VPN in Thailand: necessary from a security perspective?

[Sambora]

Hello,

 

There are many topics on this forum about the need of having a VPN, often times on the purpose of getting streaming services running and such. What I've been wondering is whether or not it is required from a security perspective.  How much of a real-life risk is there, in general and particularly here in Thailand, to become a victim of an attack which could have been prevented by using a VPN services? I know it's difficult to quantify these things but what I'm trying to find out is "is it worth investing in a VPN"? Or is a hardware (router) and software firewall running on my computer sufficient when doing common things like e-Mail, social media, YouTube and online banking?

 

Regards,

Sambora

[Pib]

You don't need a VPN unless you need an IP address from another geo-location like to get some streaming video products....or you just want to encrypt "all" your data flow for "whatever reason" like you are afraid some NSA-type organizations is monitoring your connection.  Or a VPN connection "might" improve the speed of your connection....I say "might" because numerous factors can affect whether your speed is improved or not such as how your internet provider has the network setup, speed of VPN servers, etc....etc....etc.

 

And when you connect to a lot of sites, like financial, banking, and other websites, you are making an "https" vs a normal http connection....https is a secure/encrypted connection.  Just look for the https and/or maybe little padlock icon and/or Secure wording up in the web address address area of your browser.

 

I have VPN (PureVPN) but rarely use it...only use it now when I need an IP address in another geo-location.  Now before I got a high speed fiber internet plan (AIS Fibre) I did use VPN more to improve the speed of my low speed plan when I was with True.  VPN helped my True internet plan speed a lot; but on my AIS fiber plan it really don't help as I'm zipping along fast already.

 

You might want to watch the two very short videos at below weblink talking https and VPN.   Really simple and well presented short videos.

 

https://www.labnol.org/internet/https-vpn-explained/20030/

 

 

 

[Cruzn]

Just moved to Thailand 2 weeks ago and have been struggling with when and how often to turn on my VPN.  What I have noticed is that google is VERY smart.  If you have a google account and use VPN and then don't use it, it raises a red flag on their platform and they issue you a security alert.  One of the things they ask is for you to verify your account.  I set up a google voice account before moving here, but cannot receive SMS messages from the tracfone which I originally set the google voice account with.  So, if I am forced to re-verify I may loose the google voice which is an essential part of my strategy for living here, especially for financial websites which often require 2 factor authentication .  I have yet to try to use my VPN with financial websites back in the States.  However, just today, I have reset my system date and time to correspond with the web server location back in the US.  I figure that a lot of these institutions are smart.  They can and do not only look at the IP address, but they look at the system date and time and if it does not match up with the IP location it again sets off a red flag.  I'm anxious about logging into my Vanguard account for the 1st time.  Will see what happens.  Have read prior posts which suggests that Vanguard has closed down access to accounts from customers logging in from overseas.  Not sure if these folks were using a VPN or not or how long its been, but I will be a bit nervous the first time.

[Pib]

Switching IP Locations, like using VPN to get a U.S. IP address, and then turning off VPN to go back to your Thailand IP address can indeed generate logon security challenges from services like your Google account(s), Gmail logon, PayPal, and various other sites you log onto.  Even switching VPN service providers and logging on from the IP locations you used with your previous VPN provider can can challenges for a while....this happened to me when changing VPN service providers one time. 

 

I've been through the pain-in-the-butt of where google/gmail/paypal would challenge my logons when using VPN to connect to a location I only occasionally us.  Or when using my Outlook client to do a pop3 email access of my gmail accounts.  Even Microsoft email accounts will challenge a logon when seeing logon from different IP locations.

 

But my experience has been once you successfully respond to the logon challenges X-amount of times google, Microsoft, PayPal, etc., will know from your history logon files the various IP locations/countries you logon from and will stop the challenges.  But sometimes the challenges can go on for a week or two and the challenges can be intermittent.  

 

To help prevent these logon challenges I limit my logon IP addresses to Thailand (no VPN connection), Singapore (VPN), and Los Angeles or San Francisco (VPN).   As a U.S. person I need a U.S. IP for certain websites.   Once your various accounts buildup a logon history file from you logon the security challenges will usually stop...that's my experience with Google, Microsoft, and PayPal.

 

In fact, just ten minutes ago made a VPN connection to Singapore to make an Outlook client connection to my Gmail and Microsoft email accounts and then repeated it via VPN connection Los Angeles.  I do this occasionally with PayPal also.   Knock on wood but I haven't had any security challenges for 6 months or so.

 

 

[Chicog]

What kind of security threats/attacks are you talking about?

Most people just use VPNs to circumvent certain blocks, or get round geoblocked services like Netflix (that have their own Thailand catalogue).

The only time you really want to use a VPN is on public Wifi, because that does lay you open to a variety of intrusions.

 

 

[TallGuyJohninBKK]

First, there is not much of an "investment" required to use an effective VPN, as there are some free options and then a myriad of paid ones, including some not more than a couple bucks per month.

 

There also are a myriad of valid/good reasons for using a VPN:

--improving international internet speeds (especially with True and 3BB ISPs)

--avoiding geo-restrictions on video streaming content.

--giving you a local location for purposes of home country banking log-ins.

--unlocking some official resources, such as U.S. Social Security, which if memory serves, requires a U.S. IP for some purposes.

--avoiding potential current and future snooping/monitoring by our local hosts here.

and so on....

 

For one or another of those various reasons, I find myself using mine almost all the time, one way or another.

 

The simplest way is just to get a good VPN and then leave it turned on all the time, which probably is going to work fine for most expat users. But if you want to toggle back and forth between VPN and local connection, that works too. As Pib noted above, over time, the various internet resources recognize that you may have multiple, legitimate log-in locations.

 

[TallGuyJohninBKK]

8 minutes ago, Chicog said:

The only time you really want to use a VPN is on public Wifi, because that does lay you open to a variety of intrusions.

 

The various VPN use examples I've posted above show that your notion about it only being valid for public wifi is short-sighted and inaccurate.

[muratremix]

If you use a private VPN (digitalocean singapore vps --> openvpn) it won't cause any google problems (don't enable ipv6 to make sure)

it will protect your privacy and disable true's transparent proxy while openvpn is connected.

 

I always leave singapore openvpn turned on my router. Thanks to dualcore arm 800 mhz cpu, I can get 50 mbps without a sweat on router so it doesn't limit my speed. if I get over 50mbit (like 100/20) in future, I can easily bypass my NAS device from vpn in router (thanks to openvpn selective routing in Asuswrt-Merlin) and I can live with 50 or whatever mbps I can get from openvpn on router and get max speed on my download machine (nas).

[Chicog]

4 hours ago, TallGuyJohninBKK said:

The various VPN use examples I've posted above show that your notion about it only being valid for public wifi is short-sighted and inaccurate.

 

I didn't say valid, I said "really".

 

The OP specifically asked about opinions "from a security perspective".

Honestly, if you going to try and be a smart ar$e with me, you're going to have to do better.

 

Otherwise just keep your boring, snarky remarks to yourself eh?

 

 

[Cruzn]

9 hours ago, Pib said:

Switching IP Locations, like using VPN to get a U.S. IP address, and then turning off VPN to go back to your Thailand IP address can indeed generate logon security challenges from services like your Google account(s), Gmail logon, PayPal, and various other sites you log onto.  Even switching VPN service providers and logging on from the IP locations you used with your previous VPN provider can can challenges for a while....this happened to me when changing VPN service providers one time. 

 

I've been through the pain-in-the-butt of where google/gmail/paypal would challenge my logons when using VPN to connect to a location I only occasionally us.  Or when using my Outlook client to do a pop3 email access of my gmail accounts.  Even Microsoft email accounts will challenge a logon when seeing logon from different IP locations.

 

But my experience has been once you successfully respond to the logon challenges X-amount of times google, Microsoft, PayPal, etc., will know from your history logon files the various IP locations/countries you logon from and will stop the challenges.  But sometimes the challenges can go on for a week or two and the challenges can be intermittent.  

 

To help prevent these logon challenges I limit my logon IP addresses to Thailand (no VPN connection), Singapore (VPN), and Los Angeles or San Francisco (VPN).   As a U.S. person I need a U.S. IP for certain websites.   Once your various accounts buildup a logon history file from you logon the security challenges will usually stop...that's my experience with Google, Microsoft, and PayPal.

 

In fact, just ten minutes ago made a VPN connection to Singapore to make an Outlook client connection to my Gmail and Microsoft email accounts and then repeated it via VPN connection Los Angeles.  I do this occasionally with PayPal also.   Knock on wood but I haven't had any security challenges for 6 months or so.

 

 

Thanks VERY much PIB.  Really helpful.

[Pib]

10 hours ago, TallGuyJohninBKK said:

--unlocking some official resources, such as U.S. Social Security, which if memory serves, requires a U.S. IP for some purposes.

 

For accessing social security VPN/a U.S. IP address is no longer required to reach their public website or your online account.   I do it all the time.  

 

Now around 2 years ago, at least on True, a person did need a U.S. IP address via VPN or proxy for a while to access the Social Security Agency webpages.  Seems that issue lasted for about 6 months and then it just went away....and this is not to be confused with their brief use of 2 factor authorization around 6 to 12 months ago which was different.

 

But there are indeed some U.S. govt websites you need a "non-Thailand" IP address to access....a DoD portal I use as a military retiree to access various other govt websites is that way.  Now if I use VPN to get a Signapore or U.S. IP address I can access the site.

 

A Thailand IP address is just one of those countries certain govt websites seem to block.

[TallGuyJohninBKK]

9 hours ago, Chicog said:

 

I didn't say valid, I said "really".

 

The OP specifically asked about opinions "from a security perspective

 

Except in your post above I was responding to, you didn't limit your answer to just "from a security perspective," and rather, included commentary on people using VPNs to avoid geoblocking and such. That's why I answered the way I did, and contrary to what you wrote about public wifi, all the other examples I gave are valid VPN uses that people use them for all the time.

 

[Headgame]

I am concerned about privacy first and security second.

I use a VPN 24/7 on both my laptop and cell phone.

Just think about where you live.

Should answer why.

[RichCor]

17 hours ago, TallGuyJohninBKK said:

[...]

There also are a myriad of valid/good reasons for using a VPN:

--improving international internet speeds (especially with True and 3BB ISPs)

--avoiding geo-restrictions on video streaming content.

--giving you a local location for purposes of home country banking log-ins.

--unlocking some official resources, such as U.S. Social Security, which if memory serves, requires a U.S. IP for some purposes.

--avoiding potential current and future snooping/monitoring by our local hosts here.

and so on....

 

 

#2, 3, 4 all are Geo related. While you can break them out for description they really only count as Geo-restriction related.

 

#5 may be true, but suggesting it runs afoul of the forum rules.

 

So you've only listed 3 reasons. "Chico" listed two of the three, just left off speed improvements via forced rerouting.

[elgordo38]

17 hours ago, muratremix said:

If you use a private VPN (digitalocean singapore vps --> openvpn) it won't cause any google problems (don't enable ipv6 to make sure)

it will protect your privacy and disable true's transparent proxy while openvpn is connected.

 

I always leave singapore openvpn turned on my router. Thanks to dualcore arm 800 mhz cpu, I can get 50 mbps without a sweat on router so it doesn't limit my speed. if I get over 50mbit (like 100/20) in future, I can easily bypass my NAS device from vpn in router (thanks to openvpn selective routing in Asuswrt-Merlin) and I can live with 50 or whatever mbps I can get from openvpn on router and get max speed on my download machine (nas).

Quite an answer I wish I was smart enough to digest it. I was born to early I guess. 

[johnmcc6]

Opera operating system has free V P N. I go from Firefox for most things then jump to Opera for others. Easy to  use with some good features. Never had a problem with either system. Good however to get around blocked content on some sites and articles.

[JHolmesJr]

Lots of torrent sites have started scaring people into using vpns….not necessary in my view though they certainly disagree.

 

 

[Chicog]

5 hours ago, TallGuyJohninBKK said:

Except in your post above I was responding to, you didn't limit your answer to just "from a security perspective," and rather, included commentary on people using VPNs to avoid geoblocking and such. That's why I answered the way I did, and contrary to what you wrote about public wifi, all the other examples I gave are valid VPN uses that people use them for all the time.

 

I didn't say they weren't valid, did I?

Good heavens man, go and find someone else to try and pick a fight with, it's intensely dull to have to listen to your futile attempts at point scoring.

 

 

[Chicog]

41 minutes ago, JHolmesJr said:

Lots of torrent sites have started scaring people into using vpns….not necessary in my view though they certainly disagree.

 

 

I think that's more down to the UK, where people have had the occasional letter from their ISP.

 

 

[Chicog]

1 hour ago, Headgame said:

I am concerned about privacy first and security second.

I use a VPN 24/7 on both my laptop and cell phone.

Just think about where you live.

Should answer why.

One thing a lot of people don't consider is just how secure their VPN is at the termination point.

 

However, since I don't do anything nefarious, I don't really worry about it too much.

I'd bet that at least a few of the VPNs are probably owned by NSA shell companies.

 

[johng]

I'd bet that at least a few of the VPNs are probably owned by NSA shell companies.
 

Proxy servers too.

[TallGuyJohninBKK]

22 minutes ago, Chicog said:

Good heavens man, go and find someone else to try and pick a fight with, it's intensely dull to have to listen to your futile attempts at point scoring.

 

If you want to avoid "intensely dull,"  it's easy. Just stop posting!.

 

Here's what you actually wrote, which obviously is not correct:

 

Quote

The only time you really want to use a VPN is on public Wifi, because that does lay you open to a variety of intrusions.

 

[maxcorrigan]

2 hours ago, johnmcc6 said:

Opera operating system has free V P N. I go from Firefox for most things then jump to Opera for others. Easy to  use with some good features. Never had a problem with either system. Good however to get around blocked content on some sites and articles.

I have tried the opera vpn and found it a bit restrictive if i remember rightly the only countries were in mainland Europe can't remember which, the easiest vpn i have found is browsec and can easily shift from the US to UK when needed, as regards Banking the one thing i have found that triggers alarms are using a different computer other than the computer you first registered your details on, not sure if this answers any questions the OP was asking

[quandow]

Some sites I visit assume I'm Thai - Amazon Assistant for example.  There was no option I could see to install in English. Turn on the VPN which let's Amazon think I'm in San Francisco and bada BING bada BOOM, problem solved.

[Katia]

How do you all get your VPNs to make your internet *faster*?  Everyone I've ever known who uses one, finds it makes their internet *slower* (mine, horribly so-- I need to muck about with settings and ask on my VPN's forums).

 

26 minutes ago, quandow said:

Some sites I visit assume I'm Thai - Amazon Assistant for example.  There was no option I could see to install in English. Turn on the VPN which let's Amazon think I'm in San Francisco and bada BING bada BOOM, problem solved.

Yes, I've had that problem, too.  Imagine me trying to get through the Google Play Store in Thai because that's what my phone defaulted to!

[reenatinnakor]

Just moved to Thailand 2 weeks ago and have been struggling with when and how often to turn on my VPN.  What I have noticed is that google is VERY smart.  If you have a google account and use VPN and then don't use it, it raises a red flag on their platform and they issue you a security alert.  One of the things they ask is for you to verify your account.  I set up a google voice account before moving here, but cannot receive SMS messages from the tracfone which I originally set the google voice account with.  So, if I am forced to re-verify I may loose the google voice which is an essential part of my strategy for living here, especially for financial websites which often require 2 factor authentication .  I have yet to try to use my VPN with financial websites back in the States.  However, just today, I have reset my system date and time to correspond with the web server location back in the US.  I figure that a lot of these institutions are smart.  They can and do not only look at the IP address, but they look at the system date and time and if it does not match up with the IP location it again sets off a red flag.  I'm anxious about logging into my Vanguard account for the 1st time.  Will see what happens.  Have read prior posts which suggests that Vanguard has closed down access to accounts from customers logging in from overseas.  Not sure if these folks were using a VPN or not or how long its been, but I will be a bit nervous the first time.

That is totally why Google is not smart! I fxxxxxg hate it when Google and Yahoo and other sites assume my genes have suddenly mutated into chinese/thai/Spanish/italian/Portuguese just because I have traveled to a different country for work! Yes I know the /ncr bypass or to use VPN... But I shouldn't have to! There must be someone to still know it's me using the same laptop I have for 6 years. Google think they are smart but they can't even work this out!

Sent from my LG-H990 using Thaivisa Connect mobile app

[hobobo]

I wish the gold old UK publisher famous for "Chemistry for Idiots", "Algebra for Idiots" (and about a thousand other subjects) would do a "VPN for Idiots", if they are still around - publisher, that is, not Idiots. I've been using True Internet for Googling, Gmail, a rare Pirate Bay download, and even rarer internet banking for about 10 years without a problem. In the last year or so, however, I get at least five messages/notifications a day to warn me of the pitfalls of using internet without VPN, and the True hell experience if I'm ever caught. Should I be worried?

[Pib]

16 minutes ago, hobobo said:

I wish the gold old UK publisher famous for "Chemistry for Idiots", "Algebra for Idiots" (and about a thousand other subjects) would do a "VPN for Idiots", if they are still around - publisher, that is, not Idiots. I've been using True Internet for Googling, Gmail, a rare Pirate Bay download, and even rarer internet banking for about 10 years without a problem. In the last year or so, however, I get at least five messages/notifications a day to warn me of the pitfalls of using internet without VPN, and the True hell experience if I'm ever caught. Should I be worried?

 

Not using VPN 24/7??!!....well, you are going to hell for sure when you die.

 

Disclaimer:  this is a paid advertisement/statement from the VPN Providers Association.

[Chicog]

2 hours ago, TallGuyJohninBKK said:

If you want to avoid "intensely dull,"  it's easy. Just stop posting!.

 

Here's what you actually wrote, which obviously is not correct:

 

 

<Yawn>

[hobobo]

8 minutes ago, Pib said:

 

Not using VPN 24/7??!!....well, you are going to hell for sure when you die.

 

Disclaimer:  this is a paid advertisement/statement from the VPN Providers Association.

One way tickets only, I presume?