You can make a difference in the Apple Support Community!
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
My 10 year old iMac gets little use these days. My wife and I each use a iPad as well as a iPhone.
Rather than a general online query for a VPN provider I am reaching out to the Apple community for tips or pointers to help make a selection.
Your feedback is appreciated.
Thanks in advance.
Part #2
Reputable “paid” commercial VPN services have no vested interest in your internet traffic beyond statutory obligations imposed by the authorities in whose territory in which they operate. Again, from a regulatory a technical perspective, this is no different to your ISP or mobile phone operator. Reputable commercial VPN services are fully and profitably monetised by service subscriptions.
Free or “low cost” VPN operators are funded differently. Clearly, these VPN operators have cost overheads that must be fully funded; such services are often funded through commercial advertising served via the VPN connection, or traffic analysis and data mining - this data being sold-on to other interested parties. Dishonest VPN operators may attract business with express intention of misusing your data - or to facilitate criminal activity.
Looking now areas where commercial VPN provides useful threat mitigation…
Assuming that your home wired/WiFi network is secure - and that other network devices using the network are trusted - use of a VPN within your local network offers no significant benefit. By contrast, public WIFi networks (such as Airports and Hotels) are high risk; other users of these networks can access and manipulate your network traffic - and it is here that a commercial VPN provides useful protection. Here, when using a VPN, all your traffic is fully protected from actors over the high-risk elements of the network path - between your client device and the VPN Gateway.
So, addressing your numbered points…
1) Little benefit. Your home network is presumably trusted; traffic from the VPN Gateway to your Bank benefits only from protocol encryption.
2) Websites to which you direct traffic will, by definition, see all data that is directed to the website.
3) VPN connection will provide privacy over the path that is protected by the VPN link - up to to the VPN Gateway. You might strategically choose the country in which the VPN Gateway is located - being mindful of reciprocal intelligence agreements between governments (e.g., “Five Eyes”). In most cases, effective protection from Nation State interest is an impractical goal.
4) VPN provides effective and useful protection from local threat actors likely present on untrusted network segments - such as schools, airports, hotels etc.
5) You may be retired - and whilst most most law-abiding individuals have nothing to hide, you have everything to protect.
Part #2
Reputable “paid” commercial VPN services have no vested interest in your internet traffic beyond statutory obligations imposed by the authorities in whose territory in which they operate. Again, from a regulatory a technical perspective, this is no different to your ISP or mobile phone operator. Reputable commercial VPN services are fully and profitably monetised by service subscriptions.
Free or “low cost” VPN operators are funded differently. Clearly, these VPN operators have cost overheads that must be fully funded; such services are often funded through commercial advertising served via the VPN connection, or traffic analysis and data mining - this data being sold-on to other interested parties. Dishonest VPN operators may attract business with express intention of misusing your data - or to facilitate criminal activity.
Looking now areas where commercial VPN provides useful threat mitigation…
Assuming that your home wired/WiFi network is secure - and that other network devices using the network are trusted - use of a VPN within your local network offers no significant benefit. By contrast, public WIFi networks (such as Airports and Hotels) are high risk; other users of these networks can access and manipulate your network traffic - and it is here that a commercial VPN provides useful protection. Here, when using a VPN, all your traffic is fully protected from actors over the high-risk elements of the network path - between your client device and the VPN Gateway.
So, addressing your numbered points…
1) Little benefit. Your home network is presumably trusted; traffic from the VPN Gateway to your Bank benefits only from protocol encryption.
2) Websites to which you direct traffic will, by definition, see all data that is directed to the website.
3) VPN connection will provide privacy over the path that is protected by the VPN link - up to to the VPN Gateway. You might strategically choose the country in which the VPN Gateway is located - being mindful of reciprocal intelligence agreements between governments (e.g., “Five Eyes”). In most cases, effective protection from Nation State interest is an impractical goal.
4) VPN provides effective and useful protection from local threat actors likely present on untrusted network segments - such as schools, airports, hotels etc.
5) You may be retired - and whilst most most law-abiding individuals have nothing to hide, you have everything to protect.
You are very welcome.
Having digested the above, if you are still seeking a reputable “off-shore” commercial VPN provider, of the many available you might consider hide.me VPN. Based in Malaysia, hide.me subscription plans are sensibly priced for the service offered. Full support for both IPv6 and legacy IPv4 with VPN servers throughout the world. Subscriptions are cheaper is purchased from the website - and not as an in-App purchase.
https://apps.apple.com/gb/app/hide-me-vpn/id953040671
Should you wish to explore “multi-hop”, this feature is supported using the hide.me App.
Whilst not offering explicit endorsement, I have personally used these services for many years. Service and support backup are first rate.
You may not like my suggestion...
Never use a VPN connection, unless the request comes from your company IT admin/supervisor who can manage that connection on secure/approved/known servers.
Regards
Giulio
Well in general I’m giving in to the nebulous argument “it’s a good idea” from a security perspective. So I think I’m getting the following: 1. Data privacy and data protection when using home WiFi to do banking. 2. Data privacy from apps and websites. 3. Data privacy from the government. 4. Data privacy and protection when using hotel (ie Marriott) WiFi to do banking. 5. I’m retired so no need to log on to work.
Thanks for your reply.
Part #1
Much of the hype and negative comment that you will observe throughout the Apple Support Communities are derived from a bias against, or a fundamental misunderstanding of, VPN technologies and their uses/benefits - in addition to misguided faith in Apple products being immune to cyber-threat. In many cases, negative viewpoint will be based upon consumption of misinformed commentary of others; such commentary often reinforces preconceived faith in both invulnerability and perceived immutable truth.
It is impossible to provide an in-depth discussion of Information Security and IP networking with the limited space that this forum allows. The following is intended to provide brief overview and insight - from which you are free to ask additional questions, draw conclusions as to efficacy, and/or make informed decision as to potential benefit in securing your internet communications.
Enterprise applications may use VPN technologies to securely connect remote users to corporate systems - security benefit being derived through the entire path being protected. Commercial VPNs, as used by private individuals, do not offer protection over the entire path as the encrypted tunnel terminates at the VPN Gateway from which your traffic is routed over the internet to its destination(s). Properly configured commercial VPN services do, however, provide useful mitigation against very specific threats. In using these services, It is important to understand the risks against which a commercial VPN can provide useful protection - and those that it can not. A commercial VPN cannot provide total protection against all monitoring of your internet traffic - as the end-to-end path is not protected by the VPN in its entirety.
A high proportion of your traffic (such as browser traffic) already benefits from encryption (e.g., TLS) without use of a VPN - but some protocols (such as DNS) are entirely “in-clear” and can be intercepted and manipulated. Header and routing information are also unencrypted - and is available to anyone that is able to monitor your local network connection. Where utilised, VPN encapsulation ensures that all your traffic, including unencrypted data, is contained within the VPN tunnel away from prying eyes and threat actors.
One of the arguments against the use of commercial VPN is that all your traffic is routed via the VPN provider”s VPN Gateway. This of course is completely true - however, in many cases presents no greater risk to you, or your privacy, than routing all your internet traffic via your ISP or mobile phone operator.
It’s rather difficult to make any kind of advice or recommendation without having some understanding of what, precisely, you are looking to achieve…
I guess I need to better understand your reply. Please see my reply to LotusPilot.
Thanks for your reply.
I wish you that your expectations come true.
Regards
Giulio
Thank you very much for your timely and comprehensive response. Your expertise will help me improve my understanding of VPN and help me make a good choice.
Regards from Rochester, New York.
Thank you very much.
VPN for iPad/iPhone
