No, the word I was looking for was VPN, not proxy. We weren't having a technical discussion about protocols or what not, I was talking about the services people use to bypass state-level porn blocks, and for better or worse, those things are called VPNs. As someone who does understand the technical background, I don't really like it either, but tough shit, language changes and has different meanings in different contexts.

Just google "VPN" or "How do I access Pornhub in Alabama?" All of the results refer to "VPNs" as I was using the term.

I think this ship has sailed. Services like nord or mullad are described as VPN products yet they are the products people are buying to route traffic into pornhub.

Seeing as Hacker News is ostensibly composed largely of people in-the-know, we could certainly use appropriate terminology unlike the commons.

Usages exist inside contexts, and the context of the post you replied to was unambiguous. Changing it like s/VPNs/services advertised as VPNs/ would not clarify anything to anyone, and changing it like s/VPNs/proxies/ would be less clear (since the author was likely referring to commercial services, not servers in a network).

This is correct. This entire conversation demonstrates how bad technical people are at understanding people.

A lot of people live exclusively on layer 7, which is fine.

"VPN" services do in fact use VPN, they're not HTTP based. It is technically appropriate to call them as such, as awkward as it is.

Yeah; it's not strictly accurate, but in a similar sense that it's not strictly accurate to call the typical copper Ethernet connector "RJ45", to say that a UDP "connection" occurred, or to say that a modem connects to a "DB-9" serial port.

I suspect the root of the problem is that over time, "proxy" has become strongly associated with application-layer protocols like HTTP, and after that shift it wasn't obvious what to use for something lower-level that encompassed a wider range of protocols/endpoints/conversations. In principle, "tunnel" would probably have been better (and a legible metaphor to boot), but that's just not how things shook out in practice.

I would disagree.

First, system that forwards traffic behind its own IP address is called proxy if it works on application level, and NAT if it works on IP level. So we have socks proxy, but home router with NAT.

Second, VPN is just a fancy name for an overlay network over WAN. Overlay network is overlay network even if it only contains two nodes - your host and a remote router providing internet access.

I do not have direct experience with these VPN services, but i would guess they work on IP level and not on application level. So they are just ISPs providing service through overlay network (VPN) instead of access network or physical network.

Curious, does a proxy also tend to encrypt the data streamed between it and the end user like a VPN service would?

That is, does the ISP have access to the information that's being accessed via the proxy?

It was my understanding that proxies tending to mask where a request came from but does nothing significant with the data between it and the requester.

>does a proxy also tend to encrypt the data streamed between it and the end user like a VPN service would?

It could, but it's not a hard requirement. A proxy server is just like any other server, encrypting the data en route is as desired.

A VPN encrypts data as a part of securing tunnels, but it's not a hard requirement there either. As long as two computers can communicate over private IP address ranges on a WAN, it's a VPN. The Private in VPN indicates the scope of the network, not whether any data within is immediately accessible.

See also: "Private" and "Public" IP address ranges.

>does the ISP have access to the information that's being accessed via the proxy?

The ISP providing internet to the proxy server will know what the proxy server requests and receives.

>It was my understanding that proxies tending to mask where a request came from but does nothing significant with the data between it and the requester.

Correct. Again, whether the data a proxy server receives and forwards was encrypted is tangential to the task of forwarding data.

Depends on the proxy. If you have an SSH server you can open a local socks5 proxy, that when configured in your browser sends all the traffic through your server. Since its a proxy over SSH it's all encrypted till your server, then whatever protocol the website uses.

VPNs are better (as in more ergonomic) in practice, since large sites tend to block access from known hosting providers (looking at YouTube not rendering video when accessed from a Hetzner server).