Hey guys n gurls, I was wondering if it is smart to disable my VPN connection for casual browsing.
Reasons: when having VPN constantly running it may be possible to track me via browser fingerprinting.
Szenario: the connection coming from the VPN which hypothetically downloaded a torrent, tries to watch capitalist propaganda while living in China, etc.pp has this screen ratio, this locale, this addons etc. And (more important) the YouTube login cookie we know belongs to this physical person/telephone number etc.
So I am wondering if I should only use the VPN when “needing” it (read articles not available in country, Netflix, read information government doesn’t like, things like that.) Or if I’m missing something here and I could obscure my causal day to day browsing as well without decreasing the security of the VPN.
For reference, the VPN doesn’t log anything (for more than a day) to my knowledge
EDIT: From what I understand from the comments: switching the VPN has little to no impact on widely used tracking and if at all makes it easier to corelate data. People emphasize the general lack of full privacy if you are wanted by entities willing to spend enough resources. But for the general need of privacy in normal usecases it makes more sense to just leave the VPN running.
that’s not how it works.
your vpn doesn’t do anything to mitigate broswer fingerprinting. websites use browser fingerprinting to identify a unique browser no matter the ip its connecting from. when i connect through mullvad’s french server, it identifies my browser just like when i connect through any other server.
most of the time those sites even clock that i’m connecting through a vpn.
a computer that is connected to some vpn and downloads a torrent while also visiting a website that fingerprints their browser will not have the two conflated unless the attacker can match traffic coming out of the vpn and traffic going into the computer.
that information wouldn’t be useful to an attacker unless they also had access to the website that fingerprinted the browser and were part of the torrent swarm so they could actually say yes, browser 12345 and user 34567 downloading The_Mummy_CrAcK_DeNuVo.mp4 are the same person and they were at this ip that corresponds to this router at this physical location and when we confiscate their computer we can verify their browser has the fingerprint, open and shut case, book em’ dano.
if you disconnect from your vpn intermittently it actually makes those checks easier because then the attacker can say “look, browser 12345 is coming from both the french mullvad node and from this little coffee shop in taipei! get em!”
a single vpn proxy can’t protect you from a hypothetical hostile whole ass internet.
Thanks, that makes sense.