HTTPS with no VPN:

You trust the web site to encrypt your data if and only if the web site has properly implemented encryption along with encrypted DNS traffic. Sometimes you make a connection to HTTP before you’re redirected to HTTPS. Your ISP can see what web sites you visit, but the ISP can’t see what you’re doing because the traffic is encrypted so long as encryption is implemented correctly. ISP knows you went to https://www.website.com/.

Conclusion: Your ISP knows exactly what web sites you visit, but can’t see what you’re doing on the web site (if encryption is properly configured by the web site provider).

HTTP or HTTPS with trusted VPN (e.g., Mullvad):

You trust the VPN provider. Your connections are encrypted entirely. Your ISP can’t see what web sites you’re visiting nor can they interpret your traffic.

Conclusion: Your ISP is completely blind to what you’re doing and where you’re going.

ExpressVPN:

"HTTPS is essential for security, but it can only do so much. Don’t fall into a false sense of security—there are limitations to HTTPS protection:

• HTTPS doesn’t hide what websites you visit. Your ISP or network provider can still see which sites you access, even if they can’t view what you do on them.
• HTTPS won’t protect data stored on a website. If a site suffers a data breach, HTTPS won’t prevent hackers from accessing your saved information.
• HTTPS cannot encrypt all your internet traffic. It only secures connections between your browser and a site—not your entire internet activity.
• You have no control over HTTPS. The protocol is set by website owners, so if you visit a website without HTTPS protection, there is no way for you to enable it." Source: https://www.expressvpn.com/blog/https-vs-vpn/

PureVPN:

"HTTPS:

• Encrypts data between your browser and websites.
• Protects against eavesdropping on web transactions.
• Activated automatically with ‘https://’ VPN:
• Encrypts and routes all internet traffic, including from apps.
• Protects the entire internet connection. A VPN is used to establish an encrypted connection - also referred to as tunnel - between your device and unsecure network like the Internet. Since all your traffic goes through the VPN’s server rather than that of your ISP, nobody can find out what you’re up to online. What HTTPS Cannot Do?
• Hide Your IP Address: HTTPS doesn’t mask your IP address. Websites and your ISP can still see your IP and location, whereas a VPN hides your IP, making your online presence more anonymous.
• Encrypt All Internet Traffic: HTTPS only secures data between your browser and websites. A VPN encrypts all your internet traffic, including apps and services outside your browser.
• Prevent ISP Tracking: Your ISP can still see which sites you visit with HTTPS, they just can’t see the exact content. A VPN encrypts all your traffic, preventing ISPs from tracking your web activities. https://www.purevpn.com/blog/https-vs-vpn/

Here are more sources I won’t quote, but you can read:

• https://www.zdnet.com/article/reader-question-answered-if-i-have-https-do-i-need-a-vpn/
• https://nordvpn.com/blog/https-vs-vpn/
• Mullvad. This is more advanced as the article is targeted to technical users. However, it explains how they handle encrypted DNS in their services: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls

Great input and you’re absolutely correct. Very important to safeguard backups.

Use of a VPN depends on your privacy threat model.

Using VPN at all times while using the internet like one normally does is beneficial only to the extent that you encrypt your traffic and prevent your ISP from spying on you… mostly. But if you’re logging into known accounts associated with you, then it’s a moot point. Your traffic is encrypted, but your use of services leaves an easy to follow cookie trail of where you’ve been.

If your privacy threat model is much more serious, then you wouldn’t login to any known accounts while on your VPN. You wouldn’t use services that can be pinpointed to you.

Hence, use a VPN to your discretion. If you generally don’t want your ISP spying on you, keeping it on is always best practice. If you have more things to hide, you’d want to use Tor while on VPN and of course don’t use any services that could be linked to you.

Nothing much you can do except make it harder for nefarious parties to get your information. If you’re in the U.S. most of your information is public. With two pieces of info about you, you’re one Google search away from your name, physical address, schools you went to, where you’re employed, etc. You can’t stop this, so just make it harder when your data does get leaked.

Here are my best practices:

• Own my email domain name and use it for generating unlimited random aliases.
• Update old accounts using a random alias.
• Generate random usernames using a proper username generator. Unique username per account.
• If an old account email can’t be updated, changed, or deleted, spoil the information in their system by using fake info and then abandon the account (Anon O’Moose, 1234 Fake Street, Beverly Hills, CA 90210).
• One email alias per account - never shared.
• Unique passwords via a password manager (e.g., passwords like ‘Obtuse4-Entangle-Matrix’).
• Enable TOTP multi-factor authentication wherever possible.
• For legacy security questions, always use a passphrase generator for the answer, and save both the question and answer into your password manager. “In what city did you go to school?”Answer: “Bandit4-Topic-Guardian”.
• Save recovery codes for your accounts into your password manager.
• Leverage virtual credit card numbers if your provider offers it. One virtual card per account - never shared.
• Create accounts only if you have no choice.
• Submit your formal request in Opt Out Prescreen to minimise the sale of your info.
• Delete all centralised social media accounts. Instruct people to text or call you.
• Switch to Linux completely if you can. Get off Windows and Mac where possible.
• Get off iOS if you can and try to run a proper trusted degoogled OS where possible. You can experiment with Linux phones in the future, but right now it’s not mature enough yet nor is it as secure as something like Graphene OS on Pixel phones.
• Get all your data on prem only. If you choose to backup some data for safeguarding online, encrypt it before you upload it.
• If your phone number has been leaked and you’re getting multi factor code requests, excessive spam, etc. consider setting up a new phone line with new number. Then update all your accounts, employer, government records, etc. to point to the new phone number. Let your contacts know. Once satisfied, deactivate your old phone number.
• Minimise posting any personal details about yourself online. Never identify physical locations. Make up fake details about yourself, your employment, etc. Make yourself a little more anonymous by providing fake information. One day you have a pet, another day you’ve never had pets, one day you’re divorced, another day you’re 18 years old, etc. Strive to be consistently inconsistent with the data you post about yourself online. Lots of things I’ve said on Lemmy about myself are untrue, while some things are true. It’s important to not reveal personal identifiers as it is trivial for a determined actor to correlate data and pinpoint who you are.
• Never, ever have any usernames, passwords, email addresses, or security questions that have any meaningful information related to you. ALWAYS use random generators. There is only one password you need to remember, and that is the one password to your password manager. Write it down on paper using pencil (graphite lasts longer than ink) and stick it in a safe.
• Use a VPN properly and with discretion, based on your privacy threat model.

Archived article: https://archive.is/rDbgD

No prob at all dude! I just wanted to add the additional context in case some other persons stumbled upon these comments, were confused, and so they can get some more information on different browser options out there. Candidly, I only learned about Mull vs Mullvad Browser this week when I was researching what non-chromium browser to switch to next.

Mull Browser != Mullvad Browser. Just to be clear. I’m adding this context because your reply was regarding a thread on Mullvad Browser, and you replied with details about Mull.

For anyone else reading this comment: Mull browser is from DivestOS and deprecated. Firefox fork. Mull was forked by the community into IronFox.

Mullvad Browser is still alive and kicking, developed by Mullvad the VPN provider. Developed in partnership with Tor Browser, also a fork of Firefox.

If you’re stuck with Windows for corporate-issued computers, the next time this happens you can abort shutdowns in Windows.

Command Prompt:

shutdown /a

Saved me several times over the years.

Do it. It’s very straightforward.

• Buy a domain.
• Edit the DNS records to make your provider work with your domain.
• In Tuta (or even an alias service like Addy), create new emails using your custom domain.
• Done.

Whenever you need to switch providers such as if Tuta decides to support fascism like Proton’s CEO, you can easily switch to a new provider. Then add your domain to the provider, update your DNS records to point to your new provider, click Save. Done. And you won’t have to change your email addresses ever again.

Just an FYI that the Smart cancer has already began infecting computer monitors. It won’t be long until there are no more dumb monitors.

Samsung and LG make smart computer monitors. There are probably many others.

It’s been a day. We pine for our hero. Will you answer the call?

Andy Yen, perched on ivory tower: “Why yes, they are a bit blurry up here.”

I have sleep apnea. It’s very common. Get a sleep study so you’re properly evaluated and referred to the correct CPAP solution you’ll need. Then sleep with it.

I had an early model where it had a lot of background noise that wasn’t so bad for my spouse. However at certain points my mouth would open up and I’d emit a loud pressurized Darth Vader-like sound from my mouth. I’m checking with my provider to see if I can another sleep study and a different CPAP that will not bother my spouse as much.

Fun fact, sleep apnea is very dangerous and life threatening if left untreated. Get tested if you’re constantly exhausted and never feel like you get quality sleep. If you have a partner you share a bed with, they can help you identify you’re snoring and if you sound like you’re choking while you’re asleep - this happened to me and my partner woke me terrified that I might be dying.

Edit: some word replacement corrections due to typing on mobile

Nice work, this looks pretty great! You’ve actually inspired me to consider carving a pumpkin next year as it seems pretty straightforward to achieve what you’re looking for

Barges into room.

Them: “Are you hacking, son?

Me: “No.”

Them: “Cool. I’m just a hotel employee, and I only have understanding of computers at an end-user level. Plus, I see you’re not wearing a hoodie and sunglasses while being hunched over a laptop. Have a nice day and enjoy your stay at the Hilton!”

You can customize how the extension handles cookie banners. See an example of current settings on most updated extension at time of this comment:

@BMP5k@feddit.uk , can you help here? Thanks

Oof! I definitely can raise an Enhancement request in their GitHub to see if they can take on adding that functionality.

If anyone can get me the exact link of whatever OP experienced, I can log it there.

Get yourself the Consent-o-Matic browser extension and watch these “we and our 8000 partners (hungrily) value your privacy” banners disappear.

If you stumble upon a web site that Consent-o-Matic does not handle, you can simply click the extension, click “Submit for Review”, and the devs will shortly add support for that site.

I see you’re channeling the powers of middle management.

Only needs a sticker that says “You’re a rock star!”