MS Edge VPN: Built-in
-
Did you know that MS Edge has a built-in VPN? It automatically applies VPN when you are connected to a public wifi. Here are some more details[^] which I'm reading now. I work out of a coffee shop once a week so this is important to me. I'm trying to figure out : 1. how to know I'm actually protected 2. how "much" i'm protected by this VPN. It is very interesting that MS is doing this though becuase it seems like the obvious thing to do that no other browser seems to do. Others you have to pay for separate VPN.
-
Did you know that MS Edge has a built-in VPN? It automatically applies VPN when you are connected to a public wifi. Here are some more details[^] which I'm reading now. I work out of a coffee shop once a week so this is important to me. I'm trying to figure out : 1. how to know I'm actually protected 2. how "much" i'm protected by this VPN. It is very interesting that MS is doing this though becuase it seems like the obvious thing to do that no other browser seems to do. Others you have to pay for separate VPN.
Quote:
... stop third parties and bad actors from accessing your sensitive information, so you can make purchases online, fill out forms, and keep your browsing activity away from prying eyes.
Yeah, because it's still 2010, and every site on the net is still using HTTP rather than HTTPS, right?! :doh: Whilst there are still reasons for using a VPN[^], the MS page you linked to seems like it was written by a gibbering idiot marketing executive who doesn't understand the first thing they're talking about. :laugh:
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
Did you know that MS Edge has a built-in VPN? It automatically applies VPN when you are connected to a public wifi. Here are some more details[^] which I'm reading now. I work out of a coffee shop once a week so this is important to me. I'm trying to figure out : 1. how to know I'm actually protected 2. how "much" i'm protected by this VPN. It is very interesting that MS is doing this though becuase it seems like the obvious thing to do that no other browser seems to do. Others you have to pay for separate VPN.
I opened Edge and then Copilot and ask this question: tell me about Edge's new vpn service Here is the response: Certainly! Microsoft Edge now offers a built-in VPN service called Edge Secure Network. Here’s how it works: Encryption: Edge Secure Network encrypts your internet connection, making it secure and private. Location Obscuring: It hides your location and IP address, preventing third parties and hackers from accessing your sensitive data. Automatic Activation: The VPN activates automatically when you connect to open Wi-Fi networks or visit unsecured websites. Limitations: Currently, it provides 5 GB of data and is not available for enterprise users. To enable it: Open Microsoft Edge. Go to Settings > Privacy, search, and services. Turn on Microsoft Edge Secure Network and choose Optimized3. Enjoy safer browsing with Edge Secure Network! 😊 It does say not for enterprise users and I couldn't find it in my settings, but I am an enterprise user. I'll try at home later and see if I can find it. HTH
Jack of all trades, master of none, though often times better than master of one.
-
Quote:
... stop third parties and bad actors from accessing your sensitive information, so you can make purchases online, fill out forms, and keep your browsing activity away from prying eyes.
Yeah, because it's still 2010, and every site on the net is still using HTTP rather than HTTPS, right?! :doh: Whilst there are still reasons for using a VPN[^], the MS page you linked to seems like it was written by a gibbering idiot marketing executive who doesn't understand the first thing they're talking about. :laugh:
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
I've wondered about that. So if I'm on an HTTPS site, then the moment I hit SUBMIT the data is encrypted locally (using the public key of the target site) and then transfered so even a person on same wifi can't see it right? The one thing I'm looking to be protected from which I know is a current issue is token grabbing. Here's what I mean. You are already signed into your Google account on your laptop. When you go to a site like stackoverflow or CP that you use your google credentials and you're on the public wifi then the nefarious actor can grab your token and use it to sign into your account. I'm hoping / guessing that the VPN would protect me from that. But I'm wondering how I could prove that it does that?? :confused:
-
I've wondered about that. So if I'm on an HTTPS site, then the moment I hit SUBMIT the data is encrypted locally (using the public key of the target site) and then transfered so even a person on same wifi can't see it right? The one thing I'm looking to be protected from which I know is a current issue is token grabbing. Here's what I mean. You are already signed into your Google account on your laptop. When you go to a site like stackoverflow or CP that you use your google credentials and you're on the public wifi then the nefarious actor can grab your token and use it to sign into your account. I'm hoping / guessing that the VPN would protect me from that. But I'm wondering how I could prove that it does that?? :confused:
raddevus wrote:
even a person on same wifi can't see it
Correct. If they had enough control of the network, they could see your DNS request(s) and know what site(s) you were connecting to, unless you use DNS over HTTPS[^]. They could see the IP address of the server you were connecting to. They could potentially the SNI[^] header indicating which site, unless the server uses ESNI[^]. But they would not be able to see or modify any of the request or response data, including the URLs, query strings, headers, and request bodies. (Unless of course they had installed malware on your machine, or installed a malicious root certificate allowing them to MitM any site. But if they've done that, you've got bigger problems, and a VPN won't help you.)
raddevus wrote:
You are already signed into your Google account on your laptop. When you go to a site like stackoverflow or CP that you use your google credentials and you're on the public wifi then the nefarious actor can grab your token and use it to sign into your account.
Again, assuming all the sites involved are using HTTPS, then nobody else can see the cookie / token to grab it. It would be part of the data that was encrypted. And I doubt Google would allow any site not served over HTTPS to use their OAuth service to sign users in.
raddevus wrote:
I'm hoping / guessing that the VPN would protect me from that.
If you're accessing sites which are not using HTTPS, then a VPN would prevent users on the local network from seeing or messing with your traffic. But it would not protect you if someone was inside the VPN provider's network and monitoring the traffic! All you've done is moved the point of trust from the people running your local network to the people providing the VPN. There is also the potential of attacks agains
-
I've wondered about that. So if I'm on an HTTPS site, then the moment I hit SUBMIT the data is encrypted locally (using the public key of the target site) and then transfered so even a person on same wifi can't see it right? The one thing I'm looking to be protected from which I know is a current issue is token grabbing. Here's what I mean. You are already signed into your Google account on your laptop. When you go to a site like stackoverflow or CP that you use your google credentials and you're on the public wifi then the nefarious actor can grab your token and use it to sign into your account. I'm hoping / guessing that the VPN would protect me from that. But I'm wondering how I could prove that it does that?? :confused:
-
raddevus wrote:
even a person on same wifi can't see it
Correct. If they had enough control of the network, they could see your DNS request(s) and know what site(s) you were connecting to, unless you use DNS over HTTPS[^]. They could see the IP address of the server you were connecting to. They could potentially the SNI[^] header indicating which site, unless the server uses ESNI[^]. But they would not be able to see or modify any of the request or response data, including the URLs, query strings, headers, and request bodies. (Unless of course they had installed malware on your machine, or installed a malicious root certificate allowing them to MitM any site. But if they've done that, you've got bigger problems, and a VPN won't help you.)
raddevus wrote:
You are already signed into your Google account on your laptop. When you go to a site like stackoverflow or CP that you use your google credentials and you're on the public wifi then the nefarious actor can grab your token and use it to sign into your account.
Again, assuming all the sites involved are using HTTPS, then nobody else can see the cookie / token to grab it. It would be part of the data that was encrypted. And I doubt Google would allow any site not served over HTTPS to use their OAuth service to sign users in.
raddevus wrote:
I'm hoping / guessing that the VPN would protect me from that.
If you're accessing sites which are not using HTTPS, then a VPN would prevent users on the local network from seeing or messing with your traffic. But it would not protect you if someone was inside the VPN provider's network and monitoring the traffic! All you've done is moved the point of trust from the people running your local network to the people providing the VPN. There is also the potential of attacks agains
-
The solution to the token interception is to not use Google or Facebook for federated logins. Why would you want to let these two advertising companies know where else you go on the internet?
obermd wrote:
solution to the token interception is to not use Google or Facebook for federated logins
Yes, you are correct, but even though I'm a "technologist" I am also a lazy human. And I have 257 passwords in my password manager. This would mean even more. I know that's not a great reason but I like the federated thing for sites I trust like this one (CP).
-
Did you know that MS Edge has a built-in VPN? It automatically applies VPN when you are connected to a public wifi. Here are some more details[^] which I'm reading now. I work out of a coffee shop once a week so this is important to me. I'm trying to figure out : 1. how to know I'm actually protected 2. how "much" i'm protected by this VPN. It is very interesting that MS is doing this though becuase it seems like the obvious thing to do that no other browser seems to do. Others you have to pay for separate VPN.
Great. All these free VPN services make it easier for the most toxic people on the Internet to evade bans at places with comment sections, including one I moderate. :~
Check out my IoT graphics library here: https://honeythecodewitch.com/gfx And my IoT UI/User Experience library here: https://honeythecodewitch.com/uix
-
Great. All these free VPN services make it easier for the most toxic people on the Internet to evade bans at places with comment sections, including one I moderate. :~
Check out my IoT graphics library here: https://honeythecodewitch.com/gfx And my IoT UI/User Experience library here: https://honeythecodewitch.com/uix
honey the codewitch wrote:
make it easier for the most toxic people on the Internet to evade bans at places with comment sections, including one I moderate
Web2.0 is dead. Comments are dead. Turn off the comments. No one comments any more. This is me, not commenting. :laugh: Long live Web3.0 You should only allow people to create NFTs which contain their comments, for upload to your site. :rolleyes:
-
honey the codewitch wrote:
make it easier for the most toxic people on the Internet to evade bans at places with comment sections, including one I moderate
Web2.0 is dead. Comments are dead. Turn off the comments. No one comments any more. This is me, not commenting. :laugh: Long live Web3.0 You should only allow people to create NFTs which contain their comments, for upload to your site. :rolleyes:
