When I click to update the ProtonVPN Windows app I get a message saying, “To complete the update process, Proton VPN will temporarily disconnect and deactivate Permanent kill switch if any of thees are active.” I want to be very careful that any other apps/services running in the background of my machine while the update is running don’t connect without a VPN.
One option is to unplug my internet while updating, but it is not clear that the update will finish successfully without internet, and if it breaks/gets stuck half way through I likely will need internet access to repair it so I’m hesitant to try this without getting some confirmation that the update can run fully without an internet connection.
Download the installer from the proton website, that defo works offline. Then you can disconnect your internet to run the installer and you’ll be good to go.
Jesus H Christ lad, unless your a bloody foreign agent running a VPN update while connected to the clearnet is not going to dox yourself, this is taking tin foil hat to new levels.
Simply restart the computer, don’t open any apps, any apps thar auto start kill then using task manager and then run your update, it’s going to be ok.
I’m thinking about a possible solution to this. I’m not sure what exactly is running in the background on your computer, but it could be Steam, Brave, Discord, or other similar apps. Try terminating them completely from Task Manager to ensure that they’re not making any unwanted requests that could potentially leak your IP. Do the update then re open them.
Look, I still think your being a bit silly but here’s your solution:
Install Proton VPN on your phone, hot-spot your phone to your windows machine while having your ethernet disconnected and then do your update, disconnect the phone hot-spot and reconnect your ethernet after the update
If you are this concerned about a temporary disconnection in your VPN:
* Why are you running the ProtonVPN instead of on a router?
* Why are you using Windows?
Nobody magically gets doxxed just by updating their software. You could disconnect your VPN for a year and nothing would happen.
Boot to safe mode with networking then update?
Foreground apps aren’t the only thing running, I also have a number of background services I have installed over time that won’t end just because you quit foreground apps. I could try to go through all services running on the machine one by one and terminate any not required to update ProtonVPN, but I feel like the chances of that being successful are even less than the chances I can click the update button with my internet unplugged.
You are correct that I take operational security much more seriously than most people, and you are also correct that it probably isn’t necessary. None the less, my life choices (where I live, what I say on the internet, and the software I write) cause me to need to be a bit more careful than the average bloke on the internet about correlating various aspects of my online footprint.
There are also services running in the background, Windows itself, etc. While I could try to hunt down everything that connects out, the only surefire way to make sure I get all of them would be to physically unplug the network which puts me in the situation I’m in where I’m just not updating ProtonVPN. 
Hmm, interesting thought, thanks! I could do the same thing with my router I suppose (which supports OpenVPN and WireGuard), though that would impact everyone on my network for a time but I can just do it during “off-peak” at my residence.
Using your phone’s hotspot function will bypass any networking apps you have installed 99% of the time unless you’re running custom firmware.
Turning a VPN on, then hotspot functionality won’t do anything for OP.
EDIT: Proton’s own support article says you must be rooted to do this. Those of you who think that you’re routing your devices over VPN via your phone hotspot should check your public IP from the connected device.
Why not VPN on router?
Because I often change my VPN location, and changing it on the router will change location (and reset all connections) of everyone else on the network as well. There are about a dozen people on this network and not all have the same privacy/country desires as I do and I don’t feel compelled to force my decisions on them (including performance reduction and suffering through captchas all the time.
Why Windows?
See lengthy discussion elsewhere in this thread.
You could disconnect your VPN for a year and nothing would happen.
This argument seems to be “using a VPN for privacy is pointless”, which I fundamentally disagree with and surprises me to see in r/ProtonVPN. I assume you only use a VPN for country spoofing, and not for privacy then?
This potentially could work, as it would disable almost all services and startup apps except those required for the OS to run. A bit of a headache compared to just unplugging ethernet cable, but it is a viable option if I get stuck mid-update!
A long time ago, when I first installed the OS before doing anything else on the device.
You take operational security seriously and are on windows… Right…
Cutting the edge off If you are using Windows this means your real IP address is already known to Windows. So you are not hiding from Windows.
I’m sure you already have knowledge of how a VPN works, but to remind you: you are hiding your real IP address from the destination, not from the source.
This means your Windows machine already knows your IP, as does your ISP and your router. So, I think just disabling these apps is enough. If you want extreme privacy and anonymity to hide your IP, you should consider moving away from Windows
Hmm, this is very good to know, thanks! This is true even when the VPN integrates with the OS’s VPN feature (like in Android)? It only provides a VPN for apps running on the phone, but it doesn’t route traffic connected to the phone as a hotspot through the VPN?
This is untrue, I can’t speak for all phone models but my S23 routes all traffic through the VPN tunnel if I hot-spot, I can’t speak for other models but it doesn’t make sense that a hot spot connection would bypass this.
No, it’s not pointless. It’s just that you don’t instantly get doxxed the moment you’re not connected to it.
Also, repeatedly changing your locations/connections your does not equal privacy. You’re just inconveniencing yourself. Your ISP knows you’re connecting to a VPN no matter how many times you swap servers. But nobody can read the traffic, and nobody can get at logs (because there aren’t any). So what’s the point of switching?
Are you aware of some known vulnerabilities on Windows that I should be concerned about? I know that it is cool these days to call Windows insecure, but I’m not aware of any current vulnerabilities of the class I care about at the moment.
The trust model between Windows and Linux is radically different, and there is a strong argument to be made that Linux’s trust model is superior to the Windows trust model, but in the end life is about trade-offs and after considering the trust model, vulnerability history, known vulnerability set, useability, compatibility with software of interest, cost, and many other factors Windows comes out slightly ahead for me for this device (which is not my only device).
Just because someone uses Windows doesn’t mean they don’t care about operational security, and one can use Windows in a way that is secure enough for many tasks (including browsing the internet without leaving a footprint everywhere you go).
