Why using (any) VPN is a Bad Idea for some home users.

Are you protecting yourself by using a VPN provided by Eero OR ANY other VPN service that claims to *protect you from harm, hackers, malicious websites, fake websites and other internet nastiness?    Here is why you should reconsider your choice to do so.


On device VPN.  You are probably using an per device VPN  program such as Nord, Proton, Norton, or Express VPN.  This goes for ALL VPN services.  Here is the problem.

1: Since you installed the VPN on your device and NOT upon your router, the 'tunnel' starts at your phone, computer, tablet, etc.  This will ensure that you can get out onto the internet without your ISP viewing what you are doing BUT it also means that your Router can NOT see what you are doing, nor will it route your DNS traffic through its DNS server while you are on the VPN. It will not even know that it is not doing it.

2: Why should you care?  I guarantee that 99.9% of people reading this -  both believe that they are safer leaving their security to a mainstream router and software package, especially while adding the fake security layer that a 'VPN' provides (see above information) and that doing so will add a safety benefit.  But, in actuality you are circumvented your own perceived safety net.

People using VPN service for work are typically tied to and limited by their Employers VPN service starting from their computer (end - to end) with their work server computer. For instance, many employers do not allow access to Facebook.com or anything that links to or has anything to do with Facebook.com ever since the Valentines day Virus Worm Storm going back to 2013. Don't consider yourself lucky if your employer isn't already blocking Facebook.com as there are many other reasons to avoid that website regardless of whether it is actively infecting computers with viruses as had occured. Fake profiles and time wasting being part of such reasons to de Facebook yourself. For more information just ask Elon Musk.

How you end up LESS PROTECTED.  Do to the fact that your 'router' and therefore what most of us home users would think is also your firewall is effectively BYPASSES once your device has secured its VPN connection.  (This is not the case where your router is the VPN) , but we are talking about Eeros here, and the Eero router does NOT host a VPN as it is NOT an option.

What could possibly go wrong?!

Well, if you rely on your router to block phishing sites or malicious websites and you are on a software VPN, it is simply not going to do that for you. It can not do that for you, because it has no idea that you have gone to say microsofts.com instead of microsoft.com.

It gets worse. Way worse. One of the additional security features offered and forced upon us eero users is that the eero DNS is mandatory, or else you agree that all security measures are deactivated on your Eero system.  

DNS being extraordinarily important when not wanting to be hacked you have no choice but to use the Eero assigned DNS servers. I've seen no claim that these servers are the best at blocking anything let alone malware because they are as faliable as the data they are providing which often comes from other public and private DNS servers. When connected to a VPN, you are using the VPNs DNS servers. Those DNS servers are also probably not claimed as being ultra secure. It is the DNS server that matters and where you will find Facebook.com blocked by your employers network.

What does any of this mean?  It means that in order for Eero to provide its level of protection to you, you must NOT have a VPN on your device and you must know that if you are running VPN software that is device based then you are entrusting that software to the entirety of your safety online.

Remember, it's the virus your antivirus can't see that is the problem, not the Valentines Day Storm Worm.  And it is the rootkit that is installed when you thought you were protected but instead circumvented said protection on purpose.



3 replies

    • pklocke
    • 1 yr ago
    • Reported - view

    Don't disagree with most of this, however, you absolutely can configure you own choice of DNS server (I use google's at  Path:  Eero App, Settings, Network Settings, DNS (custom).  you can also choose to use your ISP's default DNS servers (or both if you have IP addresses for both.

      • my2545
      • 1 yr ago
      • Reported - view

      pklocke Can't do this if you use Eero Secure. You'd have to turn off Secure.

      • pklocke
      • 1 yr ago
      • Reported - view

      my2545 very good point! I lost track of the thread. My bad. 

      I did not realize we were talking about eero secure (as a VPN which I did not know that's what that was)  as it was only mentioned tangently in the first sentence or two of this long thread. But I would further assume that any VPN that is device based would also require you to use their DNS servers as was noted in the thread (my assumption) .

Content aside

  • 1 yr agoLast active
  • 3Replies
  • 1171Views
  • 3 Following