Opinion: Using a VPN service to hide from your ISP is like choosing to have more than one wolf guarding your hen house. | Poal: Say what you want.

Welcome • User Guide
ToS • Privacy • Canary
Donate • Bugs • License

©2025 Poal.co

910

•

Opinion: Using a VPN service to hide from your ISP is like choosing to have more than one wolf guarding your hen house.

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless. All of your data is passing through their switches, which means they can capture all of the Ethernet frames they want to regardless of whether or not you're on a Virtual Private Network (VPN). By choosing to use a VPN, you can obfuscate your data somewhat, but you're also just handing it over to a second company which can also be compromised.

I know there are frame-level services out there, but again, those frames are passing through your ISP's equipment.

I might be wrong, hence the "Opinion" in the title, and I would be glad if someone were to correct me. I've been studying networking a bit over the last few years, so I think I kind of have a grasp on how it works on the various levels.

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless. All of your data is passing through their switches, which means they can capture all of the Ethernet frames they want to regardless of whether or not you're on a Virtual Private Network (VPN). By choosing to use a VPN, you can obfuscate your data somewhat, but you're also just handing it over to a second company which can also be compromised. I know there are frame-level services out there, but again, those frames are passing through your ISP's equipment. I might be wrong, hence the "Opinion" in the title, and I would be glad if someone were to correct me. I've been studying networking a bit over the last few years, so I think I kind of have a grasp on how it works on the various levels.

(post is archived)

You are currently inside a comment thread.

Click here to see all the comments (31).

[–] [deleted] • 2 pts

Yeah, for the modem that's connecting, you still have NAT providing some layer of plausible deniability as now you have to figure out which mac address behind that NAT actually accessed a resource from the internet, accessing a VPN server from public wifi makes it easy especially if you spoof your device's MAC address so that even when authorities ask for the public wifi provider to hand over the ARP table logs, it won't come back to anything.

parent
link

[–] • 0 pt

Makes me wonder if there's any software compatible with OPNsense, meaning it won't break my connectivity on change, that can periodically change my devices spoofed MACs.

parent
link

[–] [deleted] • 1 pt

modem MAC still has to stay the same, that's how the ISP knows which modem to provide service to, so no dice there

parent
link

[–] • 0 pt

Yes, but plausible deniability. Which device networked with the modem did the thing? Was someone war driving my network? Did I have a shady friend use my wifi, and I didn't know they were shady?

parent
link