Encryption and VPN ? What is the difference and do we need both of them?

I am a bit confused? I have been reading about Encryption and really confused myself even more by doing so.:confused::confused: From what I can gather is it is a way of keeping your data safe, I hope I am right on that. Yet it seems to me that if you have a VPN which Opera has built into it that you can protect yourself any way. Surely the only way another can get your stuff is if they have psychical access to your machine or through the internet? Am I right on this or not?

Please can someone explain this in non-techie terms that an old folk like me can understand or point us in the direction that will explain it simply - thanks

2 Likes

Encryption is a broad term and can be applied to anything that protects your data. For example, you can encrypt your computer’s hard drive so that even if someone gains physical access to your computer, your data can still not be accessed because it is encrypted with a password.

Then there comes the encryption of web traffic and the most common term these days is HTTPS.

Websites that use HTTPS or apps that provide end to end encryptions, make sure no one can intercept and read the data between your device and the website/app server.

A VPN is another way of providing encryption and privacy to your entire web traffic. A typical VPN solution for home user works differently. What it does is that when you try to connect to any website, the encrypted traffic first goes to the VPN server, it gets decrypted and then sent to the website’s server. This way, even the website server cannot know your exact location, IP address and other such information and hence your privacy is secured.

More info here: https://www.welivesecurity.com/2010/11/10/vpn-ssl-and-https/ ?

8 Likes

Thank you so much for your reply. I felt a bit silly asking the question, but I just didn’t know and if you don’t know then the only way to learn is to ask. I am sure I am not the only one who really doesn’t know this.

4 Likes

There are no silly questions :slight_smile:

6 Likes

The part to remember is that everything works together to protect you and your data. Opera’s built in VPN protects data between your browser and the VPN gateway but beyond that, who knows. Thats where HTTPS encrypting between the browser and the target webserver is an extra layer of protection. Beyond that, as Abhishek illuded to, encrypting messages/files individually and encrypting whole drives/partitions adds further layers to the onion. The more layers makes it harder (not necessarily impossible, but sufficiently difficult) for someone to intercept your data or inject something malicious.

I prefer to use an HTTPS connection through a VPN tunnel whenever possible.

5 Likes

Just a sideline to this I decided after reading the above to encrypt the hard drives of both and have found that it slows down the start up time on Mint 19. Nothing to worry about as once the log in done the speed is exactly the same as it was before. I don’t know if it would be the same with other Distros as well. I am not worried about this, as what is a few seconds extra compared to perhaps having all stolen?

2 Likes

I decide 2 years ago to switch from Windows to Linux. From the Day 1 I have encrypted my HDD. I think only what my machine slow down was my long Password.

2 Likes

Encryption is a commando with camouflage. If he uses a tunnel that is VPN.

5 Likes

That’s a good line. Is it yours original?

1 Like

Yes :slight_smile:

That is what came to my mind when I tried to explain.

4 Likes

I’ve been using a VPN Unlimited for around 6 months now–purchased, of course, from the It’s FOSS store. I like the idea of the added security. We Linux users love to pat ourselves on the back because our systems can’t get viruses, but that doesn’t mean should close our eyes to security issues.

My instinct is that it’s always easier to attack than it is to defend. Attacks can succeed on persistence and luck, and then mutate rapidly–just like biological viruses. Having an extra level of defense means you’re never in the target group to start with. However, once everyone starts using VPN services then lots of flaws with tunneling will eventually be exposed.

My understanding of built-in VPNs like Opera’s is that while they can mask your IP (your unique internet address) they offer the use of only one server which means it will get bogged down at times. Also encryption options are limited.

The advantage of a full-fledged VPN service is that you get a huge range of servers dotted around the globe and a range of encryption options; the more secure option–it’s only fair to point out–coming generally at the expense of performance.

By happy chance my service has a server in Japan. So when my brother who lives in Matsuyama visited this summer he able view sites normally only available in Japan!

4 Likes

Now you got me wanting to visit the itsfoss store.

2 Likes

Well, it is only a few clicks away!

The service I bought was around $40US, a transferable subscription on 5 machines although it’s only active on 4 at the moment.

Also, the software is being actively developed, so functionality is constantly improving.

2 Likes

I’ve learned to not check my email (gmail…) while using my VPN, because it freaks Google out! Is this just Google, or all email providers?

Don’t know, because I use Thunderbird as the client. I have found that google search doesn’t like VPN and throws up all sorts of strange things when you have on and searching that way

I, too, use Thunderbird, but Gmail thinks someone has hijacked my account when I am running the VPN.
( ͡° ͜ʖ ͡ °)

1 Like

Perhaps @abhishek might know an answer or work around it. If not I am sure he can find an answer from somewhere

Yes, it’s easy to freakout Google with a VPN. They’re looking for the same IP, but your VPN–by design–always changes it. Now I haven’t this exact problem but if I install a new system on my “test” laptop, and then try to use my google account it always generates email warnings. Even though my IP should match my historic log-ons. (I don’t usually don’t bother installing my VPN on test partitions.)

Having used my VPN for about 6 months I’ve sort of fallen into some patterns. All revolve around whether it’s best to activate my VPN–and when not to.

So, for example, if I’m doing on-line banking I always use it and I aIways make sure I’m using a local IP. (I also use a specific minimal browser set to forget all it’s history.) And if I’m downloading music from a bands’ website that’s located in, say, Germany I’ll use a German IP. This way I’ll avoid any bandwidth restrictions.

Given your situation, I’d simple turn your VPN off while you get your email. Most websites automatically encrypt your traffic. So once your messages are downloaded simple switch to “work offline”. No one can spy on a broken connection! And no one can crack encryption in that short an amount of time.

Since my VPN only takes about 30 seconds to activate, I’ve started using it when it helps and de-activating it when it isn’t.

1 Like

Thanks for this answer I am sure that many people will be helped. I never thought of keeping the VPN for online banking as I thought it might make it harder to get onto. I will keep it on now.

That’s actually what I do! ¯_( ͡ᵔ ͜ʖ ͡ᵔ )_/¯