this post was submitted on 23 Dec 2025
160 points (96.5% liked)

Technology

77899 readers
3302 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
160
How VPNs really work: Protocols, safety and myth - Sentient Rant (sentientrant.com)
submitted 1 day ago by sentientRant@lemmy.world to c/technology@lemmy.world
29 comments fedilink hide all child comments
 

VPNs are often sold as a “privacy silver bullet,” but that framing causes more confusion.

A VPN does not make you anonymous.

It does not stop cookies, logins, browser fingerprinting, or payment-based identification.

What a VPN actually does is much narrower and more technical:

  1. It encrypts your internet traffic in transit
  2. It prevents your ISP or local network from seeing which destinations you connect to
  3. It makes websites see the VPN server’s IP instead of your real one
  4. That’s privacy at the network level, not identity hiding.

I wrote a detailed blogpost. Check it out.

you are viewing a single comment's thread
view the rest of the comments
[–] partial_accumen@lemmy.world 3 points 14 hours ago

Your internet traffic is already encrypted in transit, that what the “s” in https means.

You don't get the "s" until you have the "https". Your DNS request which turns www.TheWebsiteYouDoNotWantKnown.com into its IP address happens before you have the "s" in "https". By default, that request is sent in plaintext, and frequently by default, to your internet service provider. So an outside monitor may not be able to see the contents of the website once you establish your https connection, they likely know that you went there and have a good idea how long you stayed on it.

While its also possible to encrypt the DNS request with DoH or DoT, its not on by default and requires the user to take configuration actions in their browser. If they're looking at VPNs for the first time, they likely don't know this and are sending their DNS requests in the clear.