I want to create e.g a Gmail account while connected to an unknown PPTP VPN. Is it safe, or can the owner of the PPTP VPN see my Gmail web page information, such as username or password, at all? Can the PPTP owner decrypt our information using our HTTPS private key?
Asked
Active
Viewed 176 times
0
-
*"Can the PPTP owner decrypt our information using our HTTPS private key?"* - which private key you refer to with "our ..."? Likely you don't have the one from gmail and there is no other private key involved here. Maybe you have a misconception of how HTTPS works? – Steffen Ullrich Jan 27 '20 at 09:04
-
my question is that the pptp vpn provider can see my gmail account name and password or not? as the gmail website is secured with https. – samy2k9 Jan 27 '20 at 09:29
-
It cannot unless they somehow made you install a specific certificate for interception or made you ignore security warnings. PPTP VPN or any other kind of VPN cannot magically analyze already encrypted connections and HTTPS protects these sensitive information. – Steffen Ullrich Jan 27 '20 at 09:36
-
so why people say PPTP VPN is not secure?(assume that almost every sites use HTTPS) – samy2k9 Jan 27 '20 at 10:52
-
*"assume that almost every sites use HTTPS"* - First, this is the wrong assumption. Depending on where you look only about 80..90% of the connections are on HTTPS. Apart from that VPN being secure means usually that the VPN itself provides security and not that it only preserves an existing security. OpenVPN or IPSec do this, PPTP only to a lesser extend which is no longer considered secure enough - see https://www.ovpn.com/en/blog/pptp-has-become-obsolete/ – Steffen Ullrich Jan 27 '20 at 11:48