• Prison Mike
    link
    fedilink
    English
    11
    edit-2
    5 months ago

    As a result, anyone wanting to access blocked sites from Russia is forced to use a VPN, a protective tunnel that encrypts internet traffic and changes a user’s IP address.

    I hate how media describes VPN. It doesn’t “change your IP address” but rather makes your traffic appear to come from a remote endpoint when configured to do so.

    I use VPNs all the time that don’t “change my IP address” at all.

    • @[email protected]
      link
      fedilink
      English
      105 months ago

      They do change the source IP from the perspective of the host receiving your connection.

      • Echo Dot
        link
        fedilink
        English
        1
        edit-2
        5 months ago

        But there’s an important difference here. Sometimes you want the IP address to look like it’s coming from a different location because of region locking. Eg Netflix.

        Other times you want the origin IP hiding along the data stream to stop snoopers. eg the government.

        So changing your IP from the perspective of the receiver isn’t much use if you’re trying to hide from the government. People who are not very tech savvy may not necessarily realize this important distinction until it’s too late. So it’s best to explain the difference.

      • Prison Mike
        link
        fedilink
        English
        -105 months ago

        If you’re routing internet traffic via the VPN tunnel then yes of course that’s true.

        But you can be connected to a VPN and only direct specific subnets (like the traditional office network example) to it. You’re not always forced to use it as a default route (using the term loosely here).

        • @[email protected]
          link
          fedilink
          English
          165 months ago

          That’s pedantry that serves zero purpose to the story. It’s an article for layman, and the only reason to even bring up a VPN is to mention Apple listening to the Kremlin. It serves little to no narrative purpose.

          • @[email protected]
            link
            fedilink
            English
            35 months ago

            And the VPNs that people use for these purposes usually tunnel all traffic unless individual programs have been explicitly added to a list.

          • Prison Mike
            link
            fedilink
            English
            05 months ago

            Maybe it is pedantry, but people writing for the general public should explain things well. Why didn’t they just write:

            As a result, anyone wanting to access blocked sites from Russia is forced to use a VPN that encrypts internet traffic and makes it appear to come from outside Russia.

            This way you’re not lying and saying a VPN “changes your IP address” which is both not accurate nor easily digestible for the general public. That part specifically is what gets me.

      • @[email protected]
        link
        fedilink
        English
        7
        edit-2
        5 months ago

        To access a different LAN, e.g. a network at work, or your NAS at home. You configure it so your internet traffic still goes over your normal connection but only the LAN requests to the specific subnet goes over the VPN. This was the original use case they were built for (roadwarrior businessmen logging into their corporate portal from a hotel or whatever)

        • Prison Mike
          link
          fedilink
          English
          05 months ago

          You won’t be “on a different local network,” you’ll be accessing specific networks (or subnets) via the VPN tunnel rather than some other network interface on your machine.

          So if you’re at home with a 192.168.0.0/24 network and you want to access an office resource on the 192.168.141.0/24 network, likely what will happen is your machine with have a route to 192.168.131.0/24 via the network the VPN provides (let’s just say 10.0.0.1).

          Depending on how everything’s configured, the server you’re accessing might see it coming from the VPN server (masquerade) or it could very well be passed on as-is (which would only work if the server has a routing table back to you via the VPN).

          Typically when people use VPNs for internet access, the traffic is sent out masqueraded so that it appears to come from the VPN’s WAN IP address.

      • @[email protected]
        link
        fedilink
        English
        25 months ago

        To ensure your unecrypted data(which is rare these days) is not clear-text in an untrusted network such as public wifi.

        • Prison Mike
          link
          fedilink
          English
          -25 months ago

          Yes but this isn’t the point I’m getting at — VPN doesn’t always mean you’re sending all your Internet traffic down the tunnel. You can choose to configure only specific networks to use the VPN tunnel.

        • Prison Mike
          link
          fedilink
          English
          05 months ago

          Yes but this isn’t the point I’m getting at — VPN doesn’t always mean you’re sending all your Internet traffic down the tunnel. You can choose to configure only specific networks to use the VPN tunnel.

            • Prison Mike
              link
              fedilink
              English
              1
              edit-2
              5 months ago

              It’s the case of every VPN, it’s just that typically people choose to send all their traffic through it rather than that destined to specific networks.

    • @[email protected]
      link
      fedilink
      English
      -15 months ago

      Are you talking about split tunneling?

      Because last I heard it was considered bad as it was haibg a hard time deciding what traffic to tunnel and what traffic to not

      • Prison Mike
        link
        fedilink
        English
        15 months ago

        It’s only bad if you’re splitting it incorrectly lol

          • Prison Mike
            link
            fedilink
            English
            0
            edit-2
            5 months ago

            It doesn’t seem obvious to you who claims it’s “bad” because it “has a hard time deciding.” It can decide, guess how? Configuration