@fu From experience, mlb.tv blocks many #VPN Ip addresses. Most recent experience is with Mullvad from a hotel network ... could not view via VPN, and the hotel was doing screwy things so that streaming wasn't working without VPN.
I'm not going to look it up, but I seem to recall that shortly after he was released on bail, he boarded a plane and flew somewhere. Given the potential for a long sentence, inability or unwillingness to abide by location restrictions could be evidence that he may intend to escape before the trial. I'd have locked him up until the trial.
It turns out that the book 📕 often says “run this script from my Github repo”, so it will not provide a comprehensive understanding. I expect that most people could follow the instructions and produce a working VPN. But like the mail server setup scripts, they won’t know how to fix things when an update knocks the service offline.
I bought tickets to a !baseball game. The process is unpleasant. If I wasn't already committed to go, I would not have gone through it.
1. Visit MLB.com on the (older) tablet and click on the team, then on tickets. 2. Oops! Their 3rd party processor does not like your #VPN. You're going to have to enter sensitive financial data across #hotel_Wi-Fi. I know that we're using HTTPS, so there's already encryption from me to mpv\.tickets\.com. Okay, I'll risk it. 3. Okay, pick a game that you want to buy tickets for. Wait up to 4 minutes for the #JavaScript to load and the page to stop jumping around. Now slide the price slider, so you can look at tickets at prices you are willing to pay. Wait for the JS again. 4. Now you're supposed to choose your seat by which section it is in, so you try to expand the map to see where each section is. The map seems unresponsive, but after 3-4 minutes, it will suddenly start moving. Okay click the back button and do it again. 5. Click 'buy now'. Wait 3-4 minutes and the 'create an mlb.com account' page opens. Account creation is followed by adding a credit card (or Google Pay) to your account. 6. You only had 9 minutes to complete the purchase before the tickets go back in the pool. Let's use the laptop instead. And the hotel log in page takes almost 15 minutes to go through tonight. (Once you get in, you've got 10Mbps up and the same amount down.) 7. Log in to mlb\.com, go back to the ticket buying site. This time, you're able to complete the purchase in a few minutes. Thanks to excessive #JabbaShit, the page is still twitchy. But you got it done anyway. 8. When you get to the field, you'll need to use the MLB app on your phone in order to present a bar code for entry. No Google account? You can't install the app.
I need to actually set up an #IPsec #VPN (using IKEv2) ... I work with VPNs all the time, but the actual server end is handled by HQ-IT ... they'd never even think of giving access to field IT.
The idea here is that you can easily connect an Azure subnet to your on-premises network, so your cloud migration needn't be all at once. My impression is that IPsec is a little fiddly to set up, but reliable once you get it working.
I should also point out that I am in agreement with some points. From what I've read, many #VPN companies keep logs ... which may contain enough information to identify specific customers. Many of them have poor security (that is, there have been reports that such logs escape company control).
The companies could be subjected to government pressure.
I haven't seen any reports yet, but I am just waiting to hear about a VPN company being hit by #ransomware. What would they trade in order to get their infrastructure back?
To be clear, all of these things are possible with your #ISP also. In particular, your ISP is very likely to surrender you to copyright strike requests.
(1) A #VPN is not a panacea for security issues. In situations where it is beneficial, it is only part of what you should be doing.
(2) Yes, when you use a VPN, you are trusting that organization and its employees the same way you are trusting your ISP and its employees when you use the Internet from home. If you're accessing from a public Wi-Fi, such as a coffee shop or a hotel, your are trusting the company where you are, their providers, and the employees of each. It is not unheard of for legitimate sites to be blocked and some dodgy sites to flow through fine. Unfortunately, you don't have a way to check. You have to believe what the organization says or reject what it says without any evidence in either direction.
(3) It was never about "hackers" (crackers) sitting in the coffee shop parking lot. It is much more about some bozo at the coffee shop visiting unsavory sites and the ad networks tying your location to their browsing, so that you start getting those ads in your normal at-home browsing. Don't get me wrong, there could be a malicious person sitting in a coffee shop, waiting to hijack your bank account. But the article is correct that spreading HTTPS and other TLS-augmented protocols helps to minimize their effectiveness.
(4) Some people rely on VPNs as proxies, so they can view media streams outside their target distribution areas. For that person, a simple proxy may or may not offer a better deal. I have not tried to use VPNs or proxies for such purposes, but if the alternative is to allow some company to decide where you can view the desired media, I can see why people might choose to use a VPN or proxy.
(5) HTTPS and other TLS-augmented protocols are a great step forward, but bad guys are constantly finding weaknesses. The same is true for VPNs. The idea of sitting around and slapping each other on the back for "ending the threat" is very premature. This is likely to come back to bite someone.
I had your #VPN service, and you joined together with a company known for installing unwanted software on people’s computers and devices. Then, you and they kept it secret for months.
A #VPN provider that I used shut down without much notice (in fact, the only way I found out was that I visited their site months later, trying to figure out why I hadn't been able to connect).
The #hotel I was using had a local provider that blocked #Fediverse instances (including Mastodon.Social), #Diaspora, #XMPP, #IRC, and a certain mail provider that I still use. They did not block: #Facebook, #Twitter, #GMail, or Outlook / #Hotmail
Because I couldn't connect to the VPN, I discovered how many perfectly normal sites were blocked because they weren't on the top 100 list. I went downstairs and informed the front desk that I would be leaving their establishment because of their blocking.
I received a phone call from their networking vendor, who logged into their router and proxy and turned off filtering on a list of about 25 sites they'd blocked.
But the point is, the hotel and its provider cannot be trusted not to fsck with your data. Always use a VPN.
Always use a #VPN when connecting at a #hotel, #coffee shop, or similar public network. Besides the venue's ISP potentially doing evil things, you also have no idea who else is on the network or what they may be doing.
@musicman Yeah, I’m sure it is weird proxy server nonsense. On one network, DNS cannot find the domain. But as soon as I use a #VPN or sometimes just a different organization’s #DNS server, everything works fine. I won’t name the network, but their full name used to have “telephone and telegraph” at the end.
Those tests were taken last night. This morning, speeds are running:
Download: 8.50 Mbps Upload: 8.75 Mbps
(Why I checked: posting from the iPad [ #hotel_Wi-Fi plus #VPN] tablet took several retries before it succeeded. Posting from the phone [only Wi-Fi, no VPN] continued to work.)
I’m thinking that I might install the latest #Devuan in its place and skip religiously-inspired choices like replacing proven DNS clients with one that is integrated into the ever-famished, all-devouring System Daemon.