It's far from a waste of money. They help with things such as skipping geoblocking, able to deceive ISPs that send mail warning users about pirated content, can in some cases help with gaming ping, allow users to trick sites that rely on IP logging and many other applications besides cybersecurity and privacy.
The main issue is that they all seem to advertise themselves as these privacy and cybersecurity services first, while ignoring all the other added benefits.
Meanwhile, a lot of users really can't trust their ISP: your "ISP" might be coffee shop, or someone renting on AirBNB, or your friend (as you are at their home or office). If you are in any of these circumstances, I would probably first recommend "tether off your phone or something", but if you are finding yourself needing or merely wanting to use someone else's internet connection (maybe for speed or because you don't have a good cell signal), it totally makes sense to use a VPN.
(Also: I don't think anyone has mentioned this yet, as maybe it is somehow "gauche" to do so, but one of the top reasons people use VPNs around the world is because they want to browse porn and they don't want people around them to know. At some point, the people in the apartment next door to me figured out my wi-fi password and seemingly felt the correct solution to this issue was to use me for their porn browsing, but it was then all the more awkward when I figured out why my network was slow and knew all of the porn sites they were browsing. Most people seem more OK with the idea of paying a company like ExpressVPN--even if they are legitimately run by "spies"--to be their dedicated porn access point than hoping that someone else more locally won't find out what sites they are browsing.)
> Meanwhile, a lot of users really can't trust their ISP: your "ISP" might be coffee shop, or someone renting on AirBNB, or your friend (as you are at their home or office).
Or your ISP may be one of the big ones - Comcast, Time Warner, etc or whatever they are in other countries, and you may legitimately not trust them either.
My wi-fi password was loudly spoken often and our windows were open constantly. Honestly, if they had asked one of us for the password, I am sure we would have given it to them also (and for all I knew at the time that was how they got it: I am just saying they figured it out, not that they stole it). (It wasn't designed to be secure or anything... is yours? I do not even think I changed the password once they started using it... I just upped my cable modem plan so I wouldn't get affected by it ;P. I might have, though... this was like 15 years ago (I have been using the same wi-fi password at least since right after that, certainly?)
I leeched off my old neighbors’ WiFi for a few years until everyone in the complex upgraded to routers which weren’t vulnerable to the pin key attack (or whatever it was called).
Totally agree. The geoblocking is the most common reason a lot of people use VPNs, even if that isn’t always how they are directly marketed. A friend’s mom asked me a few weeks ago for VPN recommendations so she could watch British TV easier. She’s 70. Her concern isn’t about safer browsing stuff but watching GBB more easily.
*Disclosure: ExpressVPN has sponsored my podcast in the past (tho I don’t handle ad sales fwiw) and I’ve always chosen to do the “this is how I watch X service in X country” use case in ad reads, b/c that’s the value in it for me vs rolling my own Wireguard/Tailscale setup (I actually have Tailscale setup for my home network).
It’s funny express has you advertise as being able to watch X service considering when I used express I couldn’t watch Netflix because they throw an error saying they know I’m using a VPN. Same with Amazon prime. I’ve switched to nordvpn but they are no different I can’t even use fast.com to check the speed when the vpn is on.
Netflix has been particularly vigilant as of late to combat VPN usage so it is a cat and mouse game. I haven’t had an ad from them in months but last time I did, it worked with the services I’ve used without a problem. For all VPN services, the geoblock stuff is a moving target so what works one day or week, won’t necessarily work the next. It’s unfortunate but it is what it is.
Browser fingerprinting works much better than checking IPs. With multiple devices being behind the same IP, it's necessary to distinguish between users.
I'm not saying VPNs are worthless - I'm on one right now for work. Commercial VPNs, for most people who purchase them, are completely worthless.
And I very much doubt that tunneling your connection through a VPN can improve ping.
Just for a moment close your eyes and imagine a world where you have to fill-in a mildly complicated form before you visit a website (or blindly sign away whatever rights you might have had).
A world where every second funny video you might have found on Reddit leaves you with a cryptic message that some "rights holder" doesn't permit you to see it (and denies you from joining the fun everyone else seems to be having in the thread).
A world where you cannot buy half of the cool stuff you want (and everyone else seems to be having) because you cannot even see the online store where it is sold.
A world where you're even denied access to old and seemingly public domain e-books.
Open your eyes. This is the world most of us live in.
We're not on commercial VPNs because we love to, but because often there is no other way. They are in a sense invaluable when it comes to geo-restrictions, even though I agree with you that they are worthless for many of the reasons they claim to exist.
Ok. Use a proxy, or set up your own Proxy/VPN on a VPS? Then you also have a VPS - you can host your own website there, use it to download stuff and rsync it back to your local machine, deploy nextcloud, etc., all for less than the cost of ExpressVPN. And bonus points, you can use unlimited devices.
Less of the cost sure but you are saving a couple bucks a month tops and replacing that with work on setup and maintenance instead. Moreover that way you get a single IP rather than the 40 different countries with multiple IPs my provider gives me.
Set up your own Proxy/VPN on a VPS, is bad for fingerprint perspective. You get static IP in rare IP range for consumers. Pirating is also meaningless unless you use special hosting provider.
Browser fingerprinting does not work for geofencing. Browser fingerprinting and IP geotags work, but fingerprinting just tells you if a user is the same person, on a different IP address. I run a website to monitor bot traffic, and really all something like a Picasso fingerprint can get you is visibility into who's spoofing their IP.
You get a hash value that's roughly unique to the browser-device configuration. You don't know from that hash where the user is located. You have to pair the hash up with geolocation services to get that info. Once you do that though, you get a decent idea of if the person is changing their IP, but there's still no way to tell what the 'real' IP is. You just end up with a unique ID that's associated with a handful of different IP addresses.
As a frequent international traveler, using VPNs as a method to change routing absolutely can improve the results. Routing is not always done to get your specific packets someplace as fast as possible, particularly when submarine cables are involved.
Yup, I was going to say the same thing. I’m also a frequent international traveler (tho not in the last 20 months, alas, but before pandemic I averaged 2 international trips a month) and one of the benefits, security or not, of a commercial VPN service is the access to different nodes that can drastically improve speeds vs whatever routes the network you’re on is using. It’s not a guarantee but I’ve had it come in handy quite a few times.
> And I very much doubt that tunneling your connection through a VPN can improve ping.
Surprisingly this can be the case as long as the combined link to VPN + target is better than the direct link to target. Keep in mind that the target might be geo distributed.
Like driving, going over 2 highways might be fasted than going over a direct dirt road, or a longer road might be faster because the direct road is congested.
One case where I saw this was a friend who for some reason was being routed to game servers around the world when trying to connect to an Overwatch game, and a much closer server with the VPN.
Was this a bug in Overwatch? Almost certainly, but the VPN was an effective workaround.
I've seen it happen. Blizzard is quite notorious for having some weird network links, where a VPN is known to be a workaround. Example [1], and I've heard the same from WoW players.
It can improve bandwidth too! Network operators LOVE to mess with traffic based on service type: prioritize it, throttle it, cap it, the games don't end.
"Turn on VPN, network performance improves" is a regular occurrence these days.
Yeah, but unless you are blowing the VM away all the time (and maybe you are, but that takes a certain amount of effort, even if you try to automate it), you’re still going to have a fingerprint tied to that VM and browser(s). Will it be linked with your other devices? Maybe not, but depending on what accounts you are signed into (Google, Facebook, etc), there could still be a more robust profile associated with your various locations and devices, even if the fingerprints are different.
And no wonder! All of those things you listed as benefits sound shady and illegitimate to people who aren't very tech savvy or have a poor understanding of their rights to a free web. Notice you're using words like "Trick" and "deceive" good luck selling that!
This. I'm an occasional customer of ExpressVPN because they're pretty good about getting past the Great Firewall. When we go visit her family I want access to the same things I have in the US. It's not going to be any real protection if the government is after you.
True. I use VPN to get behind the geoblocking on my banking app which is prohibited to work in my African country. Also viewing movies banned in my country.
The main issue is that they all seem to advertise themselves as these privacy and cybersecurity services first, while ignoring all the other added benefits.