- Mar 13, 2021
- 462
Imagine that you're using a public wifi, and on that wifi someone is trying to see your data. The VPN will be much better than NextDNS then?
Best protection for iPhone?
- Thread starter Templarware
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Feb 25, 2017
- 2,597
In a public wifi none of them are necessary if you just browse websites that are encrypted with HTTPS. In the end a VPN would still be the better solution out of those two. And the best solution would probably be a self-hosted VPN. But I have to admit, that I was a little too lazy to try that yet.
- Mar 13, 2021
- 462
I think I'll stick to NextDNS then. And if I only use it on my phone, the free version will probably be enoug.
- Mar 13, 2022
- 599
Have a good look at ProtonVPN, pretty sure they use their own DNS service(might be wrong).
ProtonVPN: Secure and Free VPN service for protecting your privacy
Provides NetShield which blocks Ads, Trackers and malware.
ProtonVPN: Secure and Free VPN service for protecting your privacy
Provides NetShield which blocks Ads, Trackers and malware.
Last edited:
- Feb 25, 2017
- 2,597
I recently bought a Firewalla Device (Hardware Firewall) for my home network, and it also has the option to create a VPN server that I can activate when I am on a public Wifi. Maybe it might be interesting for you.
- Mar 13, 2021
- 462
My router has OpenVPN server. I guess it can do the same job? And it will use the firewall and dns servers of the router, I think...I recently bought a Firewalla Device (Hardware Firewall) for my home network, and it also has the option to create a VPN server that I can activate when I am on a public Wifi. Maybe it might be interesting for you.
- Feb 25, 2017
- 2,597
If thats the case then you have one less thing to worry about
- Mar 13, 2021
- 462
I was wondering if it's the same as using other VPN, because it's advertised for its ability to access your home network and files only, the usual VPN benefits aren't advertised at all.
- Feb 25, 2017
- 2,597
No, because your data is not routed through any server of a third-party VPN provider. Thats why it's a great alternative in terms of security. It will only establish a VPN tunnel between your home network (in which you enabled your VPN server) and your devices (in a public wifi for example). If you purchase a third-party VPN, your data will also be routed through an encrypted tunnel, but this time to the server of the third-party VPN provider.
- Apr 1, 2019
- 2,868
The downside to this is you are limited to the speed of your home internet connection. Specifically if you have much lower upload speed. And also data caps.
- Feb 25, 2017
- 2,597
True, but considering that most public wifis will be slower than your actual home network, that shouldn't be a big issue. There are actually quite a few other downsides to a third-party VPN.
1. You can't really use it for unblocking geo-restricted content. (Except if you are in another country and want to access content from your country)
2. It doesn't provide any "anonymity" (Even tho third-party VPNs probably also don't do that)
Most important thing for @Templarware seems to be the encryption in public wifis, and for that a self-hosted VPN is probably the better solution.
And as a nice bonus: A real no-logging-policy (except your ISP)
Last edited:
- Mar 13, 2021
- 462
When creating the NextDNS profile, should I input the ID, or the ID with DNS-over-TLS/QUIC or DNS-over-HTTPS?
- Feb 25, 2017
- 2,597
Only the ID, as it only supports DoH at the moment as far as I know. So it will automatically create a profile with DNS-over-HTTPS
You can test if it works here: test.nextdns.io
- Mar 13, 2021
- 462
Already using the OpenVPN server of my Asus router. I can confirm that it uses the router's DNS servers and it overrides the DNS profile of the phone, I won't be needing it after all.
As others have said, ultimately I'm not afraid. A VPN just moves that problem to somewhere else -- now I'm not afraid of others on my wifi network but I am concerned if my VPN provider is trying to see my data. Furthermore, the mall and coffee shop don't share data about me or know who I am (nor can they thanks to iOS random MAC addresses), but every time I authenticate to my VPN I am trusting them to not track me or associate me with the credit card I used to pay.
Some people run their own VPNs, but I honestly find that even more problematic on an untrusted network. If I run a rogue Starbucks wifi, and I see you connecting to a residential IP address via OpenVPN and successfully authenticating, I can tell what city you live in, who your ISP is, etc. And next time you connect to an OpenVPN server presenting the same public certificate, I'm pretty sure that's you.
Once you reach this level of paranoia, these are the considerations you have to keep in mind. There's certainly a time and place to use a VPN, but it's more important to ensure most of your services are end-to-end encrypted (which is generally the case)
- Dec 12, 2016
- 1,585
Iphone doesn't have root access and is sandbox best security software their can do is provide web based intelligence via a VPN and to check certificates and iphones are unlike windows PCs are secure by default
- Dec 12, 2016
- 1,585
Similar threads
