WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

260

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless. All of your data is passing through their switches, which means they can capture all of the Ethernet frames they want to regardless of whether or not you're on a Virtual Private Network (VPN). By choosing to use a VPN, you can obfuscate your data somewhat, but you're also just handing it over to a second company which can also be compromised.

I know there are frame-level services out there, but again, those frames are passing through your ISP's equipment.

I might be wrong, hence the "Opinion" in the title, and I would be glad if someone were to correct me. I've been studying networking a bit over the last few years, so I think I kind of have a grasp on how it works on the various levels.

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless. All of your data is passing through their switches, which means they can capture all of the Ethernet frames they want to regardless of whether or not you're on a Virtual Private Network (VPN). By choosing to use a VPN, you can obfuscate your data somewhat, but you're also just handing it over to a second company which can also be compromised. I know there are frame-level services out there, but again, those frames are passing through your ISP's equipment. I might be wrong, hence the "Opinion" in the title, and I would be glad if someone were to correct me. I've been studying networking a bit over the last few years, so I think I kind of have a grasp on how it works on the various levels.

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (31).
[–] [deleted] 1 pt (edited )

Yes, you'll be on a different network. However, the thing about Internet Service Providers (ISP) is that they provide the physical and data link layers of connectivity infrastructure regardless.

The whole point is that the entire traffic sequence as seen by the ISP and others on the public web is just a bunch of encrypted gobbledy-gook, including any particular IPs being accessed, they will only see one IP being accessed repeatedly, however that does still make connecting the dots easy as now there's just a modem somewhere else connecting with that same WAN IP to the internet which is accessing all the actual traffic out in the open, with the VPN server sitting behind NAT being port forwarded through a router, even changing the WAN address dynamically won't help as you still have the same modem MAC address which you must have so the ISP knows where to provide service, 4G LTE Modems and public WiFi are out of the question as both put you in a double NAT situation.

In short, VPNs as being marketed to normies are not how they were intended to be used, they are by design supposed to give you seamless access to a local network that's physically located somewhere else, encryption is only part of it that makes it secure so no one eavesdrops on your tunneled traffic, not some "protect my privacy against le beil hackers and glownigs" solution

[–] 1 pt

The ISP sees which MAC addresses are connecting. That's data link. If it's coming from your home modem, they know it's coming from someone in your home.

[–] [deleted] 2 pts

Yeah, for the modem that's connecting, you still have NAT providing some layer of plausible deniability as now you have to figure out which mac address behind that NAT actually accessed a resource from the internet, accessing a VPN server from public wifi makes it easy especially if you spoof your device's MAC address so that even when authorities ask for the public wifi provider to hand over the ARP table logs, it won't come back to anything.

[–] 0 pt

Makes me wonder if there's any software compatible with OPNsense, meaning it won't break my connectivity on change, that can periodically change my devices spoofed MACs.