There are plenty of legitimate uses for their services, they just aren’t things that the vast majority of people actually need. For example:
access things in a LAN from a WAN - i.e. access a personal PC when you’re at a friend’s house, and your home LAN is behind CGNAT
get around local laws - e.g. my state requires ID checks for porn and social media, so getting a VPN one state over gets around that
prevent ISP from seeing the sites you visit - very valid privacy concern, especially since SNI exists to de-mask TLS packets
There are also some sketchier needs, such as:
get different content on your streaming platform
hide sharing of illegal content (i.e. piracy)
perform illegal transactions (e.g. going on Tor to buy drugs or whatever on the black market)
I think VPNs are trying to appeal to more than just the above needs, they’re trying to create needs to grow their marketshare. That isn’t something a reputable VPN should do, or at least that’s something that would make me hesitate to use a given VPN.
The only thing you need to say is “my ISP uses CGNAT” you can’t host anything or run games for your friends without a way to punch through the CGNAT layer. I mean you could use IPv6 if it weren’t still a joke in the US but here we are.
There are plenty of legitimate uses for their services, they just aren’t things that the vast majority of people actually need. For example:
There are also some sketchier needs, such as:
I think VPNs are trying to appeal to more than just the above needs, they’re trying to create needs to grow their marketshare. That isn’t something a reputable VPN should do, or at least that’s something that would make me hesitate to use a given VPN.
If you want to give an anonymous video to the press or the police. If you don’t hide your ip then it isn’t anonymous and they’ll come question you.
That’s not a legitimate use; it’s an illegal use just like piracy is.
ECH will finally fix this. https://blog.cloudflare.com/encrypted-client-hello/
SNI is still better than what we used to have. Before SNI, every site that used TLS or SSL had to have a dedicated IP address.
The only thing you need to say is “my ISP uses CGNAT” you can’t host anything or run games for your friends without a way to punch through the CGNAT layer. I mean you could use IPv6 if it weren’t still a joke in the US but here we are.