Cellartracker and VPN: 403 error

Never an issue while using ExpressVPN

Travelling with a laptop, a VPN is essential as man in the middle attacks are a serious concern with wifi networks that are not private.

Not sure I’m following you here?

Here’s an AI overview of using a VPN:

A VPN (Virtual Private Network) is used to protect your online privacy by encrypting your internet traffic and masking your IP address, essentially hiding your browsing activity and location from your internet service provider, hackers, and other third parties, allowing you to browse the web more anonymously and securely, especially when using public Wi-Fi networks; it can also be used to access geo-restricted content by connecting to servers in different locations.

Key reasons to use a VPN:

  • Privacy:

Prevent your ISP and other entities from tracking your online activity by concealing your IP address and encrypting your data.

  • Secure Public Wi-Fi:

Protect sensitive information when using public Wi-Fi networks by encrypting your connection.

  • Access Geo-restricted Content:

Access streaming services or websites that might be blocked in your region by connecting to a server in another location.

  • Bypass Censorship:

Circumvent internet censorship in certain countries by connecting to a VPN server outside of that region.

  • Business Security:

Secure sensitive company data when employees access the network from remote locations.

I’m not sure I’d agree with that, unless you’re being MiTMed on an unencrypted web site, which you shouldn’t trust on an open network and 100% shouldn’t auth to via one.
But TLS is very capable of alerting you to the fact that someone’s trying to PiTM your connection as you’ll get an SSL certificate error when attempting to connect to the site (say online banking). With modern browsers you basically have to bully them to allow your connection.
Also, none of this stops your machine from being attacked on the wifi network you join. And while a VPN is nice, I’d argue it’s (most likely) not as private and anonymous as people lead you to believe. Sure, they might advertise that they don’t keep logs. But what they don’t tell you is that often the entire thing is mirrored off to a secure closet, similar to AT&T’s Room 641a.

2 Likes

I agree here partially. Not all VPNs are created equal. You need to research which works best for you. Nothing is perfect but every layer you add increases your chance of browsing safer.

I guess from my perspective I don’t really see the value in consumer facing ‘privacy’ VPNs that others do. Most tracking on the web isn’t via IP or ISP, it’s via cookies in your browser. And unless you’re routinely flushing those cookies and re-authenticating to sites you access you’re being tracked regardless of where you egress onto the Internet.
Also, most traffic to the Internet is already TLS encrypted (https), so wrapping that in a VPN doesn’t really provide added protection.
I won’t wade into the censorship discussion beyond saying using a consumer grade VPN in a country where this is an issue is probably not the best choice to avoid incarceration.
From my perspective, consumer VPNs are primarily good for accessing Geo-blocked content. Everything else feels a bit more security theater instead of actual good security practice.

3 Likes

I agree with what you are saying and, yes, since https is more comprehensive than just a few years ago, that value has diminished. I don’t consider preventing my ISP from collecting and selling information about me against my wishes security theater. ymmv.

1 Like

100%

Your ISP isn’t doing this for malicious purposes, it’s to advertise to you in a more targeted manner. But your ISP isn’t google, and their tracking is omnipresent. I suspect you’d be amazed at their level of understanding of you just through tracking and correlation. Granted it depends on ISP as well, but on average they’re little fish when compared to the FAANGs.

CISA just dropped their Mobile Device best practice guidance document yesterday, it speaks directly to this.

https://www.cisa.gov/sites/default/files/2024-12/guidance-mobile-communications-best-practices.pdf

1 Like

Well OK if your mobile device only ever connects via the mobile network, but my mobile device, for example, spends well over 90% of its life connected to WiFi networks of one sort or another (because they are generally free, and mobile data costs).