How do anonymous VPN work? Simple words, but not too simple. Aproposed answer here.


R

RayLopez99

A anonymous VPN program, how does it work? I program so don't be too
simple, but here's what I envision after reading the below:

1. after you install the anonymizer software, your browser can, if
configured correctly, connect to the anonymizer company's servers via
HTTPS. Thus the data from your PC to the anonymizer's servers cannot
be read by your ISP, or a Wi-Fi 'hotspot' such as at a hotel.

2. when the data (encrypted via HTTPS as in step 1) gets to the
anonymizer company's servers, one of two things must happen. First,
either the ultimate destination must support HTTPS (by ultimate
destination I mean say you want to connect to Facebook), or, the
anonymizer company's servers must decrypt from HTTPS and send your
data to the ultimate destination unencrypted. In this second case,
everybody inbetween the anonymizer's servers and the ultimate
destination can read your data, but at least your ISP or hotel hotspot
could not.

BTW, I think the most popular sites like Facebook, Yahoo, Hotmail do
have HTTPS web services, so the first option in 2. is available, but I
think most website do not. That was the implication I got reading
between the lines from another passage.

Further, I think that Steganos Internet Anonym is pretty good, albeit
a bit expensive at $99, since it allows you faster access to their
servers than the free services like CyberGhost VPN, which is too slow
from what I've read (unless you upgrade to the premium version).

Did I get it right? Sorry for you types that don't like cross-posts.

RL

http://www.techsupportalert.com/best-free-anonymous-surfing-service.htm#Quick_Selection_Guide

The Software - this is the nuts and bolts of the anonymity machine
that deals with network data traffic and where to route it. Normally,
our network data flows straight through to our ISP and out, which
means our ISP keeps tabs on us all the time. Specialised software
allows us to encrypt our network data so that when it passes through
our ISP, they won't be able to see what it is.
 
Ad

Advertisements

D

Dustin

A anonymous VPN program, how does it work? I program so don't be
too simple, but here's what I envision after reading the below:
What does this have to do with antivirus? You write code, eh? Why
couldn't you wrap your head around SSL then?


This doesn't belong in antivirus.
 
F

FromTheRafters

RayLopez99 said:
A anonymous VPN program, how does it work? I program so don't be too
simple, but here's what I envision after reading the below:

1. after you install the anonymizer software, your browser can, if
configured correctly, connect to the anonymizer company's servers via
HTTPS. Thus the data from your PC to the anonymizer's servers cannot
be read by your ISP, or a Wi-Fi 'hotspot' such as at a hotel.
It's *encrypted* with the key until it is decrypted with the key - why
can't you understand that simple fact?
2. when the data (encrypted via HTTPS as in step 1) gets to the
anonymizer company's servers,
It gets decrypted with the key, it is not a matter of choice.

I think you should try to understand how encryption works before delving
into other things.

[...]
Did I get it right? Sorry for you types that don't like cross-posts.
What crosspost, are you trying to say that you multiposted this question
to other groups?

....bad form.
 
D

David H. Lipman

From: "FromTheRafters" <erratic@nomail.afraid.org>


| It's *encrypted* with the key until it is decrypted with the key - why
| can't you understand that simple fact?

| It gets decrypted with the key, it is not a matter of choice.

| I think you should try to understand how encryption works before delving
| into other things.

| [...]

| What crosspost, are you trying to say that you multiposted this question
| to other groups?

| ...bad form.

Yes FTR, he Multi-Posted this.
 
F

FromTheRafters

David H. Lipman said:
From: "FromTheRafters" <erratic@nomail.afraid.org>

|

| It's *encrypted* with the key until it is decrypted with the key -
why
| can't you understand that simple fact?

| It gets decrypted with the key, it is not a matter of choice.

| I think you should try to understand how encryption works before
delving
| into other things.

| [...]

| What crosspost, are you trying to say that you multiposted this
question
| to other groups?

| ...bad form.

Yes FTR, he Multi-Posted this.
Is he trying to find out how many kinds of 'idiot' he can be at once?
 
B

Bear Bottoms

What does this have to do with antivirus? You write code, eh? Why
couldn't you wrap your head around SSL then?


This doesn't belong in antivirus.
Then why are you replying to it? Tip for the amatuer...no reply...they
look elsewhere....duh.
 
Ad

Advertisements

B

Bear Bottoms

David H. Lipman said:
From: "FromTheRafters" <erratic@nomail.afraid.org>

|
...
A anonymous VPN program, how does it work? I program so don't be
too
simple, but here's what I envision after reading the below:
1. after you install the anonymizer software, your browser can, if
configured correctly, connect to the anonymizer company's servers
via
HTTPS. Thus the data from your PC to the anonymizer's servers
cannot
be read by your ISP, or a Wi-Fi 'hotspot' such as at a hotel.
| It's *encrypted* with the key until it is decrypted with the key -
why
| can't you understand that simple fact?
2. when the data (encrypted via HTTPS as in step 1) gets to the
anonymizer company's servers,
| It gets decrypted with the key, it is not a matter of choice.

| I think you should try to understand how encryption works before
delving
| into other things.

| [...]
Did I get it right? Sorry for you types that don't like
cross-posts.
| What crosspost, are you trying to say that you multiposted this
question
| to other groups?

| ...bad form.

Yes FTR, he Multi-Posted this.
Is he trying to find out how many kinds of 'idiot' he can be at once?
Small wonder this group died.
 
F

FromTheRafters

Bear Bottoms said:
David H. Lipman said:
From: "FromTheRafters" <erratic@nomail.afraid.org>

|
...
A anonymous VPN program, how does it work? I program so don't be
too
simple, but here's what I envision after reading the below:

1. after you install the anonymizer software, your browser can, if
configured correctly, connect to the anonymizer company's servers
via
HTTPS. Thus the data from your PC to the anonymizer's servers
cannot
be read by your ISP, or a Wi-Fi 'hotspot' such as at a hotel.

| It's *encrypted* with the key until it is decrypted with the key -
why
| can't you understand that simple fact?

2. when the data (encrypted via HTTPS as in step 1) gets to the
anonymizer company's servers,

| It gets decrypted with the key, it is not a matter of choice.

| I think you should try to understand how encryption works before
delving
| into other things.

| [...]

Did I get it right? Sorry for you types that don't like
cross-posts.

| What crosspost, are you trying to say that you multiposted this
question
| to other groups?

| ...bad form.

Yes FTR, he Multi-Posted this.
Is he trying to find out how many kinds of 'idiot' he can be at once?
Small wonder this group died.
It died?

Are you familiar with Ray? Ray is trolling, but this time, in this
group, he actually seemed civil and didn't crosspost.

I answered his question despite the fact that he knows that it is off
topic for this group. We've answered general security questions here
before, there is not always a clear boundary between virus and security.
He has not exactly ingratiated himself with this group by insulting
those he expects help from.

If he understood encryption alone, he wouldn't even need to ask this
question.
 
P

Peter Foldes

Bear Bottoms said:
Then why are you replying to it? Tip for the amatuer...no reply...they
look elsewhere....duh.

Huh! You are out of your mind and you are looking for nothing else but an argument.

Besides some of those sites listed on your page is pirated material and your page
shows as infected at least to my server system. Big Pop Up warning of this when your
page is opening. No Bullshit on this. Maybe you should look into removing the
questionable links in it

--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
This posting is provided "AS IS" with no warranties, and confers no rights.
http://www.microsoft.com/protect
 
I

idbeholda

TL;DR - OP needs a strong cup of prune juice and a bowl of buttered
okra.
 
D

Dustin

Then why are you replying to it? Tip for the amatuer...no
reply...they look elsewhere....duh.
I'm not an amatuer; and I'm simply stating a fact with regard to his post
having no relevance in alt.comp.anti-virus. Go recommend kaspersky nod32
again, retard.
 
Ad

Advertisements

R

RayLopez99

It's *encrypted* with the key until it is decrypted with the key - why
can't you understand that simple fact?
You are an idiot. First, don't insult me, a programmer in advanced
languages like C#, when you don't do anything more fancy that DOS
batch file coding. Second, you don't seem to understand HTTPS at
all. FYI, you need to have HTTPS capability in order to do you
"encrypting". Do you think every site has this capability? No.
That's why I say what I say in step #2: "2. when the data (encrypted
via HTTPS as in step 1) gets to the anonymizer company's servers, one
of two things must happen. First, either the ultimate destination
must support HTTPS (by ultimate destination I mean say you want to
connect to Facebook), or, the anonymizer company's servers must
decrypt from HTTPS and send your data to the ultimate destination
unencrypted. In this second case, everybody inbetween the
anonymizer's servers and the ultimate
destination can read your data, but at least your ISP or hotel hotspot
could not. "

Did you read that and understand it? I doubt it. Because if you did,
you would realize that most sites do NOT support HTTPS. So in fact a
program like Steganos Internet Anonym only protects you from your ISP,
not from most sites. That is, only the big sites like Facebook,
Yahoo, MSN Hotmail, etc support HTTPS (for one thing, you have to buy
a certificate and it's expensive, or at least not a trivial cost).
The other sites will receive your message in plaintext. Only, as I
said before, your ISP will not be able to read your message. But from
Steganos servers to your ultimate destination, everybody else can read
your message, unless your message is going to one of the big portals
like Facebook, Yahoo, MSN Hotmail, etc.

It gets decrypted with the key, it is not a matter of choice.
You fail to understand the issue, clearly. You seem to think I'm
talking about the mechanics of public key encryption used in HTTPS. I
am not. Go and lern something little man before calling others
stupid.
I think you should try to understand how encryption works before delving
into other things.
Go lern retard.
What crosspost, are you trying to say that you multiposted this question
to other groups?

...bad form.
Like your out of shape couch potato body.

RL
 
D

David H. Lipman

From: "idbeholda" <idbeholda@gmail.com>

| TL;DR - OP needs a strong cup of prune juice and a bowl of buttered
| okra.

:)
 
F

FromTheRafters

It's *encrypted* with the key until it is decrypted with the key - why
can't you understand that simple fact?
You are an idiot. First, don't insult me, a programmer in advanced
languages like C#, when you don't do anything more fancy that DOS
batch file coding.

***
You are a first class idiot. Ignorant of how the things that you propose
to know all about, work.

You own questions prove that.
***

Second, you don't seem to understand HTTPS at
all. FYI, you need to have HTTPS capability in order to do you
"encrypting". Do you think every site has this capability? No.
That's why I say what I say in step #2: "2. when the data (encrypted
via HTTPS as in step 1) gets to the anonymizer company's servers, one
of two things must happen.

***
*One* thing must happen, it must be decrypted - only the session is
encrypted because HTTPS is a TLS implementation. You share a common key
with their HTTPS server so that they can accomplish this. Like I said
before, it is about the string, not the cans.
***

First, either the ultimate destination
must support HTTPS (by ultimate destination I mean say you want to
connect to Facebook), or, the anonymizer company's servers must
decrypt from HTTPS and send your data to the ultimate destination
unencrypted. In this second case, everybody inbetween the
anonymizer's servers and the ultimate
destination can read your data, but at least your ISP or hotel hotspot
could not. "

Did you read that and understand it?

***
Yes, but it depends only upon the deal you made when the handshake took
place between you and the server offering the HTTPS service. Once it
gets there, it *is* decrypted using the common key created as a result
of that handshake. It doesn't matter how many hops skips and jumps it
takes to get there, once there - it *is* decrypted.
***

[...]
It gets decrypted with the key, it is not a matter of choice.
You fail to understand the issue, clearly. You seem to think I'm
talking about the mechanics of public key encryption used in HTTPS.

***
It's not, public key encryption is used in the key exchange, a faster
cipher is used for the actual session.
***

I am not. Go and lern something little man before calling others
stupid.

***
Stop *being* stupid, and I will stop calling you stupid.
(I thought you liked insults)

You seem to think that there is a choice being made by a server you had
an HTTPS session with as to whether or not they want to decrypt your
data. If you understood how it worked, you would know that there is no
such choice being offered - it gets decrypted - that's why you made the
deal. If further HTTPS sessions are needed it will get re-encrypted
using different secrets exchanged in new handshakes.

It protects the session, not the data.
***
 
I

idbeholda

You are an idiot.  First, don't insult me, a programmer in advanced
languages like C#, when you don't do anything more fancy that DOS
batch file coding.  Second, you don't seem to understand HTTPS at
all.  FYI, you need to have HTTPS capability in order to do you
"encrypting".  Do you think every site has this capability?  No.
That's why I say what I say in step #2: "2.  when the data (encrypted
via HTTPS as in step 1) gets to the anonymizer company's servers, one
of two things must happen.  First, either the ultimate destination
must support HTTPS (by ultimate destination I mean say you want to
connect to Facebook), or, the anonymizer company's servers must
decrypt from HTTPS and send your data to the ultimate destination
unencrypted.  In this second case, everybody inbetween the
anonymizer's servers and the ultimate
destination can read your data, but at least your ISP or hotel hotspot
could not. "

Did you read that and understand it?  I doubt it. Because if you did,
you would realize that most sites do NOT support HTTPS.  So in fact a
program like Steganos Internet Anonym only protects you from your ISP,
not from most sites.  That is, only the big sites like Facebook,
Yahoo, MSN Hotmail, etc support HTTPS (for one thing, you have to buy
a certificate and it's expensive, or at least not a trivial cost).
The other sites will receive your message in plaintext.  Only, as I
said before, your ISP will not be able to read your message.  But from
Steganos servers to your ultimate destination, everybody else can read
your message, unless your message is going to one of the big portals
like Facebook, Yahoo, MSN Hotmail, etc.



You fail to understand the issue, clearly.  You seem to think I'm
talking about the mechanics of public key encryption used in HTTPS.  I
am not.  Go and lern something little man before calling others
stupid.


Go lern retard.




Like your out of shape couch potato body.

RL
It's OK, RayLopez99; It's almost 2011.
 
R

RayLopez99

***

  First, either the ultimate destination
must support HTTPS (by ultimate destination I mean say you want to
connect to Facebook), or, the anonymizer company's servers must
decrypt from HTTPS and send your data to the ultimate destination
unencrypted.  In this second case, everybody inbetween the
anonymizer's servers and the ultimate
destination can read your data, but at least your ISP or hotel hotspot
could not. "

Did you read that and understand it?

***
Yes, but it depends only upon the deal you made when the handshake took
place between you and the server offering the HTTPS service. Once it
gets there, it *is* decrypted using the common key created as a result
of that handshake. It doesn't matter how many hops skips and jumps it
takes to get there, once there - it *is* decrypted.
***
Nope. You *still* don't get it. I'll try and make it as foolproof as
possible, though I doubt it will help.

User's computer is "A". ISP / gateway that user's computer uses to
connect to internet is "B" Steganos Anonym server is "C". Endpoint
user wants to connect to is "D".

Using Steganos Anonym you get a guaranteed HTTPS handshake between
points: A,B,C guaranteed. By that I mean: Steganos is saying you
will get HTTPS between these endpoints. But not all endpoints
(computers) D have HTTPS. This is a fact that you don't seem to
understand, with your 'string theory'. We are not talking TLS
mechanics here. Joe's Hardware website will not have HTTPS unless Joe
has paid for it. MSN, Hotmail, Facebook will. This is your stumbling
block, get over it. Unless you are a pimple faced teen that is just
here to flame and not lern. Your choice. So the last hop from C <-->
D may or may not be HTTPS. Steganos own documentation says this (see
OP). Of course--and this is one value of Steganos Anonym software--
site D will think you, user A, are in fact a server C hosted by
Steganos. This is valuable. In fact, using an earlier version of
Steganos Anonym years ago, I once used this to trick a site that only
accepted USA IP addresses for certain transactions (I'm posting from
outside the USA) into talking to my computer. Steganos is a good
service but last I used it, it was a subscription service that only
lasted one year. But even at around $100 it was worth it for this
particular US-only site since I was able to buy their product at US
prices, which was much less than their non-US price by more than $100.

I came here hoping to confirm this simple fact rather than have to
teach you so-called experts. A classic case of the student knowing
more than the teacher.

Now please go back to talking about your beloved viruses. After this
exercise I wonder whether you even know what you're talking about
there.

Have a nice day. Likely my last post in this thread unless somebody
can advance this discussion with more knowledge than what you've shown
so far.

RL
 
Ad

Advertisements

R

RayLopez99

Advanced languages? Thanks for the laugh! It's Visual Basic for the
21st century (yeah, I know there's also a VB.NET but it's the same
engine). Using Microsoft's MSIL offerings hardly makes you an advanced
programmer.
Nope. Try again pinhead Ant. What you don't realize is that VB for
the 21st century is in fact an advanced language (as manifested by
C#). Automatic garbage collection of such languages, not to mention
strong type checking, is like automatic transmissions in a car driven
in the city--much superior to manual transmissions. And yes, I know
how to drive a stick shift. Funny thing is, outside the USA people in
cities use manual transmission way too much, almost everybody here in
GR, yet it would be a tremendous help, more comfortable and easy (and
safer too, considering elderly drivers) if they switched to
automatic. For the price of a little extra gas, and maybe not even
that much more. Smoother too, since a lot of people never really learn
to shift properly (a good stick driver can shift without using a
clutch, actually, a feat I have managed a few times, and a good stick
driver is so smooth you cannot tell you're in a manual transmission
car--something I pride myself in doing. Off topic, a professional
chauffeur in Russia once apologized for a slight bump when he shifted--
other than that bump, you could not tell you were in a manual
transmission car, that's how smooth he was in over one hour of stop
and go traffic. He told me he used to drive for the Kremlin).

RL
 
F

FromTheRafters

Likely my last post in this thread

***
Promises, promises.
***
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top