Considering my threat model is just preventing my ISP to know which websites I am visiting and to prevent my government (India) from tracking me, do I need to use a VPN?

Currently, I am using a trusted VPN provider with a permanent kill switch and am never off of the VPN. Today, I was reading IVPN’s homepage and it says, “A VPN can be effective at encrypting your DNS requests so your ISP or mobile network provider cannot monitor or log the domains you visit.” But as far as I know, DNS over HTTPS does encrypt the DNS requests. Right?

I regularly clean my cookies, use hardened browsers, etc. So is a VPN really necessary for me? Or shall I just shift to using Quad9’s DoH or something?

Edit - I am using the router provided by the ISP and I cannot change it because I am behind CGNAT. I can use a separate device and install PfSense or OpenWRT or something on it and use that as a firewall. Any suggestions there?

  • br3ad@infosec.pub
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    How do you access banking apps/websites with always-on VPN and permanent kill switch?

    • nutbutterOP
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      My banking apps and netbanking work just fine regardless of which country I am connected to. UPI (unified payments interface) requires an Indian IP, though. But I can still do everything while connected to my VPN provider.

      • br3ad@infosec.pub
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        None of my banking apps work with VPN even with a spoofed Indian IP. UPI works without issue for me as well.

    • JohnEdwa@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Not OP, but back when I used Surfshark it had the ability to allow bypassing the VPN only for certain programs, IPs or URLs.
      I mostly used it to get less latency with online games or getting access to them in the first place as often I’d encounter login servers that just didn’t work though a VPN.