[NetSIG] Not all VPN services are good
Mark G.
netsig at palaceofretention.ca
Fri Jan 16 17:28:18 PST 2026
One of my criteria for using a VPN service is to not
be required to use software provided by the VPN service.
Any VPN, if I were to use one, would have to support
openvpn or wireguard, where I have the ability to provide
the client software. This reduces the risk the article
exposes.
I realize that this precludes a lot of VPN providers.
I also think that a VPN should, at a minimum, be at the host
level for some use-cases. This requirement ensures that all
host traffic (DNS, browsing, email) must pass through the tunnel.
Work from home is a good example for this use-case.
Browser based VPN tunnels can be leaky, although there
are fine use-cases for application level VPNs.
Geo-relocating is one of them, but application VPNs are riskier,
as the article points out.
In terms of trusting browser extensions, what do you folks
do to determine that you are going to install and use a
browser extension: IPvFoo, for example?
What do you base your trust on?
If I had to create my own SSH/SOCKS VPN, it seems to mean
I would have to find/pay for hosting for said system.
What location/country do you choose, where is the exit
point desired to be, etc?
Lots to talk about.
On 1/15/26 18:32, Craig Miller wrote:
> Hello NetSIG-ers,
>
> I ran across this article, which you might find interesting. Apparently Urban VPN is capturing your AI conversations,
> and no way to turn it off.
>
> https://www.schneier.com/blog/archives/2025/12/urban-vpn-proxy-surreptitiously-intercepts-ai-chats.html
>
> Perhaps we should talk about how to create your own VPN (using SSH as a SOCKs proxy) at NetSIG.
>
> Craig....
>
More information about the NetSIG
mailing list