 Google Project FI now includes free VPN access 24-7 and I thought this was kind of interesting and Anytime you use a VPN whether that's be private internet access or Google's VPN service here that we're gonna talk about you're just pushing who you trust down the road So I trust no one in between me and private internet access for example because I want to use private internet access to Hide what I'm doing from the carriers that are being used Comcast or whoever your internet provider is That's all you're really doing is saying okay. I'm moving that trust layer over to private internet access Well in this case, it's got the same thing you're moving your trust layer to Google now If you're already using a Google phone Google knows a lot about you and I'm not here to get into the merits of whether or not You should trust Google with your data the reality is their business model is monetizing your existence We all know that's clear, but I am a Google Fi user and I was curious what I would be hiding if I use this VPN so I have it connected to my network and Did some digging here, and it's it's an interesting read here, and I will Say that there's also going to be a couple offer codes down below one for private internet access If you want to sign up and help the channel and one for Google Fi same thing If you want to sign up and help the channel not obligatory, but hey any little bit helps so I Have this setup and here's the tools I'm using and top PNG running on PF sense because we're going to dig into some of the traffic with that This is just PF top. This is the default built-in Monitoring for PF sense so I can like dig into the actual session states and see what's going on I have a Google pixel to excel phone, and I've got Google Fi turned on with their VPN now Let's talk about the network settings real quick here This is interesting because when I was playing with it when I built these rules for my IOT network I tried only allowing ports 80 and 443 and DNS and you can It does claim to connect but none of the service recognizes and VPN So that was kind of a bust I wanted to see if you could try to force it to tunnel the traffic out those addresses It won't it does need to establish a VPN connection and it appears to be using Let's dig into the connection settings here port 21 53 when I've connected That's the destination that it's going for. I'm not Super detailed exactly what protocol are using but it is a UDP session that they establish here and that's where all the data comes across Now it does use local DNS So I was checking for DNS leaks and I've wandered around the web the only thing it starts resolving and right now I'm opening up Twitter Just scrolling through stuff and I've played some YouTube videos. I've done all kinds of stuff Matter of fact, I took photos and use the Google photo app to back them up. Everything works fine And it never goes anywhere when we dig into like looking at the flows. This is it This is all you can see from this particular phone right now not a whole lot of Data going back and forth and we're gonna turn it off in a second and show you what it looks like when I don't have this on But it's pretty neat Like I said, you're moving the level of trust on a road so people can't tell you can't tell what app I'm on right now even though you're watching this in real time. You see the data and let's go here to Open up a video Hopefully playing a video right now So you're watching the throughput, but you don't know where it's coming from. This is an interesting thing I mean, I'm not sure how good a deep packet inspection would do Because it really seems to do a solid job of digging this because it's using encrypted tunnel VPNs are notoriously hard to Reverse engineer depending on, you know, which VPN they're using but that's the kind of the point of the VPN It's really hard to figure out the DNS leaking is usually the first thing you look for because sometimes the data will traverse the VPN But it will use the local DNS and I'll see this to be the case at all These are all the flows coming out of this phone. There's just nothing no data. Just an absolute laugh lack of things Moving around in here. It still is doing the Google things though For example, mDNS locally that is coming up and what mDNS is looking for things like Chromecast and other other devices that you Maybe want to broadcast you but it is doing as it says hiding your Traffic and information. So, you know, I pulled up a YouTube video and the only thing you ever see is this connection here When you look at the DNS lookups or you dig into Peers and where it's talking to just Google. No, nowhere else mDNS data very little because it's just looking for devices on the same network and everything else is gets encapsulated to here now Obviously, like I said at the beginning Some places do this they block VPNs. This is actually how a lot of Large nation states that will remain unnamed but this is a common issue with them. They just they know VPNs are They're not able to see into them. So they simply block them So that still breaks this but I have so far is you're just moving to the level of trust on the Google But it does as Google claims it only lets Google have your data It doesn't let it share with everyone in between including when you're monitoring on your own network Now this is a feature that is exclusive to Google Fi as I said in the article You do it right inside the Google Fi app and right now I'm going to is called enhanced network beta I'm gonna turn it off and We're gonna re-establish connections and show you how much data you get to see so one second here We'll close all the connections. So here's what it looks like Make sure it joins back to the network Boom just boom we're everywhere. I just connected. Let's even open. I didn't open an app yet That was just me connecting to the Wi-Fi. Let's Boom there. Wow. Okay. It's going crazy here. So let's uh All right, let's you know, I'm gonna take a picture real quick I'll take a picture of what I'm doing right now Here take a picture of me because I use the Google photo backup Google photo taken and Actually something else. I'll do is take a screenshot of that Google Fi app where that beta setting is And we'll screenshot this and you just see as we go here if you're watching the screen in the background here Yeah Then we'll go back this make sure the backup's running back it up to the cloud Please open up all my deals open up LinkedIn too. So we just have even more data flying around all these apps opened up Wow. All right, let's go back over to the flows and It's going everywhere. So we're back to knowing look I'm on LinkedIn I'm on Google API's app measurement dot it out of the Facebook Facebook Facebook photos to Google API So it like I said, it does what it claims to do It does hide everything versus this is what it looks like when you turn it off It just is a blast of things again And like I said, if you're connecting to a open Wi-Fi or something like that This is what whoever's running that open Wi-Fi can learn and see about you and that's often their goal is to gain some insight In exchange for free Wi-Fi once again monetizing your existence, but maybe at a local level So this is just interesting. I wanted to test it. It does work as Google says There's other VPN software you can get for your phone It all depends on how much you want to hide and you're just moving the trust So if you choose to go with PIA means you're trusting pay I internet to not monetize that data if you go with Google you're trusting Google to do what well Google does monetize the data They would claim that they don't monetize this but the reality is you're logged into the Google API if you're using an Android phone Google has a Absolute ton of information about you anyways because your phone shares it So that is a choice in exchange you make for having the services and that's just how the system works But thought this was interesting and like I said tools used and top you can find a whole review of this on channel and then PF sense To do a little bit of you know digging into the protocols and how it works on there and hopefully you found this interesting Thanks. Thanks for watching if you enjoyed this video Go ahead and hit the thumbs up if you want to see more content for my channel Go ahead and hit subscribe and the bell icon and hopefully YouTube will send you a notice If you're interested in contracting Lawrence systems for any type of IT services work or consulting work Go ahead and head over to Lawrence systems comm and fill out our contact and get in touch with us If you would like to help the channel out in other ways You can use our affiliate links below in the description or we have a link directly to our Lawrence systems page We have a list of different affiliate offers and it's very appreciated if you use any of those for signing up any The services and many of them offer you discounts if you want to head over to our forums There'll be a link in the description for our forums Wherever they may be because we've been looking at different forum platforms, but they'll always be relevantly linked right there All right, once again, thanks leave some feedback and comments below on this video If you loved it if you hated it, I try to reply to everyone the people who hate and the people who love them So thank you very much and see you next time