VPN marketers rant

Windows is history for me.  The last time I used it it was Windows 98
on an Intel Celeron, back in the late '90s.  Then I discovered free
operating systems such as GNU/Linux, and I never turned back.

Unfortunately I can't say the same for my parents: since I have my own
life, far away, I'm no longer able to effectively help them with their
technical problems.  They've got to rely the local computer technician,
which means my Slackware installation was replaced with Windows 10.

Today I used said computer for a quick online research, which was
interrupted by a pop-up window from Avast, the Anti-virus.  The pop-up
claimed I've got four privacy issues to address.

Being somewhat biased by many online discussions about how intrusive
Windows is, I wasn't particularly surprised.  I checked out, however,
what Avast has to say about it:

1. Your provider might see what you're doing, as you're not using a
VPN! Try Avast VPN!

2. Since you're not using a VPN, your traffic is unencrypted! Try
Avast VPN!

3. Look, I know you're from $WrongPlace. See? You need Avast VPN!

4. Your IP address is X.Y.Z.W, and I would not know it if I wasn't using
Avast VPN.

I get it: it is marketing.  But I still hate how all these points are
fallacies, made to scare people, for the purpose of selling a protection
that most don't need.

1. If you use Avast VPN, it is Avast who knows what you're doing online:
you just exchanged one master for another[0].

2. The traffic might be encrypted from your computer to the VPN endpoint,
but if you don't use TLS it will be visible from the endpoint forward,
so it is the same thing.  Using a VPN is no replacement for HTTPS[1].

3. Oh wow, you must be a great h4x0r to read the fucking GeoIP databases.
Also, they're often wrong.

4. Oh wow, are you implying that having a VPN won't really prevent a
malicious application (such as possibly Avast, for what it matters)
to know the real public IP of the machine?  In order to reach the VPN
endpoint, the VPN software still needs to use the default gateway. Any
software can do the same[2], unless advanced filtering techniques are
employed.

Don't get me wrong: I'm a VPN user (Mullvad[3], if you're curious), but
I know how what it means, how to use it wisely, what kind of protection
I get, and what to expect.  I've got nothing against the "watch netflix
over VPN" argument (although let's face it: it is just to spill you
money, and most content is crap anyway).  But when it comes to privacy
using a VPN makes sense only when much more urgent holes are covered,
such as, for example, the telemetry services of Windows.  I think that
Avast should be really ashamed.


-- NOTES

[0] On what basis do you trust your VPN provider more than your ISP?

[1] This fallacy is also commonly promoted by NordVPN through hungry
Youtubers these days.

[2] Need a Proof? Connect to a VPN and try `curl --interface eth0
ifconfig.co` (where eth0 is the effective interface over which the VPN
tunnel is established)

[3] By the way, not using their client.  I use a custom script that I'm
sharing here: https://gitlab.com/dacav/wtf/