How Secure is VPN?

00:00

welcome back to and use of European Security course in this video, I will be talking about how secure can VP and be.

00:08

And first thing is just blue

00:13

give you some assurance we be and is very safe.

00:16

So it really stops the unauthorized access, uh, toe the company network. For example, if you set the things properly, there is the software installed on the every users

00:28

PC or employees BC Even if these air notebooks and especially their notebooks, actually, and you simply need to log into If you set it right, then absolutely need ppm to log into the system. So if you don't have the access,

00:47

it can be very safe.

00:49

Um, so it can prevent non employees somebody, somebody who's cyber criminal for logging onto company network. So this is the first step that in ALS, the ICTY securities toe make mandatory used your be invent logging outside the corporate network.

01:07

Also, it encrypts communication and every packet this separately encrypted. Now, um,

01:15

VPN has to be set up with certain standards, and I'm not going to talk about that in this course. This is something for a high level of learning, but if it's set up properly If the communications okay, if it's a properly encrypted, if there is no way that it will fall back toe

01:34

the standard Internet. If the VP and Donald is broken,

01:40

then everything is OK. Then you have a situation in which it is really, really, really safe.

01:49

Unfortunately, like many things in in I t

01:53

VPN is not 100% safe.

01:56

So, um, why is it not safe? Well,

02:00

first of all, um,

02:01

yeah, okay. You use, for example, commercial, weepy and for your personal things.

02:07

But then you have a man in the middle of situation. Men in the middle situation is your VPN service provider. So this

02:16

this this company is somebody who is essentially still can

02:22

check everything you do, because from the moment that your traffic gets decrypted their servers

02:30

and then goes to internet, they know what you're doing. So

02:34

if these people are, for example, collecting data of your surfing and then they sell it to somebody else,

02:40

then you don't have 100% privacy.

02:45

Um, it doesn't protect you from accessing malicious sites because what malicious I'd do is, if you're suspicious cited, can drop the payload to your PC through your Internet browser. And although the communication between your weeping provider

03:04

and your PC's

03:06

encrypted one once it gets decrypted on your side

03:10

and it goes into your browser,

03:14

malicious cold gets executed like

03:16

you weren't using VPN, so it has nothing to do with protection of these things. Also, if somebody has installed key logger on your PC, it doesn't matter that you have, Ah, VPN that keel over will still collect information that you're typing on your notebook

03:35

on your sorry on your keyboard and also Trojans. They work regardless of the fact that you have some part of your communication with the Internet encrypted because it is just the safe communication channel. Whatever is going through the channel, and it's not safe that don't get filtered

03:57

and isn't mentioned before. There is a potential for traffic leaking, which happens if you're

04:02

VPN. Connection breaks down and you're not aware of that. You continue surfing

04:09

and then happens that you pieces simply switchbacks to normal operation using and non VPN traffic with the Internet, and you don't know that, so

04:20

that's a problem.

04:24

Okay, on the also reap Ian can be cracked, so

04:29

there is a way to do package decryption, but you need really, really heavy harbor to do it.

04:38

But the thing that some government agencies, for example, is not to the crypt your traffic, but to use some some really, really serious harbor in terms off, you know, server farms to get the key. And then they can decrypt your traffic so they can sniff your network

04:57

and then they can decrypt it because they got the key

05:00

for a recession you're making

05:03

Also VPN provider can be hacked, although this but this is this is not happening very frequently, but rather have bean occasion. Where we pian provided was have right on government agencies. So they were able to sit inside their machines and basically follow whoever they want.

05:23

The 13 which is a security risk about VPN is that

05:28

corporate we peons?

05:30

Um, you have You're running your security in your company and you have VPN and people are logging from their homes.

05:36

There has bean at least theoretical way

05:41

for somebody that can crack the WiFi off your home network. And then they can do what is called piggyback on your connection of OBP and connection and then when you look out,

05:57

then they can continue being loading toe your company and then they can do some damage things.

06:08

This really depends on what kind of show VPN set up. Are you using in the company? Because it doesn't work on everyone, and also

06:17

this can be avoided. But the whole weepy anything had to be properly set up for this possibility

06:25

in order to avoid it.

06:29

Okay, eso a little question at the end for you. Question is what VPN isn't protecting you from.

06:43

And, uh

06:53

so the question is, what creepy in isn't protecting you from? Is it key? Loggers is a network sniffers or is it sensory?

07:01

And, uh,

07:03

the correct answer is key loggers is they mentioned If somebody installs key logger on your PC is in forms of Melber.

07:11

The fact that you were using VPN doesn't protect you from that network sniffing absolutely censoring. Absolutely.

07:17

But everything about the key logger or any kind of malware that is actually in your PC VPN doesn't protect you from

07:29

in the end. In this video you have one of the safety benefits and safety issues of Median

07:35

and the next video. I'm just going to do the recap off this morning.