The Problems with VPNs
It's not that they are bad. They just do not address the actual root causes of the vulnerabilities to your privacy and security.
Over 1 billion people use VPNs to attempt to protect their Web browsing, networking and data. But what most of these people don't know is that VPNs share the same 3 core vulnerabilities of all Web infrastructure, which make your privacy impossible to guarantee.
Why VPNs Are Not Actually Private or Secure
While your VPN tunnel is secure, everything else is vulnerable and can be compromised
Admins & Staff Everywhere
Your security is only as good as the lowest paid engineer or disgruntled insider - especially at your VPN company!
Certificate Authorities
Certificate Authorities are like banks - but far easier to compromise!
The security of all of your other connections and networking on the Web depend on SSL Certificates. These are centralized and run by admins and staff - who can always be compromised. Or no need to bother since Certificates are widely available for purchase on the Dark Web!
IAM & Authentication Servers
Centralized with Cloud Vulnerabilities
These build a whole new centralized database of user identity and credentials, while still being just as vulnerable to cloud hacks of the servers, admins and staff that control them.
They also depend on user credentials - which are notoriously insecure - and 2FA - which is trivially easy to spoof.
LANs and WANs
Breaches Are Catastrophic
Your VPN tunnel may remain encrypted, but once the weak points in a VPN are compromised, the attacker can go anywhere in the VPN and the internal local and wide area networks it connects to.
Web Apps
Out of Scope
When you use and connect to 3rd party Web applications, then you are beyond the scope of VPNs or SDNs and must rely up on their authentication and Web server defenses to protect your connection and your data.
Web Servers
Are Simply NOT Private at All
Everything you do on the Web is visible and tracked anyways unless you use a Privacy Browser. And even then, there are all kinds of gotchas.
Centralized Architecture & Control
- Centralized Servers
- Centralized Certificate Authorities
The servers, certificates and people can all be compromised.
Or no need to bother since certificates can be purchased on the Dark Web!
Networks & Connections are Visible and Vulnerable
Because They Rely Upon Internet Protocol
- With Internet Protocol, network addresses and traffic are visible, and connections are insecure by default
- So the Bad Guys always have the advantage
Data is Vulnerable
Because it is either not encrypted or someone else has the keys.
There is always someone other than you who has access and control.
End Users are careless and endpoint encryption a poor UX so it is rarely used.
IF YOU ARE SEROUS ABOUT PRIVATE WEB BROWSING, HERE ARE THE TOOLS, STEPS AND INFORMATION THAT CAN HELP.
If your goal is to achieve truly private Web browsing, a VPN - or Faction PPN - can NOT do this for you alone! And if the truth is to be told, once you go back OUT onto the Web privacy is a relative notion. What Faction can do is ensure that your origin, identity and path to your exit nodes are all invisible. What you do AFTER that is crucial.
IF YOU ARE SEROUS ABOUT PRIVATE WEB BROWSING, HERE ARE THE TOOLS, STEPS AND INFORMATION THAT CAN HELP.
Tools
Get a Privacy Browser! Without that, the rest is useless.
How To
Read our how to articles on what additional steps to take
Knowledge
More information and guidance on what you are still up against
Smart Manufacturing & Infrastructure
Depend on Firewalls or Nothing at All.
A combination of legacy devices and new very smart machines now populate most floors in the modern manufacturing workplace. Old ones simply cannot be protected - but are too disruptive to replace. New ones may be smart, but rely on precise millisecond-level calibration to which encryption is an unwelcome variable.
Organizations used to rely upon dedicated T1 'Circuits' to keep these isolated, but over the last decade those have been phased out and now most are simply connected - and exposed - to the Internet.
Network Appliances
Depend on Firewalls.
They just rely on the protection of the gateway into the local network. Some appliances like Network Attached Storage devices and printer / fax / scanners are ‘smart’ enough, but do not have rigorous security or programmable UIs to add encrypted networking.
Smart Home Office Devices
Cannot Be Protected by VPNs.
These devices do not have sufficient resources or programmable interfaces to support encryption and secure connections, so they are completely exposed to Internet attacks.
Smart Home Hubs
Evade VPNs and Firewalls.
These evade your VPN firewalls and other protections to send your data back and forth directly to their cloud servers.
The devices still can’t encrypt their data traffic, and are still on IP, so can be attacked directly through your router.