WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

1.2K

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless. All of your data is passing through their switches, which means they can capture all of the Ethernet frames they want to regardless of whether or not you're on a Virtual Private Network (VPN). By choosing to use a VPN, you can obfuscate your data somewhat, but you're also just handing it over to a second company which can also be compromised.

I know there are frame-level services out there, but again, those frames are passing through your ISP's equipment.

I might be wrong, hence the "Opinion" in the title, and I would be glad if someone were to correct me. I've been studying networking a bit over the last few years, so I think I kind of have a grasp on how it works on the various levels.

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless. All of your data is passing through their switches, which means they can capture all of the Ethernet frames they want to regardless of whether or not you're on a Virtual Private Network (VPN). By choosing to use a VPN, you can obfuscate your data somewhat, but you're also just handing it over to a second company which can also be compromised. I know there are frame-level services out there, but again, those frames are passing through your ISP's equipment. I might be wrong, hence the "Opinion" in the title, and I would be glad if someone were to correct me. I've been studying networking a bit over the last few years, so I think I kind of have a grasp on how it works on the various levels.

(post is archived)

[–] [deleted] 6 pts (edited )

Software developer/server admin here. I know a bit about this because we've been working with the tech lately to investigate firing up a VPN management system for a client.

Allow me to correct you. 1) OpenVPN/Wiregaurd/etc traffic is encrypted, so they cannot capture your packets. Or rather, they can, but they can't read them. 2) Most websites are on https/ssl now anyways, so most websites you go on the http requests and returns are also encrypted. Most messengers are also encrypted now. 3) There are services that offer double-vpn, so you are connecting first via UDP to one ip and then that IP connects to another - so there is no link between your computer and the end IP you are using. 4) Most VPN providers allow multiple users on one server/ip, so even if something is done from that IP and is SOMEHOW traced back to you - there is plausible deniability because there might have been 5 other users on that same IP. 5) In most cases no one gives a fuck what you are doing online to begin with, and no one is going to spend time tracing you because you called someone a nigger in a facebook post.

One thing to note, is you should ALWAYS use a private browser session when using a VPN. Otherwise, if you login to faceberg or jewgle with your VPN, you will get a cookie. When you disconnect from VPN, you will still have that cookie. Just about every website online is using google analytics now, so you will be trackable on every website anyways unless you are using a private session EVERY SINGLE TIME.

[–] [deleted] 1 pt (edited )

When VPN services get audited by the authorities, using a VPN only delays the inevitable if you've used it do some super illegal stuff, whatever arbitrary thing any particular government considers that to be

4) Most VPN providers allow multiple users on one server/ip, so even if something is done from that IP and is SOMEHOW traced back to you - there is plausible deniability because there might have been 5 other users on that same IP.

Same can be applied to CGNAT really, or WAN

[–] 1 pt (edited )

Mostly all true but you are over complicating the topic.

THIS ENTIRE POST IS FALSE for valid HTTPS web traffic

HTTS is fully bidirectionally encrypted, if a valid SSL certificate. NOT EVEN THE VPN or ISP knows a single bit. All they know when you connect to Poal.co using https://poal.co are these three things :

1 : that you went to IP address 93.115.20.7 2 : that the IP address you went to first used port 443 and port 443 is only used by one site "poal.co" 3 : that after you went to port 443, you spent a lot of time on port 80 going to 93.115.20.7 sending fully encrypted data

EVEN THE URL in https is 100% military grade encrypted!

Those three meager tiny things are all that is known when using HTTPS. You are probably using https now, without a vpn.

https://en.wikipedia.org/wiki/HTTPS

A VPN that does NOT store logs, and NEVER appeared in US court records, and NEVER complied with FBI requests, and NEVER was hacked like NordVPN got hacked is ExpressVPN : https://www.expressvpn.com

expressVPN and other vpns are used to hide from your ISP :

1 : hides that you went to IP address 93.115.20.7 , so that your IS cannot tell the FBI or anyone 2 : hides that you first used port 443 and port 443 is only used by one site "poal.co" 3 : hides that after you went to port 443, you spent a lot of time on port 80 going to 93.115.20.7 sending fully encrypted data

WARNING TO CHINESE CITIZENS HERE : ExpressVPN is controlled by Chinese, openly so, so do not use ExpressVPN if hiding IP addresses from Chinese authorities.

HTTPS on A VPN hides EVERYTHING from FBI and ISP, but the VPN knows just the IP addresses you went to, nothing else!

TL/DR: The OP is a shill for the FBI probably!

[–] 1 pt

Sure; but if you use a third party for your VPN they have the encryption keys and can turn over your data.

[–] [deleted] 3 pts (edited )

Even if they dont have the keys, They are perm MITM and can intercept handshakes, which are not uncrackable.

Dude up top is still correct, there are plenty of layer, but the problem is that a modern shithead such as myself prides themselves on being able to dig ALL THE WAY DOWN through a shitstorm of good intentions.

There is almost always a way, until you deal with PROs. Some folks are genuinely scary in their ability and knowledge of subsystems.

Boils down to: Pick your battles.

[–] 0 pt

Number four is most interesting to me. I already knew about 1-3 and 5. I wasn't aware they allowed sharing of IPs. That's pretty cool!

The point of my post though is that IP happens at the networking level, and the ISP has free reign at the physical and data link layers below. All of the data, regardless of whether or not it's encrypted, is flowing through their equipment.

Cisco hardware, and probably many others, have had advanced capabilities to capture data for many years now regardless of who you're networked with. Governments and some companies have access to the private keys for the encryption certificates, so SSL/TLS, while important, still aren't a silver bullet.

I agree with you on number five, but that may not always be the case.

[–] 0 pt

Shared IPs is a must when looking for a VPN. RARELY you'll encounter an odd issue but only really from small hosting websites that put a timer on downloads like 1 download per 8 hours etc. Sometimes chans you'll get flagged as a banned IP due to someone else's jew-shilling.

Other than that shared IP is a must.

Incorporated outside of (((14 eyes))) countries is a must.

torrentfreak does a good write up on most major VPN providers and a general write up on VPNs in general.

[–] 0 pt

You're a bit misinformed regarding private sessions. Google still tracks you within those private sessions. In fact, they were recently sued for this.

[–] [deleted] 3 pts

When using a browser:
With a VPN - you type in a link and hit enter, rather than sending that request out, your VPN service uses your CPU to encrypt the request, redirects the address you typed to instead be sent to one of their servers from your ISP instead of to the site that you wanted, the VPN server requests the site, the VPN server receives the requested site, encrypts it, sends it back to your computer, your VPN service uses your CPU to decrypt the packets received. At no point did you send a request to the site, you sent an encrypted packet to your VPN server. At no point did you receive the site, you received an encrypted packet from your VPN. That's what your ISP will see. Without a VPN - you type in a link, it sends the naked request through your ISP directly to the server the site is on and is then sent directly back to you. That's what your ISP will see. * **

I use ExpressVPN after I received a copyright notice from my ISP for a downloaded torrent of a particular video game, which is crazy because I would never download such a thing.
Since using ExpressVPN, I've never received another copyright notice from my ISP, which makes sense because I would never break copyright laws and have nothing but the utmost respect for our corporate overlords that collectively sent over $1,000,000,000 (one billion) to BLM and antifa - and I would certainly never harm their hard-earned profits gained by engaging in any sort of activity that could be somehow interpreted as 'pirating' their mediocre, overpriced, "you made the same fucking thing last year, the year before, the year before, and the year before," woke-infested, faggot loving, shit.

*I'm not any sort of professional in the field
**If your VPN is compromised, you're potentially fucked, which is why you use a VPN that doesn't keep logs, meaning that, even if they are compromised, there's no trail whatsoever of your perfectly legal and certainly non-pirate activities.

[–] [deleted] 1 pt (edited )

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless.

The whole point is that the entire traffic sequence as seen by the ISP and others on the public web is just a bunch of encrypted gobbledy-gook, including any particular IPs being accessed, they will only see one IP being accessed repeatedly, however that does still make connecting the dots easy as now there's just a modem somewhere else connecting with that same WAN IP to the internet which is accessing all the actual traffic out in the open, with the VPN server sitting behind NAT being port forwarded through a router, even changing the WAN address dynamically won't help as you still have the same modem MAC address which you must have so the ISP knows where to provide service, 4G LTE Modems and public WiFi are out of the question as both put you in a double NAT situation.

In short, VPNs as being marketed to normies are not how they were intended to be used, they are by design supposed to give you seamless access to a local network that's physically located somewhere else, encryption is only part of it that makes it secure so no one eavesdrops on your tunneled traffic, not some "protect my privacy against le beil hackers and glownigs" solution

[–] 1 pt

The ISP sees which MAC addresses are connecting. That's data link. If it's coming from your home modem, they know it's coming from someone in your home.

[–] [deleted] 2 pts

Yeah, for the modem that's connecting, you still have NAT providing some layer of plausible deniability as now you have to figure out which mac address behind that NAT actually accessed a resource from the internet, accessing a VPN server from public wifi makes it easy especially if you spoof your device's MAC address so that even when authorities ask for the public wifi provider to hand over the ARP table logs, it won't come back to anything.

[–] 0 pt

Makes me wonder if there's any software compatible with OPNsense, meaning it won't break my connectivity on change, that can periodically change my devices spoofed MACs.

[–] 0 pt (edited )

don't use a VPN goy

allow your ISP to track literally everything you do so they can sell it goy

stop being anonymous goy

OP has literally no idea what he's talking about.

e:

I always tab enter too fast.

OP has zero clue what encryption is. Your ISP won't know about anything other than the volume of data going in and out of your Modem. That's it. They won't know which websites it's going to or have the ability to pull any meaningful information. It is literally just a random stream of 0s and 1s to them. Your VPN provider will also have zero idea what those 0s and 1s are.

ee:

Also this specific type of thread was fairly common even on voat. On fullchan before that as well.

[–] -1 pt

You're a retard if you trust encryption when the NSA and all of the other three letter orgs already have the private keys, have had them, and will continue to have them.

[–] 0 pt

you're a retard for trusting a mathematically proven reality

Hello moshe.

have the private keys

The ones I generate on use? Cool.

[–] 0 pt

Self-signed certificates aren't trusted by pretty much all browsers anymore. Want to run a web server? Get a cert from one of the CAs your browser trusts, and that's not you.

[–] 0 pt

Vpns provide zero protection unless you know what you are doing and even then you shouldn't trust yourself. But if you're not going for total anonymity they still don't protect you from cookies, browsing habits, screen size, what browser you use, probably other stuff. That's IF the vpn doesn't keep logs which you 100% can't trust them not to do regardless of anything they say.

they're about 100x as effective at keeping you private as masks are at keeping you safe. So maybe 10% effective on a good day.

[–] 0 pt

I agree with you 100%. It's just "another layer" of protection.

[–] 0 pt

Hopefully when HTTPS, TLS, third party DNS are widely adopted we can avoid our traffic being trivially snooped. Fingers/toes x'd.

[–] 0 pt

You're going to need more fingers and toes.

[–] 0 pt (edited )

One of the many points you miss here is that an ISP can be compelled to log by your local authorities and a VPN provider most times is offshore. The second most important point is that many ISPs, Australia, UK, etc, already log and block websites, like the torrent websites blocked my ISP, I get a connection timed out.

[–] 0 pt (edited )

You said, "One of the many". What other points am I missing?

[–] 0 pt

Just make sure your VPN service is incorporated in a country that isn't part of the (((14 eyes))) group. (or is it 19 now? - I forget)

[–] 0 pt

You can use a VPN to torrent, watch georestricted content, hide your country location in Poal,etc.

[–] 0 pt

Fair enough. Those are good reasons to want to use one.