Can foreign-based VPN apps be used to spy?

Discussion in 'Smartphones, Computers, Gaming and Networking' started by Denton, Feb 8, 2019.

  1. DustinDavis

    DustinDavis Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    2,581
    Likes Received:
    424
    Use a VPN that per CJ's comments above logs no user activity. So your traffic would be encapsulated and encrypted over a connection from the VPN, to and from whatever destination, without the ability to tie back to the actual source (you). While the connection is live, yes the VPN needs to connect you to them. But if that is sufficiently authenticated and encrypted, the connection would be private and could not be sniffed. And if the subsequent traffic over that connection was likewise secure, and if none of this activity was logged, it would hypothetically be safe from sniffing either the connection or the subsequent activity over the connection.
     
  2. DustinDavis

    DustinDavis Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    2,581
    Likes Received:
    424
    Need to run that reply by the department of redundancy department.
     
  3. pillatier

    pillatier Well-Known Member

    Joined:
    May 9, 2007
    Messages:
    4,200
    Likes Received:
    379
    Linux, VPN, Tor and encrypted email. IMO that's most one can do. If NSA/FBI or any other state actors wants to eves drop they will find a way. NSA/FBI has the easiest they can arm twist providers - recall NSA tap on AT&T right after 911, find/use back doors, exploits, use the FISA court.
     
  4. Mikael Soderholm

    Mikael Soderholm Active Member Donor

    Joined:
    May 8, 2007
    Messages:
    640
    Likes Received:
    151
    Still dependent on the integrity of the certificate used to encrypt, so like I said, it is based on the trust you have in the CA, the issuing entity. If the cert is compromised, anybody with access to it could listen.
    It is a nice, but scary, thought that we are still trust based. I wonder for how much longer ...
     
  5. DustinDavis

    DustinDavis Well-Known Member

    Joined:
    May 8, 2007
    Messages:
    2,581
    Likes Received:
    424
    Lying or compromised VPN providers, compromised certs or CAs, yeah if we treat this whole thing as zero-trust and can’t even rely on those foundations, fugheddaboudit.
     

Share This Page