How does the ONE VPN, which is on Purism's end, work to prevent the local router from seeing my traffic, more?


#1

In addition to the Subject question, I want to know what privacy Tor provides outside of its computer? I thought that it doesn’t log one’s traffic so that anyone else looking at THAT computer would not be able to see where one has been, but that doesn’t seem to prevent the ISP from seeing the Tor browser’s traffic. And how does https prevent the ISP from seeing the url?


#2

The URL is transmitted on the TLS-secured connection that is requested by virtue of the URL being “https:”. The secured payload includes the host name from the URL and the local path from the URL - so these are both kept private. However if the client is using Server Name Indication (SNI) then the host name may additionally be transmitted in plain text for the purposes of establishing the secure TLS connection.

So to take the URL of your post as an example https ://forums.puri.sm/t/how-does-the-one-vpn-which-is-on-purisms-end-work-to-prevent-the-local-router-from-seeing-my-traffic-more/6190 (where I have inserted a space in the URL to keep this forum from not displaying the URL) …

the Host name is forums.puri.sm and the path is /t/how-does-the-one-vpn-which-is-on-purisms-end-work-to-prevent-the-local-router-from-seeing-my-traffic-more/6190 and both of these are transmitted encrypted on the TLS-secured connection but if the client is using SNI it may additionally transmit forums.puri.sm unencrypted anyway.

I’ll leave the VPN question and the TOR question for someone else.


#3

Well, it’s called tunnel for a reason, right? It’s not “on Purism’s end”.
YOU ==> local router ==> ISP ==> random node ==> VPN out --> random node --> destination
Basically, you (only) have a connection to the VPN out, and that’s all the local router and ISP etc. know.
The IPs you visit are only visible to “VPN out” and the following.


#4

the WWW is CENTRALISED meaning that everyone who “surfs” the internet get’s an ip and requests and is served data through packets. these packets can be modified both incoming/outgoing at seemingly random points along the transport medium.

so the question is ? where is the first exit node of the tunnel ? and who controls it ?

VPN is dangerous in this regard because it tends to concentrate ALL data packets at a single exit node. while in the dark tunnel a packet is concealed by encription but when it exits it is revealed by the “light outside”. with TOR it’s the same final exit node anyways so no matter how many times you bounce the traffic around a network it still has to come out finally at some point. it’s just like the customs between Mexico and USA - in this case Mexico is the network (VPN,TOR, or just the non-tin-foil-hat-way to travel) the USA customs is the exit node.

see > https://protonvpn.com/blog/vpn-servers-high-risk-countries/

vote for 2019 protonVPN countries > https://protonvpn.com/blog/vpn-servers-poll-2019/

now the question is can you trust your machine at least ? > https://www.gnu.org/philosophy/loyal-computers.html > http://www.gnu.org/philosophy/who-does-that-server-really-serve.html > https://www.fsf.org/resources/hw/endorsement/respects-your-freedom


#5

https://www.eff.org/pages/tor-and-https for those who find pictures a bit easier check out the thing near the bottom of this page.