
Ask HN: Comforable VPN Setup for some services but not others? - Tenoke
I&#x27;m thinking of getting a VPN again (PIA or Mullvad, leaning PIA) but I was wondering what setups do people have?<p>E.g. I am not sure if I want everything to go through the VPN - for example stuff like games will just have a higher lantecy, but also it seems nicer to be able to choose which sites to be accessed via VPN and which not.<p>I&#x27;m (mostly) a Chrome user in Germany.<p>So what Setups and advice do people here have?
======
iforgotpassword
First question: Why?

If you're buying into the "prevent people from spring on you" propaganda just
keep in mind that the VPN only encrypts the data from your home to the VPN
gateway, so the VPN provider itself can now spy on your traffic instead of
your ISP.

Getting around geoblocking would be a valid concern but is also difficult to
pull off for many services in the way you want ("split tunnel"), since many
services are using a cloud provider in some way, so you can't just route the
IP addresses the website is using through the tunnel without it affecting a
bunch of other untreated stuff. Even just gathering a complete list of all
addresses owned and potentially used by someone like Google (for YouTube) and
keeping that up to date might prove difficult. So if you still wanna do that
it might be simpler to just turn the VPN on whether you need it. If it's just
about browsing though a provider that offers a browser plugin might do the
trick on a per-tab basis.

What might work for you is having a dedicated VM for the VPN that is
constantly tunneled, so just use that one whenever you want to visit some
blocked site.

~~~
Tenoke
>If you're buying into the "prevent people from spring on you" propaganda just
keep in mind that the VPN only encrypts the data from your home to the VPN
gateway, so the VPN provider itself can now spy on your traffic instead of
your ISP.

Both PIA and Mullvad have a better track record than my ISP so it seems like a
good trade.

But also it is for stuff like geoblocking, yes ( a lot is blocked in Germany)

I mean, worse case scenario you can tunnel one browser through VPN and an
another browser through your normal connection. That's what I used to do with
"ssd -d" but it feels like you should be able to isolate all request specific
to a given tab nowadays to do what I want. Or at minimum for different users.

~~~
iforgotpassword
I think their browser extension offer just that functionality, but I haven't
used a VPN in quite a while. But I think your approach with two different
browsers has an advantage too: It's much easier to differentiate by just
memorizing that chrome is for VPN and Firefox isn't. You're less likely to
accidentally browse to some website where you want to circumvent geoblocking
without the VPN enabled. Thanks to cookies they might then perfectly know your
actual location. I used to use a VPN for YouTube before they signed an
agreement with GEMA and occasionally didn't enable the VPN and after a while
Google tagged the static address of my VPN as German although it was in the
US. Although you probably won't run into this problem when sharing the
endpoint with people from all over the world.

