Q&A Best protection for iPhone?

Templarware

Level 7
Thread author
Verified
Well-known
Mar 13, 2021
319
Imagine that you're using a public wifi, and on that wifi someone is trying to see your data. The VPN will be much better than NextDNS then?
 
  • Like
Reactions: SecureKongo

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,826
Imagine that you're using a public wifi, and on that wifi someone is trying to see your data. The VPN will be much better than NextDNS then?
In a public wifi none of them are necessary if you just browse websites that are encrypted with HTTPS. In the end a VPN would still be the better solution out of those two. And the best solution would probably be a self-hosted VPN. But I have to admit, that I was a little too lazy to try that yet.
 

Templarware

Level 7
Thread author
Verified
Well-known
Mar 13, 2021
319
I think I'll stick to NextDNS then. And if I only use it on my phone, the free version will probably be enoug.
 
  • Like
Reactions: Back3

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,826

Templarware

Level 7
Thread author
Verified
Well-known
Mar 13, 2021
319
  • Like
Reactions: SecureKongo

Templarware

Level 7
Thread author
Verified
Well-known
Mar 13, 2021
319
If thats the case then you have one less thing to worry about
I was wondering if it's the same as using other VPN, because it's advertised for its ability to access your home network and files only, the usual VPN benefits aren't advertised at all.
 

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,826
I was wondering if it's the same as using other VPN, because it's advertised for its ability to access your home network and files only, the usual VPN benefits aren't advertised at all.
No, because your data is not routed through any server of a third-party VPN provider. Thats why it's a great alternative in terms of security. It will only establish a VPN tunnel between your home network (in which you enabled your VPN server) and your devices (in a public wifi for example). If you purchase a third-party VPN, your data will also be routed through an encrypted tunnel, but this time to the server of the third-party VPN provider.
 

blackice

Level 36
Verified
Top poster
Well-known
Apr 1, 2019
2,566
No, because your data is not routed through any server of a third-party VPN provider. Thats why it's a great alternative in terms of security. It will only establish a VPN tunnel between your home network (in which you enabled your VPN server) and your devices (in a public wifi for example). If you purchase a third-party VPN, your data will also be routed through an encrypted tunnel, but this time to the server of the third-party VPN provider.
The downside to this is you are limited to the speed of your home internet connection. Specifically if you have much lower upload speed. And also data caps.
 
  • +Reputation
Reactions: SecureKongo

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,826
The downside to this is you are limited to the speed of your home internet connection. Specifically if you have much lower upload speed. And also data caps.
True, but considering that most public wifis will be slower than your actual home network, that shouldn't be a big issue. There are actually quite a few other downsides to a third-party VPN.

1. You can't really use it for unblocking geo-restricted content. (Except if you are in another country and want to access content from your country)
2. It doesn't provide any "anonymity" (Even tho third-party VPNs probably also don't do that)

Most important thing for @Templarware seems to be the encryption in public wifis, and for that a self-hosted VPN is probably the better solution.
And as a nice bonus: A real no-logging-policy (except your ISP) (y)
 
Last edited:

Templarware

Level 7
Thread author
Verified
Well-known
Mar 13, 2021
319
Already using the OpenVPN server of my Asus router. I can confirm that it uses the router's DNS servers and it overrides the DNS profile of the phone, I won't be needing it after all.
 
  • Like
Reactions: blackice

MacDefender

Level 16
Verified
Top poster
Oct 13, 2019
776
Imagine that you're using a public wifi, and on that wifi someone is trying to see your data. The VPN will be much better than NextDNS then?

As others have said, ultimately I'm not afraid. A VPN just moves that problem to somewhere else -- now I'm not afraid of others on my wifi network but I am concerned if my VPN provider is trying to see my data. Furthermore, the mall and coffee shop don't share data about me or know who I am (nor can they thanks to iOS random MAC addresses), but every time I authenticate to my VPN I am trusting them to not track me or associate me with the credit card I used to pay.

Some people run their own VPNs, but I honestly find that even more problematic on an untrusted network. If I run a rogue Starbucks wifi, and I see you connecting to a residential IP address via OpenVPN and successfully authenticating, I can tell what city you live in, who your ISP is, etc. And next time you connect to an OpenVPN server presenting the same public certificate, I'm pretty sure that's you.

Once you reach this level of paranoia, these are the considerations you have to keep in mind. There's certainly a time and place to use a VPN, but it's more important to ensure most of your services are end-to-end encrypted (which is generally the case)