All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Is there much privacy advantage to use a vpn/proxy when using https sites?

I am privacy conscious mainly for data mining purposes.
Some might say "if you have nothing to hide then why are you concerned what data they mine" however I would point the reader to the nothing to hide fallacy.
I stopped using google years ago in favor of ddg.
I do use youtube daily so does that render the above moot? I am trying to ween myself off yt but it has not been easy. I am motivated to free myself from the yt shackles because I find trending videos which often come up as suggested, simply brain rotting.
As my previous proxy subscription ended I have been left wondering if it offers much advantage anyway if using https sites, which most are nowadays.
I just had the vague idea that using either a proxy or a vpn is 'better for privacy' but didn't have much of an idea of exactly how except it hides your home IP. Does that factor even matter much if you aren't doing anything nefarious?
Since it is only to stop data mining not for anything really high 'threat model' I am wondering what is 'good enough' for my use case.
Any other considerations on what they do? I know vpns encrypt the data but isn't that redundant since https encrypts it anyway?
I prefer the idea of a single proxy than vpn just as there seems no need for thousands of ips and I am thinking I could roll my own proxy with and ssh tunnel and cheap vps as a cheaper and more private alternative.
Comments
I've never tried any VPN only because I've heard using a VPN can break things. A discussion of trade-offs would be interesting to me.
If privacy matters to you, be aware that when using your own VPN/proxy (with its dedicated IP), you will have a more obvious and traceable footprint (every trace of that IP, anywhere, can be traced to you)
The upper stream (say your ISP), can still see the websites that you have visited, they just cannot see the data; one usage of VPNs is to prevent that.
That's only true if you use their DNS server. If you use Cloudflare DNS then the ISP shouldn't be able to see what websites you're visiting either?
No, since there's still the SNI (Server Name Indicator) from the initial TLS handshake "ClientHello" which will tell your ISP the exact website you visit at all times.
ECH (Encrypted Client Hello) which is something Cloudflare has been testing encrypts that, thus prevents the leak. Most major browsers support it, but yet not enabled by default.
https://blog.cloudflare.com/announcing-encrypted-client-hello
Indeed and I think the question of threat model is the relevant issue here.
Of course full tor stack will be 'most secure' but no need for that for my use case of just watching youtube videos or posting on less privacy caring sites while also being slow as a hog for general use of media.
So where is the happy middle ground here?
Vpn 'mixing you among the crowd' is a good point made by @ayyub_webh. Is it valid? As in does using the shared ips of thousands of IPs on things like nord make you more obscure?
If you buy a datacenter even though that IP is always used by you that still isn't your home IP so is that really an issue if using for innocent browsing just not wanting to expose your home IP?
A drawback of those popular vpns is that they are often spammed meaning common sites will have blocked my innocent usage due to previous spamming from the same IP.
I noticed that a lot for the shared proxies I was renting. I would ask for refreshes as reddit had blocked them but even the refreshes were all blocked, similar case with youtube, which is why I cancelled my subscription to that service and what motivated me to look to other solutions.
As such a (relatively) clean private datacenter IP on vps seems like it may be a better option.
I have not tried loads of different vpns though so maybe the less well known ones would not have such issues above while keeping the lowered footprint advantages mentioned previously. I suspect most will have these issues though especially since, as an internet marketer for many years, I know how hard these services are hammered
.
As well as SNI in the HTTPS negotiation, the content of is standard DNS queries is very easy to read on the way through.
So is the consensus that using a vpn is a better idea in terms of hiding among the crowd vs. making a private proxy with vps?
Mullvad was mentioned elsewhere, is that a good bet for privacy purposes? I have not done much research into specific ones yet but it seems they are well regarded by the community generally for privacy. In theory, so long as they are not keeping logs, should your requests using a given endpoint not be traceable back to you since many other people use it?
Break what exactly?
Using a VPN for privacy is pretty dumb and a waste of money and time. I can't think of a single way that a VPN meaningfully increases privacy or provides security. I think it's all the advertising. As for security sure it protects not https sites but please don't use a non https site as if they are too lazy to setup https then who knows what other security practices they are lazy with. As for privacy - Sure your ISP can't read it but now the VPN company, DC, or their internet provider can. Then you also need to pray that the VPN company doesn't leak their private keys online or get compromised which has happened multiple times. You need to realize that you likely have an EXTREMELY unique browser setup and that tracking you even without the use of cookies is probably extremely easy if all you do is turn on a VPN or not.
VPNs are not meant for privacy. Even if you mask your IP address using a VPN, there are hundreds of other ways to fingerprint you. So, I recommend switching to a good browser like LibreWolf on PC and Mull on Android. They will help you reduce your online fingerprinting. Also, use a DNS provider like NextDNS or Quad9. VPNs simply have no additional benefits. If masking your IP or geolocation is a must for you, then you can also consider using ControlD DNS paid plan.
What about this use case from another response to the post I made elsewhere:
That above is worthless?
getting around geo - restrictions(if the website doesnt detect a VPN if using a commercial provider and not a home IP) is not worthless but is not a privacy or security measure.
You are aware that, without a VPN:
All above logs are stored in a database, accessible to anyone who pays enough
Hope you “have nothing to hide”
why would anyone pay money for your IP logs and go through all that effort when 99.999% of people have a unique browser fingerprint that is easily trackable across the web for free ? I am being serious. You are paying for a VPN and then go and fire up chrome, firefox, or safari on your PC that has such unique settings and capabilities that even if you are behind tor they could still track everything you do 24/7 online. Also go to the average VPN website and see how many trackers try to load from their domain from every internet ad provider that exists and see how much of a meme it is to say that they are super private.
Who said you should only use VPN and nothing else?
But not using one will get you logged.
Similar to eating food, you also wash hands, cook raw meat, take notice of the best before date etc.
Ignoring one part can significantly increase your chances of getting sick. Only when all best practices are fulfilled, you are safe.
lol
I had a long response typed out but I think I argued too confusing sometimes. Yes using a VPN can protect you in that one specific circumstance but it also just migrates the responsibility from your ISP(which mine does not log ik for sure) to some remote ISP that may or may not. You also depend on their security practices too. I think that setting up a private wg server is appropriate here, but still does little help online privacy outside of that narrow possible circumstance. To me outside of ISP DNS logging, routing all your traffic through a VPN for privacy accomplishes the same thing as using Tor to login to your bank account for privacy. It is just not the right tool outside of specific circumstances.
Your argument seems based on a fallacy that the vpn will have just as much information on you as the ISP, which is certainly not a given.
ISP you have to give real address and bank details and maybe even ID, credit checks and so forth.
With good vpns you can sign up with very little personal details revealed so it isn't simply a case of 'moving all info up the chain' as far as I understand it, since you can use vpn with much less personal info revealed.
Also you seem to be implying that even tor is worthless due to fingerprinting being a 'piece of cake' no matter what internet protocol you use. If that is true why haven't law enforcement arrested all criminals on the darknet?