VPNs are to allow you to connect to a private network over a public network. They are not about user privacy. Once you hit that private network, privacy is determined by other protocols, not the VPN itself.
Geographical IP relocation seems like a common reason to use it. Also just because Google may have access to some information it doesn't mean that everyone else has.
You can't stop companies from gathering information when you interact with their services but you can do things to avoid having all that information aggregated (it would require using different IP addresses for different services, so a VPN can help, among other things).
Some public networks (like those at airports and coffee shops) still do sketchy things like injecting ads into HTTP sites and breaking DNS. A VPN is a great solution to these problems.
"Google will never use the VPN connection to track, log, or sell your browsing activity¹"
"1. Some minimum logging is performed to ensure quality of service, but your network traffic is never logged and your IP is not associated to your activity."
Even with that fairly well spelled out promise, I trust google about as much as I trust $RANDO_VPN, so... hardly at all?
Does this mean your incoming IP, or your outgoing IP? And if payment info or Google identity is associated with your activity, why would they need to bother associating an IP to your activity?
If you read the article then you would already know the answer to this question. They are using a blinding protocol so that the service that terminates the VPN is unaware of the identity of the user.
And yet this product is being built by an advertising company who's business model revolves around tracking your online activities to sell you to advertisers, which makes me deeply suspicious that there isn't some way using this makes you more trackable (by them) than using a different VPN
It says that personally-identifying information is not present on the VPN endpoint and no user data is logged, only service metrics with no identifiable information. Specific data logged and not logged appears on page 4 and 5 of the whitepaper.
I know he was also referencing the VPN, but this also comes with Drive storage and other "benefits" in the Google ecosystem. I mean, these days terrabytes cost peanuts so it probably doesn't make a difference.
That's a pretty insightful question. If people use the outbound addresses of these VPNs for disproportionately abusive activities then the reputation of those IPs and netblocks will eventually decline. It could come to pass that you wouldn't be able to establish a accounts from these IPs or, if you did, it would be in some kind of penalty box initially. That would go for all major providers, not just Google accounts.
I seriously doubt that you'll get that benefit from this service. When I use the Google VPN on my Android, my outbound IP is part of a completely separate AS they dedicate to this purpose, not on AS15169 like all Google's own outbound traffic.
Is there really an issue if it gets cancelled? You can just get a new VPN. It’s not like other google products where you’re going to lose data or have to rebuild systems.
It's still a pain setting up a new one and learning its quirks. If there was a compelling reason otherwise, might be worth it. Can't think of any upside myself, even the price isn't good.
Google One has customer support. Largely, Google One is paid support Google consumer products,. That's actually one of the main selling points. Since this is a feature of a particular Google One tier, it comes with support.
> 2) it will probably be cancelled in 18 months
Probably not.
> 3) they already spy on me enough with search, android, google keyboard, gmail
How would being a VPN (for Android only) provider change that? It doesn't increase Google's ability to spy on you, and it decreases other people's ability to. Which, insofar as your private information is valuable to Google, it makes sense for them to do as effectively as possible, even if you take the most cynical view of their motives.
> It doesn't increase Google's ability to spy on you
You're going to have to prove that. Your Android device doesn't send ALL your traffic to Google today. Using this would send ALL your traffic to Google. that 100% means it increases Google's ability to spy on you.
What they're doing - cryptographic blinding that separates authentication from user session - is probably the best approach at subscriber privacy I've seen so far.
> What they're doing - cryptographic blinding that separates authentication from user session - is probably the best approach at subscriber privacy I've seen so far.
Fortunately Intelligence services won't provide their snooping services for law enforcement. You can use torrent, and stay anonymous from everyone else.
Btw. other VPN services are not secure from intelligence services either. If anything NordVPN and others get extra scrutiny and monitoring allocated for them.
> In order to provide peace of mind for our users that their activity is private from the VPN operator and from potential attackers, VPN by Google One does not log user activity on the network or other information that could reveal personally identifiable information about them. The following data is NOT logged by the VPN for a given user:
● Network traffic, including DNS
● IP addresses of the devices connecting to the VPN
So if I'm reading that correctly, they DO log who's using which IP address at which time. Which makes sense for abuse tracking, but means this really isn't the service to use for torrents.
EDIT: actually, from the whitepaper [0] it sure looks like they don't even get that much - you authenticate with one set of servers and then get a token to pass to the VPN tunnel servers via 'RSA Blind Signing', and so the tunnel servers never know the account that they're proxying data for. That's actually pretty awesome, if the service as implemented matches the service as described.
That's what I was getting at. It makes Fi slightly less sticky for me if I am also going to get the VPN feature with the Google One that I also pay for.
What is Google One? Is this the service formally known as Google Apps or some other service? I find it hard to keep track of all their products because they change so much.
You also get more storage for Gmail and Google Photos (if you didn't enable compression), occasional discounts/free trials for paid Google services and ability to speak to "Google experts" if you have a problem.
> Google will never use the VPN connection to track, log or sell your browsing activity
But Google doesn't need your browsing history via the VPN connection. It only needs you to continue using the same browser you normally do, so that they can do their normal cookie tracking for Ads...
Unless I’m mistaken it just appears to be for Android phones ? I guess I can see some value in it, but will no doubt be heading for the Google graveyard in 18-24months !
It's been included with their Google Fi service for a while. Unless they are planning on killing Google Fi their VPN service is going to stick around I would assume. But they did just kill off my nest secure I bought, which was very disappointing.
128 comments
[ 0.20 ms ] story [ 170 ms ] threadVPNs are to allow you to connect to a private network over a public network. They are not about user privacy. Once you hit that private network, privacy is determined by other protocols, not the VPN itself.
Which for some reason I don't expect Google's VPN to help you with at all.
They explicitly say that the VPN will choose the nearest exit point for best performance so, no, it won't.
You can't stop companies from gathering information when you interact with their services but you can do things to avoid having all that information aggregated (it would require using different IP addresses for different services, so a VPN can help, among other things).
"1. Some minimum logging is performed to ensure quality of service, but your network traffic is never logged and your IP is not associated to your activity."
Even with that fairly well spelled out promise, I trust google about as much as I trust $RANDO_VPN, so... hardly at all?
Does this mean your incoming IP, or your outgoing IP? And if payment info or Google identity is associated with your activity, why would they need to bother associating an IP to your activity?
It you can't beat them, join them!
1) No customer support
2) it will probably be cancelled in 18 months
3) they already spy on me enough with search, android, google keyboard, gmail
The price is zero if you are already on that Google One tier, which is pretty good.
Whether its good if you aren't depends on not just the VPN service itself, but how much you value the other things provided by Google One.
Google One has customer support. Largely, Google One is paid support Google consumer products,. That's actually one of the main selling points. Since this is a feature of a particular Google One tier, it comes with support.
> 2) it will probably be cancelled in 18 months
Probably not.
> 3) they already spy on me enough with search, android, google keyboard, gmail
How would being a VPN (for Android only) provider change that? It doesn't increase Google's ability to spy on you, and it decreases other people's ability to. Which, insofar as your private information is valuable to Google, it makes sense for them to do as effectively as possible, even if you take the most cynical view of their motives.
You're going to have to prove that. Your Android device doesn't send ALL your traffic to Google today. Using this would send ALL your traffic to Google. that 100% means it increases Google's ability to spy on you.
Client source code: https://github.com/google/vpn-libraries
What they're doing - cryptographic blinding that separates authentication from user session - is probably the best approach at subscriber privacy I've seen so far.
I wonder how they'll deal with abuse.
can someone eli5 please?
So, no customer support for non-paying customers, but I don't think that applies here.
Btw. other VPN services are not secure from intelligence services either. If anything NordVPN and others get extra scrutiny and monitoring allocated for them.
> In order to provide peace of mind for our users that their activity is private from the VPN operator and from potential attackers, VPN by Google One does not log user activity on the network or other information that could reveal personally identifiable information about them. The following data is NOT logged by the VPN for a given user:
● Network traffic, including DNS
● IP addresses of the devices connecting to the VPN
● Bandwidth utilized by an individual user
● Connection timestamps by user
EDIT: actually, from the whitepaper [0] it sure looks like they don't even get that much - you authenticate with one set of servers and then get a token to pass to the VPN tunnel servers via 'RSA Blind Signing', and so the tunnel servers never know the account that they're proxying data for. That's actually pretty awesome, if the service as implemented matches the service as described.
0: https://www.gstatic.com/subscriptions/marketing_page/vpn/whi...
Is this Poe's law in action?
Poe’s law https://en.m.wikipedia.org/wiki/Poe%27s_law
Google One is Google's paid-storage-plus-premium-support-for-consumer-products service.
You could view it as, in an imprecise way, the consumer counterpart to Google Workspace (formerly G Suite, formerly Google Apps.)
https://support.google.com/fi/answer/9040000
But Google doesn't need your browsing history via the VPN connection. It only needs you to continue using the same browser you normally do, so that they can do their normal cookie tracking for Ads...
[1] https://1.1.1.1/