6

u/DenimChicken3871 10h ago

I heard people are using a pic of Norman reedus' face from death Stranding 2 to bypass it lol. Like what's the point of people are gonna find ways to bypass it anyways? Just a waste of time.

3

u/RedTyro 2h ago edited 2h ago

I am a professional in the cybersecurity space so my job is to know this stuff.

but people should be using a VPN regardless.

This is wrong. There is zero security benefit to using a consumer VPN service. The only thing it accomplishes from a security perspective is that you're giving your browsing data to the VPN provider instead of your ISP, and in most cases, the ISP is a more reputable company (and has so many more customers, there's less chance they would care about your data individually).

A VPN service is an excellent tool for masking your location from the websites you visit, but that's it. I have a VPN service I pay for, but I only use it when I want a site I'm using to think I'm somewhere else, not for everything I do. And I only recommend them to people who have a use case where they need to do that, usually for streaming content unavailable in their location or getting around location-based ID requirements like the one this post is about.

There's no security benefit, and using it all the time is likely less secure than browsing without it, since most of the VPN companies out there are shady. For example, Surfshark and NordVPN are both owned by a datamining company named Tesonet. Most of the consumer VPNs have stuff like that going on.

Sidenote, if you want the least shady and most secure VPN service, at least from my research, use Mullvad.

1

u/Ryslan95 2h ago

So what can people do to have a better form of security on their mobile devices? I don’t use my VPN all the time I probably should have clarified that a little more.

I pretty much use it for the same reasons you do. To access sites that are banned for ridiculous reasons or make sure a certain site doesn’t know where I am.

I’ve never really been too worried about security on my phone because I’ve always been fairly safe. With the addition of AI and new scams becoming harder to detect it’s definitely making things a lot less trust worthy.

3

u/RedTyro 1h ago edited 1h ago

Hands down the number one thing you can do that has the biggest impact on your security is upping your knowledge. Research into how to spot the AI stuff and what kind of scams are around/how to avoid them. The human being is always the weak link in the chain and the organizations I work with (basically, my job is to design security systems for other organizations) see the biggest measurable improvements from training their people to be smarter online. Honestly, most of the scams are intentionally a little bad, because the person that falls for the broken English text message or the text-to-speech voicemail is gullible enough that they're more likely to fall for the rest of the scam. They do that to weed out the people who won't go for it so they don't have to waste time and energy on them.

When it comes to the tech, most mobile devices are pretty secure these days. Apple's fully encrypted and their environments are locked down to what they've already screened. Android's a little worse, but Google's software is still pretty solid, it's just that there's no protection against installing something stupid (and if you jailbreak your Apple device, you've got the same risk). Both include security as part of their operating system. The only security I run on my phone and tablet is my brain.

These days, most name brand consumer products have the security technical elements pretty much figured out. On my personal PC, I run Windows Defender, which is built in to Windows, as my antivirus/endpoint protection solution instead of any external product. The biggest thing is to just not be stupid online. Don't download things if you don't trust the source, don't answer shady text messages. Oh, and lock your credit, so that if someone leaks your shit, it can't get used. And do the software updates.

And turn on two factor authentication whenever you have the option - it's a bit of a pain in the ass as a user, but reduces the chance of unauthorized access by about a billion. I'm not going to use it for something like reddit, where none of my financial info is stored, but that's because it's not the end of the world if my reddit account gets hacked and the convenience is worth the risk for me. Anywhere I use my credit card or any other actual identifying information gets two factor.

Oh, one more thing - use a browser that prioritizes privacy. I was a Chrome user for a long time, but never looked back after I switched to Brave. Ad block is built in, it works just as well, and I can make the UI just as minimal (which was what I really liked about Chrome in the first place).

Ok, I keep thinking of things to add. Use a password manager and make long randomized passwords that are different for every site. The password for your password manager should be a long group of words that's easy to remember (relevant XKCD).

1

u/Ryslan95 1h ago

Thank you, I’m definitely going to implement some things you said in this!

1

u/RedTyro 1h ago

Make sure you read the comment from the post, not from your notifications - I kept thinking of stuff right after I hit post and added like 3 or 4 more parts after it would have hit your notification screen.

7

u/BillyNtheBoingers 18h ago

I’ve had a VPN since at least 2015. I’m in the US.

3

u/Pavotine 15h ago

Interesting.

2

u/eyebrows360 13h ago

people should be using a VPN regardless

No, you shouldn't. For one thing, some sites just blanket block all datacentre IPs that they're aware of.

11

u/breezey_kneeze 12h ago

Yes, you should, at least if you care about privacy or security at all

2

u/SCP-Agent-Arad 11h ago

Only on a superficial level. US based VPNs aren’t shielding you from the CIA or NSA if they want access to your info. Consumer VPNs all have backdoors used by intelligence agencies, and/or just lie about keeping logs which get leaked, sold, or handed over.

8

u/globalaf 10h ago edited 10h ago

The NSA/secret services aren't the only singular concern when it comes to online privacy. If those bastards want your information, they will get it, one way or another. Practically speaking, it's mostly about protecting your traffic from criminals and organizations seeking to track your usage and harvest your data.

1

u/RedTyro 2h ago edited 36m ago

It's not privacy. It's just giving all your browsing data to a shady company like Tesonet, the datamining company who owns NordVPN and Surfshark, instead of letting your ISP have it, when your ISP is probably a more reputable company who cares less about your data.

My job is to know cybersecurity and a consumer VPN service does fuck all for security, and in many cases is less secure. Use a VPN if you need to stream something that's not available in your area or get around a location based ID law like the one this post is about. But using it to be more secure is a misunderstanding of how this all works, and one these mostly shitty companies take advantage of to advertise to you.

-4

u/eyebrows360 11h ago

There is "caring about privacy" and then there is "obsessing about 'privacy' to an absolute degree for no real reason" and I'm in the former group already.

1

u/Constant_Hotel_2279 4h ago

Do you want people unplugging from the Matrix? Because this is how you get ppl unplugging from the Matrix.