Most web data. "Who you're talking to" isn't.