Free VPN and map data, what does the VPN see?

B

Batmanius2021-12-27 09:46:48

VPN

Batmanius, 2021-12-27 09:46:48

Good afternoon. I want to go to fasttech using the browser extension for vpn and pay for the goods directly with a card.
Question:
Will the vpn provider see the data that I enter for payment?
1. If vpn provider changed certificates.
2. If everything is on garlic and the vpn provider does not interfere with certificates.

I apologize if I worded something wrong.

Well, in order not to get up twice, an additional question.
0. What does a simple provider see when I visit a site via https, the entire url line or just the domain name?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

C

CityCat4, 2021-12-27
@Batmanius

1. If vpn provider changed certificates.

Organizing a full-fledged MitM is not so easy. It is not enough to replace certificates - you need to make sure that your axis considers that the VPN certificate issued on vk.com, for example, is the real one! And this can only be done by adding the certificate of the issuing CA to the trusted ones.
Why do you think there is so much buzz around "state certificates"? Because the presence or absence of it on the computer gives / does not allow the state to open https.
The VPN provider will see the endpoint, the connection time and the volume passed in both directions. Sometimes this is already enough.
To protect card data from leakage (quite an understandable desire), it is enough to go the other way - get a card that you don’t feel sorry for and on which there is never any money.
To protect the fact of payment (that it was you who paid the money, and not someone else) - the most guaranteed way to raise your VPN.

V

Vladimir Korotenko, 2021-12-27
@firedragon

0. What does a simple provider see when I visit a site via https, the entire url line or just the domain name?
domain name or nothing at all
https://lifehacker.com/how-to-enable-dns-over-http...

1. If vpn provider changed certificates.

2. If everything is on garlic and the vpn provider does not interfere with certificates.
VPN is on another level.
Roughly speaking, vpn is a road or even a dedicated lane.
and https is a truck with sealed content.
Read about certificate substitution at Kaspersky 8)
https://support.kaspersky.com/KWTS/6.1/ru-RU/166244.htm
and carefully about exceptions
https://support.kaspersky.com/KWTS/6.1/ru-RU /193664.htm
ssl pinning and HTTP/2.0

A

Alexander Kalinin, 2021-12-30
@tchlgru

it is almost impossible to replace certificates so that you do not know about it, unless you get a Trojan on your PC, or add the certificate yourself as trusted.
It's not for nothing that browsers say that "attackers can intercept passwords and bank card numbers" if something is wrong with the certificate.
if there is no substitution, then naturally, vpn will not know anything about the card data, but only if https is 100%. I advise you to put an extension like "https-everywhere".

What does a simple provider see when I access a site via https, the entire url string or just the domain name?

will see only the domain and then only if the so-called “dns over TLS” is not enabled in the browser