ITT: a lot of ignorant laymen who don’t understand the first thing about how the internet works.
this post was submitted on 23 May 2026
63 points (92.0% liked)
Privacy
48760 readers
336 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
If you’re using a VPN to protect the destination of your traffic from the prying eyes of your ISP or the state, then the VPN would absolutely be protecting it, and therefore when disconnected you are by definition unprotected.
Mullvad uses the term "Disconnected" in their apps, and their website header says "Not using Mullvad VPN".
(I know that's probably not a good reason to switch providers, but they are really good in other ways too)
I just saw that on Proton VPN but I remember seeing other services forcing this "unprotected" word as if it was the end of the world.
"Please you need us look how you need us now you're unprotected holy shit"
It's just fear-based marketing, which I have a strong distaste for as well
This confused my parents too. They saw a sponsorship for some no-name VPN, with a bunch of scare tactics, and were afraid they would get hacked without a VPN. I had to explain that the VPN was only the entrance to the internet. We already have plenty of encryption in place with https. Only time I really "need" a VPN is for hotel/airport/mall public Wifi.
Oh man you haven't seen avast then
What a nice device you have got here. Wouldn't it be a shame that something bad happened to you because you didn’t throttle your bandwidth or stopped paying your subscription on time?
You'll know in about nine months, give or take, depending on when you went unprotected.
But VPN is not a privacy service.
It sure is. You get privacy from your ISP, or the network operator of what you’re connected to. Thats why people famously use them for things like piracy. If VPNs weren’t private, privacy wouldn’t exist.
Not necessarily. For example if your browser is fingerprinting you towards the webpage, a VPN will be useless when it comes to privacy.
Yes necessarily. What a VPN does to protect your traffic flows from your ISP or network operator is not affected by browser fingerprinting. On the contrary, this is something VPNs explicitly help with. Since web traffic is almost always encrypted, the types of limited traffic analysis they can normally do, they wouldn’t be able to do if all your traffic is going through a VPN. (Snooping on your DNS queries, looking at your TLS SNI, analyzing packet sizes and such)
Additionally, not all traffic you’re trying to protect with a VPN even uses a web browser.
I keep seeing this but I don't understand. Does it not improve your privacy with respect to your ISP?
If your ISP tracks you, then yes; the VPN "tunnels" past the ISP. But keep in mind that the VPN provider can also sell your browsing history. And the ones suitable to work around DRM laws, usually don't have strict data protection laws.
The issue is, that a lot of VPN providers sell their service as a privacy service, with loads of superficial bullshit or false promises.
"If" heh
I wouldn't trust any ISP to not be tracking users
Laws.
Virtual Private Network
Virtual wire from your PC to the provider. Nothing more, nothing less. And btw, the encryption of the "wire" doesn't protect against online tracking (and https is already encrypted).
and https is already encrypted
But DNS is not, and even HTTPS is leaking info via the SNI
That's what i meant, the encrypted traffic doesn't help privacy.
that's just outright bullshit.
it already helps that most of the data in HTTPS traffic is encrypted, otherwise your network provider would see freely what user account do you use, to post what content, on what subforums.
encrypting all traffic on the wire helps additionally to hide what websites you visit (DNS and SNI in HTTPS) and what kind of other web services you use. your local ISP will only see an opaque stream of data to a single VPN company.
Virtual wire from your PC to the provider. Nothing more, nothing less.
also wrong. It's a virtual wire, that is significantly harder to be tapped, because signals on it are scrambled.
What other terms could they use?
- Vulnerable
- Exposed
- In Danger
- At Risk
- Potentially Compromised
- Unmasked
- Uncovered
- Unhidden
- Discoverable
- Unpresentable
- Uncouth
- Unbecoming
- Indecarous (might be my favorite now)
- Indecent
- Immodest
- ...
All substantially less likely to make me think of condoms
disconnected
Your data is leaking
Better simply "You're Leaking"
They could just provide the facts: your connection is not protected by the VPN. The scaremongering is just marketing for the next renewal.
That's no fun
not protected
Even better..."not connected".
Being on a VPN doesn't mean your connection is protected, necessarily.
That could theoretically be misconstrued by some users as meaning "not connected" to any network, though. And explaining it might be a little wordy for a notification. Maybe "VPN disconnected" or something.
True. Users are able to misconstrue things well beyond my imagination
It all depends on what you're supposed to be protected from. Vpns protect your Communications from being intercepted and keeps your location anonymous.
So you are in fact unprotected from being located identified and tracked. You are also unprotected from having your Communications intercepted by a man in the middle.
If you're on a public unsecured Wi-Fi network you are totally exposed. If you are on your own router connected through an isp, the ISP knows everything you're doing, and attaches your billing information to that data and uses it.
So I really don't think unprotected is a scare word. It is an accurate description of your situation.
VPNs don't prevent a device from announcing its real location. And they protect you from a MITM at the ISP but not at the VPN provider, so you just switch who you trust. VPNs also don't do anything to help with the browser fingerprinting that companies use to track you around the web. From the point of view of the services and sites you connect to, all a VPN does is change your IP address, and the IP address may not be a big part of how they track you in the first place. VPNs alone do not improve privacy much at all.
What VPNs do is shield your traffic metadata from inspection by the network hops between your client and the VPN provider (though the content is almost always enxrypted even without the VPN), and change your apparent location for any service that is exclusively using IP-based geolocation.
If you’re on a public unsecured Wi-Fi network you are totally exposed. If you are on your own router connected through an isp, the ISP knows everything you’re doing, and attaches your billing information to that data and uses it.
You don't need a vpn to protect yourself over a public wifi network. All modern website have HTTPS with certificates so the website can't get spoofed and no one knows what your doing on that website. Modern browsers will warn you before entering a website without https or a certificate. Using an encrypted DNS like nextdns further protects you so no one even knows what websites your visiting.
Ok I'm not 100% sure if using an encrypted DNS does fully protect you from outsiders finding out which website your visiting, hopefully someone can correct me if I'm wrong.
The only problem I see with public wifi is the peer-to-peer nature of it. You no longer have the protection of a gateway if somebody is trying to be nefarious. They won't sniff https traffic, but might attempt to connect to open services like an unsecured listener for the cat feeder.
In that instance, locking down the internet connection with a VPN would prevent an attack.
I've actually never really considered that. I guess all other apps also need to be secure or sandboxed or lack permissions to do anything although even then it seems like apps can just escalate permissions on there own without you doing anything.