I was explaining VPN to a friend today, who asked me a question I didn’t 100% know how to answer. So please help.
I explained to him how the VPN tunnel works, and through the end-to-end encryption inside, no one outside can see your data or anything you download. He said, “Since the VPN provides both the entrance and exit of the tunnel, they can see what comes out the other end.” I didn’t know if he was right. And we’re assuming this is a VPN that keeps some logs.
So is this true? Can a VPN know the file name of a file you download because it decrypts it before hands it off to you?
Thanks. His question was specifically about downloading things, not just browsing. So I’m clear on how to explain it next time. If you were to download files from a source for example (like an unsecured website, file host, friends website, etc), would the VPN be able to log that “123.filename” came out our side of the tunnel to our computer on this day/time, then “ABC.filename” came out on this day/time? I would have assumed that it’s wrapped in a protocol in some way that the final layer does not get peeled off until it is safe on my side (away from anyones eyes but us)?
He said, “Since the VPN provides both the entrance and exit of the tunnel, they can see what comes out the other end.” I didn’t know if he was right.
It’s right. But nowadays you’d be using something like HTTPS to access web content. This is another level of encryption between you and the webserver you are accessing. In this case the VPN service would know what web server you are talking to. Nothing about the content, though.
Can a VPN know the file name of a file you download because it decrypts it before hands it off to you?
Depends on the protocol. HTTP: Yes. HTTPS: No. Bit Torrent: I don’t know.
A VPN tunnel is not end-to-end encryption. The VPN encryption terminates at the VPN service provider. What you revealed to your ISP before is now revealed to the VPN provider.
BitTorrent is not an encrypted protocol. Takes some effort to figure out what file is being downloaded because blocks are downloaded out of order, but it can be done.
I don’t think any consumer VPNs care about DMCA complaints… and they wouldn’t be able to do anything about them unless they’re keeping logs, so…
it see that you’re using a vpn, but can’t know what you’re doing. the isp from the server can see it, however he souldn’t see your IP. remember that a vpn is not a replacement for good security practice (https and encrypted dns)