Create a gist now

Instantly share code, notes, and snippets.

@joepie91 /vpn.md
Last active Jul 18, 2018

Embed
What would you like to do?
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

(A Russian translation of this article can be found here, contributed by Timur Demin.)

Why not?

Because a VPN in this sense is just a glorified proxy. The VPN provider can see all your traffic, and do with it what they want - including logging.

But my provider doesn't log!

There is no way for you to verify that, and of course this is what a malicious VPN provider would claim as well. In short: the only safe assumption is that every VPN provider logs.

And remember that it is in a VPN provider's best interest to log their users - it lets them deflect blame to the customer, if they ever were to get into legal trouble. The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over.

But a provider would lose business if they did that!

I'll believe that when HideMyAss goes out of business. They gave up their users years ago, and this was widely publicized. The reality is that most of their customers will either not care or not even be aware of it.

But I pay anonymously, using Bitcoin/PaysafeCard/Cash/drugs!

Doesn't matter. You're still connecting to their service from your own IP, and they can log that.

But I want more security!

VPNs don't provide security. They are just a glorified proxy.

But I want more privacy!

VPNs don't provide privacy, with a few exceptions (detailed below). They are just a proxy. If somebody wants to tap your connection, they can still do so - they just have to do so at a different point (ie. when your traffic leaves the VPN server).

But I want more encryption!

Use SSL/TLS and HTTPS (for centralized services), or end-to-end encryption (for social or P2P applications). VPNs can't magically encrypt your traffic - it's simply not technically possible. If the endpoint expects plaintext, there is nothing you can do about that.

When using a VPN, the only encrypted part of the connection is from you to the VPN provider. From the VPN provider onwards, it is the same as it would have been without a VPN. And remember, the VPN provider can see and mess with all your traffic.

But I want to confuse trackers by sharing an IP address!

Your IP address is a largely irrelevant metric in modern tracking systems. Marketers have gotten wise to these kind of tactics, and combined with increased adoption of CGNAT and an ever-increasing amount of devices per household, it just isn't a reliable data point anymore.

Marketers will almost always use some kind of other metric to identify and distinguish you. That can be anything from a useragent to a fingerprinting profile. A VPN cannot prevent this.

So when should I use a VPN?

There are roughly two usecases where you might want to use a VPN:

  1. You are on a known-hostile network (eg. a public airport WiFi access point, or an ISP that is known to use MITM), and you want to work around that.
  2. You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters.

In the second case, you'd probably just want a regular proxy specifically for that traffic - sending all of your traffic over a VPN provider (like is the default with almost every VPN client) will still result in the provider being able to snoop on and mess with your traffic.

However, in practice, just don't use a VPN provider at all, even for these cases.

So, then... what?

If you absolutely need a VPN, and you understand what its limitations are, purchase a VPS and set up your own. I will not recommend any specific providers (diversity is good!), but there are plenty of cheap ones to be found on LowEndBox.

But how is that any better than a VPN service?

A VPN provider specifically seeks out those who are looking for privacy, and who may thus have interesting traffic. Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be.

So why do VPN services exist? Surely they must serve some purpose?

Because it's easy money. You just set up OpenVPN on a few servers, and essentially start reselling bandwidth with a markup. You can make every promise in the world, because nobody can verify them. You don't even have to know what you're doing, because again, nobody can verify what you say. It is 100% snake-oil.

So yes, VPN services do serve a purpose - it's just one that benefits the provider, not you.

@touya-akira

This comment has been minimized.

Show comment
Hide comment
@touya-akira

touya-akira Dec 1, 2015

The post is fine but the headline is wrong. Especially since you clearly state valid use-cases for a VPN. So, yes, there are reasons to use a VPN. (Another use-case, probably covered in 2) is access to country-restricted services like netflix, bbc, etc). You just should never rely on a VPN to guarantee your anonymity.

The post is fine but the headline is wrong. Especially since you clearly state valid use-cases for a VPN. So, yes, there are reasons to use a VPN. (Another use-case, probably covered in 2) is access to country-restricted services like netflix, bbc, etc). You just should never rely on a VPN to guarantee your anonymity.

@nv-vn

This comment has been minimized.

Show comment
Hide comment
@nv-vn

nv-vn Dec 1, 2015

You just should never rely on a VPN to guarantee your anonymity

same goes for Tor or any other privacy service. you should always take as many measures as possible to prevent yourself from being tracked if you want to guarantee anonymity.

nv-vn commented Dec 1, 2015

You just should never rely on a VPN to guarantee your anonymity

same goes for Tor or any other privacy service. you should always take as many measures as possible to prevent yourself from being tracked if you want to guarantee anonymity.

@joepie91

This comment has been minimized.

Show comment
Hide comment
@joepie91

joepie91 Dec 1, 2015

@DynamicShitposter420 You're welcome to contribute to the discussion in a constructive manner (whether agreeing or not), but if all you're going to do is attacking me and trolling, then you can go elsewhere.

The post is fine but the headline is wrong. Especially since you clearly state valid use-cases for a VPN.

Yes, and this is intentional. My experience is that, whenever any claim is made of a VPN being even remotely usable for some usecases, people immediately assume that that includes theirs. This way, people need to read and understand the actual content of the article (and its described limitations and valid usecases) before drawing a conclusion.

Additionally, the concerns for "VPN services" remain applicable. You should still self-host your VPN.

Owner

joepie91 commented Dec 1, 2015

@DynamicShitposter420 You're welcome to contribute to the discussion in a constructive manner (whether agreeing or not), but if all you're going to do is attacking me and trolling, then you can go elsewhere.

The post is fine but the headline is wrong. Especially since you clearly state valid use-cases for a VPN.

Yes, and this is intentional. My experience is that, whenever any claim is made of a VPN being even remotely usable for some usecases, people immediately assume that that includes theirs. This way, people need to read and understand the actual content of the article (and its described limitations and valid usecases) before drawing a conclusion.

Additionally, the concerns for "VPN services" remain applicable. You should still self-host your VPN.

@touya-akira

This comment has been minimized.

Show comment
Hide comment
@touya-akira

touya-akira Dec 2, 2015

I disagree, if the use-case is avoiding DMCA letters and alike. It's way too complicated to set it up in a way so it is not tied to your name. The vast majority of torrenters lack the ability to set up a VPS (let alone make sure it's anonymous) and run VPN servers securely. A VPN provider is the better solution.

I disagree, if the use-case is avoiding DMCA letters and alike. It's way too complicated to set it up in a way so it is not tied to your name. The vast majority of torrenters lack the ability to set up a VPS (let alone make sure it's anonymous) and run VPN servers securely. A VPN provider is the better solution.

@joepie91

This comment has been minimized.

Show comment
Hide comment
@joepie91

joepie91 Dec 2, 2015

If you are not capable of obtaining a VPS anonymously, you are also not capable of obtaining a VPN anonymously, so this does not make a difference. It also still does not address the privacy concerns. If you just want to torrent and use a different service as a pincushion, then what you want is a proxy, not a VPN.

Owner

joepie91 commented Dec 2, 2015

If you are not capable of obtaining a VPS anonymously, you are also not capable of obtaining a VPN anonymously, so this does not make a difference. It also still does not address the privacy concerns. If you just want to torrent and use a different service as a pincushion, then what you want is a proxy, not a VPN.

@touya-akira

This comment has been minimized.

Show comment
Hide comment
@touya-akira

touya-akira Dec 3, 2015

How does it matter that you're not able to obtain a VPN anonymously (we are talking about IP-address I suppose)? Your point in the original is that you're never anonymous to the VPN (which is why you shouldn't trust them). However, they don't pass on data to DMCA litigation companies (unless we are talking about HMA and alike who clearly state in their ToS that they log & pass on data).

As for proxies, how are they more secure? Also, please tell me where I get a 1Gbit proxy with unlimited traffic and ideally port forwarding, I'd definitely be using that.

How does it matter that you're not able to obtain a VPN anonymously (we are talking about IP-address I suppose)? Your point in the original is that you're never anonymous to the VPN (which is why you shouldn't trust them). However, they don't pass on data to DMCA litigation companies (unless we are talking about HMA and alike who clearly state in their ToS that they log & pass on data).

As for proxies, how are they more secure? Also, please tell me where I get a 1Gbit proxy with unlimited traffic and ideally port forwarding, I'd definitely be using that.

@apostolisd

This comment has been minimized.

Show comment
Hide comment
@apostolisd

apostolisd Dec 28, 2015

Ok, but if you use TOR and VPN?

Ok, but if you use TOR and VPN?

@johwest

This comment has been minimized.

Show comment
Hide comment
@johwest

johwest Jan 11, 2016

A better solution is pay voor use from usenet and torrents ,so that your no longer afraid for trouble.
Now cost VPN money.

johwest commented Jan 11, 2016

A better solution is pay voor use from usenet and torrents ,so that your no longer afraid for trouble.
Now cost VPN money.

@weissjeffm

This comment has been minimized.

Show comment
Hide comment
@weissjeffm

weissjeffm Mar 28, 2016

How does using your own VPS help? It's still easy for someone to trace the IP to your VPS and then to you.

How does using your own VPS help? It's still easy for someone to trace the IP to your VPS and then to you.

@atoponce

This comment has been minimized.

Show comment
Hide comment
@atoponce

atoponce Apr 18, 2016

I think the take-away here is not not fool yourself into thinking that VPN is some sort of short-cut for Tor. In other words, don't fool yourself into thinking you're anonymous, and for the love of everything good and holy, don't think that your VPN will go to jail for your activities.

However, I use VPN services all the time (for example, https://freevpn.ninja). There are times when either:

  • I am behind a restrictive firewall, such as at a public library or a church.
  • I need to get into an internal network with other clients, such as my browser.

And I don't buy the argument that your IP address is not a valuable asset to trackers and ad companies. Some website owners block Tor, because they cannot get honest GeoIP lookups out of a client when the request comes out af a Tor exit relay. In fact, the whole point of Tor is to obfuscate your source IP address, while remaining encrypted between the Tor client and the relays.

However, as mentioned, don't have any false ideas about your security or anonymity when using VPN services. Understand the tech and your risks using the tech. That applies for anything, not just VPN and Tor.

I think the take-away here is not not fool yourself into thinking that VPN is some sort of short-cut for Tor. In other words, don't fool yourself into thinking you're anonymous, and for the love of everything good and holy, don't think that your VPN will go to jail for your activities.

However, I use VPN services all the time (for example, https://freevpn.ninja). There are times when either:

  • I am behind a restrictive firewall, such as at a public library or a church.
  • I need to get into an internal network with other clients, such as my browser.

And I don't buy the argument that your IP address is not a valuable asset to trackers and ad companies. Some website owners block Tor, because they cannot get honest GeoIP lookups out of a client when the request comes out af a Tor exit relay. In fact, the whole point of Tor is to obfuscate your source IP address, while remaining encrypted between the Tor client and the relays.

However, as mentioned, don't have any false ideas about your security or anonymity when using VPN services. Understand the tech and your risks using the tech. That applies for anything, not just VPN and Tor.

@1n1r2

This comment has been minimized.

Show comment
Hide comment
@1n1r2

1n1r2 Jul 16, 2016

VPN services have been bothering me since forever. This is the first article I have found to address my concerns.

Yes: VPN builds a secure tunnel
No: It does not protect my private communication
It's a giant keylogger on the net that I have given permission to steal my keystrokes.

It merely funnels the secure keystrokes through a proxy that can log them.

I think I'm safer logging in directly to secure connections ( https: ) to a specific site.

Talk me down, please. Why should I trust any single portal ( even if they do have multiple
connection sites ) to monitor my internet traffic ? Oh sure, it might be preferable in an
insecure environment like an airport terminal or coffee shop.

I trusted my employer's VPN while I was working, but I'm retired now.

Still looking for more articles or discussion to address my paranoia.

1n1r2 commented Jul 16, 2016

VPN services have been bothering me since forever. This is the first article I have found to address my concerns.

Yes: VPN builds a secure tunnel
No: It does not protect my private communication
It's a giant keylogger on the net that I have given permission to steal my keystrokes.

It merely funnels the secure keystrokes through a proxy that can log them.

I think I'm safer logging in directly to secure connections ( https: ) to a specific site.

Talk me down, please. Why should I trust any single portal ( even if they do have multiple
connection sites ) to monitor my internet traffic ? Oh sure, it might be preferable in an
insecure environment like an airport terminal or coffee shop.

I trusted my employer's VPN while I was working, but I'm retired now.

Still looking for more articles or discussion to address my paranoia.

@karanssh

This comment has been minimized.

Show comment
Hide comment
@karanssh

karanssh Jul 31, 2016

This makes absolutely no sense.

Do not use HideMyAss, Expat Shield, Hotspot Shield because they datamine/keep logs.

Do not use ProXPN, at 300kbp for free, you are going to limit your speeds to around 31KBs/s. Not only that but they do not use a open source client and the level of security is not confirmed to be completely secure.

VPNReactor is confirmed to have logs, but you are welcome to use it. They have a 30 minute time limit, then you have to wait another 30 minutes.

Do not use TOR or Ultrasurf, Although some software take advantage of it, these tools are meant for threatened bloggers, anonymous free speech and whistleblowing, not so you can download the latest Justin Bieber album.

Personally, I prefer to run my own VPN for $10/$15 a year using a cheap 128MB VPS from either Prometeus [the best] or Ramnode. You can also use it for other such as running a very small seedbox or web seed, or a tiny bittorrent tracker. The problem with this is that if you use legitimate details, the VPN could be traced back to you, but that's the same with VPNs that use a dedicated IP address who will cut you off, but using a shared IP address could mean a couple of software conflicts.

This makes absolutely no sense.

Do not use HideMyAss, Expat Shield, Hotspot Shield because they datamine/keep logs.

Do not use ProXPN, at 300kbp for free, you are going to limit your speeds to around 31KBs/s. Not only that but they do not use a open source client and the level of security is not confirmed to be completely secure.

VPNReactor is confirmed to have logs, but you are welcome to use it. They have a 30 minute time limit, then you have to wait another 30 minutes.

Do not use TOR or Ultrasurf, Although some software take advantage of it, these tools are meant for threatened bloggers, anonymous free speech and whistleblowing, not so you can download the latest Justin Bieber album.

Personally, I prefer to run my own VPN for $10/$15 a year using a cheap 128MB VPS from either Prometeus [the best] or Ramnode. You can also use it for other such as running a very small seedbox or web seed, or a tiny bittorrent tracker. The problem with this is that if you use legitimate details, the VPN could be traced back to you, but that's the same with VPNs that use a dedicated IP address who will cut you off, but using a shared IP address could mean a couple of software conflicts.

@GnstheGrain

This comment has been minimized.

Show comment
Hide comment
@GnstheGrain

GnstheGrain Sep 8, 2016

I wish more input would comes in on that nice thread..
I totally agree with https://gist.github.com/joepie91/5a9909939e6ce7d09e29#but-how-is-that-any-better-than-a-vpn-service
But then again, VPS provider such as DO or Linode does have your IP address and Logs. which is enought for any warrant to fuck you up.

I wish more input would comes in on that nice thread..
I totally agree with https://gist.github.com/joepie91/5a9909939e6ce7d09e29#but-how-is-that-any-better-than-a-vpn-service
But then again, VPS provider such as DO or Linode does have your IP address and Logs. which is enought for any warrant to fuck you up.

@Rich700000000000

This comment has been minimized.

Show comment
Hide comment
@Rich700000000000

Rich700000000000 Sep 20, 2016

You're still connecting to their service from your own IP, and they can log that.

two paragraphs later:

Your IP address is a largely irrelevant metric in modern tracking systems.

Also:

If you absolutely need a VPN, and you understand what its limitations are, purchase a VPS and set up your own. I will not recommend any specific providers (diversity is good!), but there are plenty of cheap ones to be found on LowEndBox.

Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be.

  1. So let me get this straight: VPNs aren't anonymous, so I should give my credit card to Digitalocean instead?
  2. Statistically speaking, it is more likely that a VPS provider will give you up if a cop so much as glances in their direction, where as a reputable VPN company will at least attempt to push back.
  3. Most all VPS providers are anti-p2p, which is what most people use a vpn for.
  4. Go on, find me a VPS with unlimited bandwidth, forever. I'll be waiting.

I think your main problem is that you're mixing up threat models. If I wanted total anonymity, I'd have a laptop with the usb ports hot-glued shut in an anti-EMP bag under my bed, running Tails off of a flash drive, only connect to wifi stolen from the neighbors with a yagi antenna two meters across, use tor AND run my own tor relay so that they couldn't determine the origin of the traffic.

But I don't want to do that. I want to read FanFiction without being judged by the sysadmins at Comcast. Which is why I have a VPN.

Also, you are NOT going to stand there and tell me that EVERY VPN SERVICE IN EXISTACE is a honeypot. That's not a safe assumption, that's stallman-meets-alexjones paranoid. Do you know how much that would cost? How complex that would be?
There have been court cases:

https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/

And all they could do was shrug their shoulders.

Also, ever heard of a Warrant Canary?

TLDR: FUD 0/10, FUD with rice 0.01/10

Rich700000000000 commented Sep 20, 2016

You're still connecting to their service from your own IP, and they can log that.

two paragraphs later:

Your IP address is a largely irrelevant metric in modern tracking systems.

Also:

If you absolutely need a VPN, and you understand what its limitations are, purchase a VPS and set up your own. I will not recommend any specific providers (diversity is good!), but there are plenty of cheap ones to be found on LowEndBox.

Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be.

  1. So let me get this straight: VPNs aren't anonymous, so I should give my credit card to Digitalocean instead?
  2. Statistically speaking, it is more likely that a VPS provider will give you up if a cop so much as glances in their direction, where as a reputable VPN company will at least attempt to push back.
  3. Most all VPS providers are anti-p2p, which is what most people use a vpn for.
  4. Go on, find me a VPS with unlimited bandwidth, forever. I'll be waiting.

I think your main problem is that you're mixing up threat models. If I wanted total anonymity, I'd have a laptop with the usb ports hot-glued shut in an anti-EMP bag under my bed, running Tails off of a flash drive, only connect to wifi stolen from the neighbors with a yagi antenna two meters across, use tor AND run my own tor relay so that they couldn't determine the origin of the traffic.

But I don't want to do that. I want to read FanFiction without being judged by the sysadmins at Comcast. Which is why I have a VPN.

Also, you are NOT going to stand there and tell me that EVERY VPN SERVICE IN EXISTACE is a honeypot. That's not a safe assumption, that's stallman-meets-alexjones paranoid. Do you know how much that would cost? How complex that would be?
There have been court cases:

https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/

And all they could do was shrug their shoulders.

Also, ever heard of a Warrant Canary?

TLDR: FUD 0/10, FUD with rice 0.01/10

@Con7e

This comment has been minimized.

Show comment
Hide comment
@Con7e

Con7e Nov 30, 2016

I agree with @Rich700000000000 .

The question here is: who can you trust more, your ISP or your VPN provider? Your ISP must not be trusted by default (especially now in the UK), hence a decent VPN provider is your best bet, the "lesser of the two evils".

Con7e commented Nov 30, 2016

I agree with @Rich700000000000 .

The question here is: who can you trust more, your ISP or your VPN provider? Your ISP must not be trusted by default (especially now in the UK), hence a decent VPN provider is your best bet, the "lesser of the two evils".

@gwigz

This comment has been minimized.

Show comment
Hide comment
@gwigz

gwigz Dec 1, 2016

What about plausible deniability, with a shared IP?

gwigz commented Dec 1, 2016

What about plausible deniability, with a shared IP?

@jameshadley

This comment has been minimized.

Show comment
Hide comment
@jameshadley

jameshadley Dec 30, 2016

I'm glad you're shining a light on public ignorance around VPN/proxy services but I don't agree that VPN services are useless. Most large/popular sites now use/require TLS and it is often the case that the visitor would prefer that the VPN provider were able to see the packet headers than their own ISP.

Why? Your own ISP have a lot of other information about you and, especially in the UK, are relied upon to supply the Government with personal information. It is less likely that a VPN provider would immediately divulge metadata to a government to which it does not answer - and it has less personal information about its customers than the residential/commercial ISP.

Sure, setting up your own is better in some ways. In others, it's not. For example, a commercial VPN will share IPs so it's harder to correlate packets leaving your home/office connection with packets arriving somewhere else. That said, for most people, the overwhelming feeling is expedience. When you have a full time job, a family and so on, a commercial VPN means one less thing to worry about.

Actually, I would not be surprised if several of the large, well-known, well-funded US-based VPN services are honeypots. But of course, there is plenty of choice and a bit of research can go a long way.

jameshadley commented Dec 30, 2016

I'm glad you're shining a light on public ignorance around VPN/proxy services but I don't agree that VPN services are useless. Most large/popular sites now use/require TLS and it is often the case that the visitor would prefer that the VPN provider were able to see the packet headers than their own ISP.

Why? Your own ISP have a lot of other information about you and, especially in the UK, are relied upon to supply the Government with personal information. It is less likely that a VPN provider would immediately divulge metadata to a government to which it does not answer - and it has less personal information about its customers than the residential/commercial ISP.

Sure, setting up your own is better in some ways. In others, it's not. For example, a commercial VPN will share IPs so it's harder to correlate packets leaving your home/office connection with packets arriving somewhere else. That said, for most people, the overwhelming feeling is expedience. When you have a full time job, a family and so on, a commercial VPN means one less thing to worry about.

Actually, I would not be surprised if several of the large, well-known, well-funded US-based VPN services are honeypots. But of course, there is plenty of choice and a bit of research can go a long way.

@nikki2150

This comment has been minimized.

Show comment
Hide comment
@nikki2150

nikki2150 Jan 4, 2017

Never had a vpn and I've been sharing files for a long time, never had a summons from the MPAA or any other agency, never set foot in a court. Logically these snoop agencies can't monitor everyone's activity, it would cost a fortune. The cases where people have been taken to court for file sharing are few and far between in the UK where I live, I feel many of these VPN services are sold on a fear factor. UK ISP's will surrender your personal details if threatend with a court summons, proving that you were the person responsible for sharing the file is the difficult part.

Never had a vpn and I've been sharing files for a long time, never had a summons from the MPAA or any other agency, never set foot in a court. Logically these snoop agencies can't monitor everyone's activity, it would cost a fortune. The cases where people have been taken to court for file sharing are few and far between in the UK where I live, I feel many of these VPN services are sold on a fear factor. UK ISP's will surrender your personal details if threatend with a court summons, proving that you were the person responsible for sharing the file is the difficult part.

@tsjnachos117

This comment has been minimized.

Show comment
Hide comment
@tsjnachos117

tsjnachos117 Jan 5, 2017

I do agree with many of the points made in this article. However, I'm not so sure it's a good idea to reject VPN services altogether. Rather, it seems to me like a better solution is to use VPN services with caution.

There are advantages to using a VPN over a proxy. For one thing, since VPN providers usually have their own websites, it's usually not too hard to find a privacy policy (although, as pointed out in the article, verifying that the provider is doing what said policy says is nearly-impossible). Whenever I search for a proxy, I'm usually greeted with a webpage, which in turn is just a list of IP addresses and ports (presumably from third party servers). Tracking down each address to find anything resembling a privacy policy is far too complicated for many users. On top of which, there might not be any such policy to find, so it's really had to know what's being logged, and what isn't.

Most VPN providers like to brag about the encryption they use. Although it can be hard to know for sure what encryption is actually being used (many providers like to say "advanced" or "military grade" without really specifying which encryption method is actually being used), that's still better than many proxies, which might not be using any encryption at all. (PS: avoid using old protocols like PPTP. PPTP is particularly bad, since it only supports a few encryption techniques, all of which have become outdated. I generally recommend OpenVPN.)

Also, since proxies don't route everything (only apps configured to use said proxies), there's no guarantee your browser's extensions (Java, Silverlight, Flash, etc.), which are often run in separate executable processes, will also be routed. If they are not routed, you can generally expect said extension to leak your IP address. On top of which, many browsers will leak the users' public IP address, even if you don't have any such addons installed. For example, Firefox is prone to WebRTC leaks, and DNS leaks. If you are using a VPN, Firefox will only leak your VPN provider's IP address, NOT your actual IP address (or, at least that's my experience on Ubuntu, when NetworkManager is set to create a virtual "tun" device).

Of course, hiding your IP address is only the first step in protecting your privacy. Hardening your browser is equally important. If you use a browser that supports a large number of addons (Mozilla Firefox, Google Chrome, Chromium, etc), you'll find plenty of privacy-enhancing addons like Privacy Badger, NoScript, HTTPS Everywhere (or as I like to call it, "HTTPS wherever possible, including pages that offer HTTPS, but for some reason refuse to use it by default". Doesn't exactly roll off the tongue, does it?), uBlock Origin, DecentralEyes (Firefox only), and a boatload of others. Setting your user agent to whatever the most popular OS is (probably Windows 7 at the time of this writing) can help you blend into the crowd. It's also a good idea to get a canvas-blocking addons to prevent canvas fingerprinting. Last but not least, make sure to wipe your browsing info regularly. This is especially true for cookies, offline/HTML storage, and LSOs (aka "Flash Cookies"), as this information could easily be used to identify you.

As a final note, I'd like to mention the fact that all the privacy protection in the world won't mean a thing if you don't use said protection wisely. The TOR project, which aims to provide privacy through encrypted proxy-like relays (which, in turn, can be hosted by anyone who's willing to donate some of their bandwidth), has a very good list of DOs and DONTs, which can easily be applied to VPNs as well. Essentially, you compromise your privacy protections by identifying yourself (typically by clicking the "login" button) to a website, especially privacy-invading sites like Google and Facebook.

tsjnachos117 commented Jan 5, 2017

I do agree with many of the points made in this article. However, I'm not so sure it's a good idea to reject VPN services altogether. Rather, it seems to me like a better solution is to use VPN services with caution.

There are advantages to using a VPN over a proxy. For one thing, since VPN providers usually have their own websites, it's usually not too hard to find a privacy policy (although, as pointed out in the article, verifying that the provider is doing what said policy says is nearly-impossible). Whenever I search for a proxy, I'm usually greeted with a webpage, which in turn is just a list of IP addresses and ports (presumably from third party servers). Tracking down each address to find anything resembling a privacy policy is far too complicated for many users. On top of which, there might not be any such policy to find, so it's really had to know what's being logged, and what isn't.

Most VPN providers like to brag about the encryption they use. Although it can be hard to know for sure what encryption is actually being used (many providers like to say "advanced" or "military grade" without really specifying which encryption method is actually being used), that's still better than many proxies, which might not be using any encryption at all. (PS: avoid using old protocols like PPTP. PPTP is particularly bad, since it only supports a few encryption techniques, all of which have become outdated. I generally recommend OpenVPN.)

Also, since proxies don't route everything (only apps configured to use said proxies), there's no guarantee your browser's extensions (Java, Silverlight, Flash, etc.), which are often run in separate executable processes, will also be routed. If they are not routed, you can generally expect said extension to leak your IP address. On top of which, many browsers will leak the users' public IP address, even if you don't have any such addons installed. For example, Firefox is prone to WebRTC leaks, and DNS leaks. If you are using a VPN, Firefox will only leak your VPN provider's IP address, NOT your actual IP address (or, at least that's my experience on Ubuntu, when NetworkManager is set to create a virtual "tun" device).

Of course, hiding your IP address is only the first step in protecting your privacy. Hardening your browser is equally important. If you use a browser that supports a large number of addons (Mozilla Firefox, Google Chrome, Chromium, etc), you'll find plenty of privacy-enhancing addons like Privacy Badger, NoScript, HTTPS Everywhere (or as I like to call it, "HTTPS wherever possible, including pages that offer HTTPS, but for some reason refuse to use it by default". Doesn't exactly roll off the tongue, does it?), uBlock Origin, DecentralEyes (Firefox only), and a boatload of others. Setting your user agent to whatever the most popular OS is (probably Windows 7 at the time of this writing) can help you blend into the crowd. It's also a good idea to get a canvas-blocking addons to prevent canvas fingerprinting. Last but not least, make sure to wipe your browsing info regularly. This is especially true for cookies, offline/HTML storage, and LSOs (aka "Flash Cookies"), as this information could easily be used to identify you.

As a final note, I'd like to mention the fact that all the privacy protection in the world won't mean a thing if you don't use said protection wisely. The TOR project, which aims to provide privacy through encrypted proxy-like relays (which, in turn, can be hosted by anyone who's willing to donate some of their bandwidth), has a very good list of DOs and DONTs, which can easily be applied to VPNs as well. Essentially, you compromise your privacy protections by identifying yourself (typically by clicking the "login" button) to a website, especially privacy-invading sites like Google and Facebook.

@RobertasVis

This comment has been minimized.

Show comment
Hide comment
@RobertasVis

RobertasVis Jan 24, 2017

How about Open Source & Decentralized VPN? What do you think - would it help solve at least part of the problem?

How about Open Source & Decentralized VPN? What do you think - would it help solve at least part of the problem?

@arkbg1

This comment has been minimized.

Show comment
Hide comment
@arkbg1

arkbg1 Jan 25, 2017

Could you recommend any proxies? I'm asking for a friend.

arkbg1 commented Jan 25, 2017

Could you recommend any proxies? I'm asking for a friend.

@Trauma7

This comment has been minimized.

Show comment
Hide comment
@Trauma7

Trauma7 Feb 15, 2017

He is absolutely correct! I am speaking from experience. From being betrayed by over a dozen of them. From the highest to lowest priced and recognizable free ones. If you are being stalked or tracked, an employee in an internet service provider ( any one they find you connecting to ) can and will betray you with the name of the VPN you are using. Then they move on to the VPN to betray you, with either two types of paper if you know what i mean. Do not listen to the lies! All VPN's have the ability, can and to monitor your connection to them.

Trauma7 commented Feb 15, 2017

He is absolutely correct! I am speaking from experience. From being betrayed by over a dozen of them. From the highest to lowest priced and recognizable free ones. If you are being stalked or tracked, an employee in an internet service provider ( any one they find you connecting to ) can and will betray you with the name of the VPN you are using. Then they move on to the VPN to betray you, with either two types of paper if you know what i mean. Do not listen to the lies! All VPN's have the ability, can and to monitor your connection to them.

@Trauma7

This comment has been minimized.

Show comment
Hide comment
@Trauma7

Trauma7 Feb 15, 2017

The last should read; can and will monitor your connection to them. Even to the point of knowing the mac address of your device when you try to log on with a ISP unbeknownst to them.

Trauma7 commented Feb 15, 2017

The last should read; can and will monitor your connection to them. Even to the point of knowing the mac address of your device when you try to log on with a ISP unbeknownst to them.

@k0nsl

This comment has been minimized.

Show comment
Hide comment

k0nsl commented Mar 3, 2017

LOL, @nukeop.

@Rocksarecool

This comment has been minimized.

Show comment
Hide comment
@Rocksarecool

Rocksarecool Mar 29, 2017

Let's not forget to mention about how VPNs beg you so hard to pay them
It's very rare to find a free VPN
Every free VPN contains MB at the end all want you to pay money.
Seriously is there other way to stay secured?

Let's not forget to mention about how VPNs beg you so hard to pay them
It's very rare to find a free VPN
Every free VPN contains MB at the end all want you to pay money.
Seriously is there other way to stay secured?

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Apr 5, 2017

I always thought the concept of a "VPN provider" was a bit of an oxymoron. I'd argue the most commonly intended implementation of a VPN is to bridge two private (trusted) networks over an insecure network, as opposed to knowingly letting some guy MITM all your traffic.

ghost commented Apr 5, 2017

I always thought the concept of a "VPN provider" was a bit of an oxymoron. I'd argue the most commonly intended implementation of a VPN is to bridge two private (trusted) networks over an insecure network, as opposed to knowingly letting some guy MITM all your traffic.

@farinspace

This comment has been minimized.

Show comment
Hide comment
@farinspace

farinspace May 5, 2017

Excellent read, highly recommend that anyone who stumbles upon this page, go back and wade through the comments:

see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1838431
see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1963364
see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1959840
see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1637023

Your computer communicates i many ways you likely are not even aware of, email checking in the background, twitter checking, auto Facebook heart beat, apple server heart beat, iCloud pinging, browser logged into different services, etc. etc .. connecting with a VPN at a software level or even at a router level still exposes these communications on the same "line" you think is private. You likely need an entirely new device, purpose based, not associated with your identity ... and also consider from which network you establish a connection from (e.g. your ISP).

Additionally keep in mind that timestamps and IP addresses will both likely lead to the tracking down of accounts that are associated with your VPN or VPS leading to your identity.

As @jameshadley mentioned, many of these so-called secure VPNs could very well be honeypots.

As @joepie91 mentioned if you are not able to obtain a VPN, VPS anonymously there exists enough data to trace back to your identity.

farinspace commented May 5, 2017

Excellent read, highly recommend that anyone who stumbles upon this page, go back and wade through the comments:

see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1838431
see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1963364
see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1959840
see: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1637023

Your computer communicates i many ways you likely are not even aware of, email checking in the background, twitter checking, auto Facebook heart beat, apple server heart beat, iCloud pinging, browser logged into different services, etc. etc .. connecting with a VPN at a software level or even at a router level still exposes these communications on the same "line" you think is private. You likely need an entirely new device, purpose based, not associated with your identity ... and also consider from which network you establish a connection from (e.g. your ISP).

Additionally keep in mind that timestamps and IP addresses will both likely lead to the tracking down of accounts that are associated with your VPN or VPS leading to your identity.

As @jameshadley mentioned, many of these so-called secure VPNs could very well be honeypots.

As @joepie91 mentioned if you are not able to obtain a VPN, VPS anonymously there exists enough data to trace back to your identity.

@mottosso

This comment has been minimized.

Show comment
Hide comment
@mottosso

mottosso May 16, 2017

I disagree, if the use-case is avoiding DMCA letters and alike.

This has been my use-case as well. I've also found it useful to access pages otherwise restricted by country, such as streaming South Park from their official page. Not interested in security or anonymity.

I disagree, if the use-case is avoiding DMCA letters and alike.

This has been my use-case as well. I've also found it useful to access pages otherwise restricted by country, such as streaming South Park from their official page. Not interested in security or anonymity.

@Blargyblarg

This comment has been minimized.

Show comment
Hide comment
@Blargyblarg

Blargyblarg May 17, 2017

I was considering a VPN service because I generally tether my pc to my phone and use my phone's unlimited data since the ISP's in my area suck so much donkey ass. I ran my unrestricted tethering data out then just used an app to tether it and prevent the bandwidth restriction from affecting me. Since the network congestion on my phone is basically non-existent my speed is pretty good compared to what I got from landline ISPs even after exceeding the monthly limit and being given lower priority. However, I'd very much like to avoid any unnecessary questions regarding my usage (lots of pc gaming). Would a VPN service help with that?

I was considering a VPN service because I generally tether my pc to my phone and use my phone's unlimited data since the ISP's in my area suck so much donkey ass. I ran my unrestricted tethering data out then just used an app to tether it and prevent the bandwidth restriction from affecting me. Since the network congestion on my phone is basically non-existent my speed is pretty good compared to what I got from landline ISPs even after exceeding the monthly limit and being given lower priority. However, I'd very much like to avoid any unnecessary questions regarding my usage (lots of pc gaming). Would a VPN service help with that?

@KarmmenElektra

This comment has been minimized.

Show comment
Hide comment
@KarmmenElektra

KarmmenElektra May 20, 2017

I would usually agree with you but there are many good services out there, you just need to know which one to choose from the myriad of providers, many are bad, many keep logs of what you are doing, but there a few of them that are quite reliable. Some even offer free trials for you to test their software before purchasing anything, i would advise you to look into some lists of the best vpn services in 2017 .

I would usually agree with you but there are many good services out there, you just need to know which one to choose from the myriad of providers, many are bad, many keep logs of what you are doing, but there a few of them that are quite reliable. Some even offer free trials for you to test their software before purchasing anything, i would advise you to look into some lists of the best vpn services in 2017 .

@kezzydrew23

This comment has been minimized.

Show comment
Hide comment
@kezzydrew23

kezzydrew23 May 28, 2017

You all should check out Mysterium an opensource and decentralized VPN This definitely could solve the problem. It's equally built on a block chain technology @nukeop

You all should check out Mysterium an opensource and decentralized VPN This definitely could solve the problem. It's equally built on a block chain technology @nukeop

@blhyip518

This comment has been minimized.

Show comment
Hide comment
@blhyip518

blhyip518 May 30, 2017

I find many reviews at google seach results.How much credibility do you think as they talk? such as this one.
Best VPN Services of 2017 – Top VPN in the World
https://itday.com/vpn/best-vpn-services-of-2017/

blhyip518 commented May 30, 2017

I find many reviews at google seach results.How much credibility do you think as they talk? such as this one.
Best VPN Services of 2017 – Top VPN in the World
https://itday.com/vpn/best-vpn-services-of-2017/

@jjssoftware

This comment has been minimized.

Show comment
Hide comment
@jjssoftware

jjssoftware Jun 11, 2017

You are on a known-hostile network (eg. a public airport WiFi access point, or an ISP that is known to use MITM)

This is now increasingly becoming a problem where ISPs are being handed the power to do whatever they like with their customers' metadata. If you're in the position of having no choice but to use an ISP that has this power and you're in doubt as to whether your usage data is being sold, monitored or you're being traffic shaped due to what the ISP believes you're doing, this strengthens the case for using a VPN.

Legislation is moving to make ISPs hostile to their own customers and for the moment use of VPNs are not criminalized, but who knows how long this will be the case.

purchase a VPS and set up your own

This statement is a "stop, wait" moment because this is subject to exactly the same argument and consideration as But my provider doesn't log! and There is no way for you to verify that. Unless you own an entire data center and own all the tin and edge devices that the VPS depends on, there's no way to know if the VPS provider is retaining network logs or not. This presents exactly the same problem you have if you use a public VPN service - how can you fully trust the VPS host provider?

This gist is biased towards positing arguments against end users using VPN services and the issues in that area. However there's a whole other scenario that this gist doesn't touch upon at all: consider a business that is co-located with two branches that are connected via VPN technology for sharing sensitive business data between the offices. The business might use a regular ISP with static IPs either end or a private WAN circuit provided via some telecoms provider.

Clearly there's no commercial VPN service in play here in this B2B scenario, the VPN servers is / are hosted within the business on private hardware, the VPN technology in use will be a flavor of exactly the same VPN technology used by all commercial VPN service providers and in this case we have true end to end tunnel encryption. In this scenario it's 100% incorrect to make a sweeping generalization statement of "do not use a VPN" because this type of setup works and can be trusted.

Where does that leave us? For personal user use where encrypted tunneled traffic leaves the VPN and exits onto the internet I agree that the implementation and use of any VPN involves a certain amount of trust. Whether you use a public commercial service or you host your own VPN server on a remote VPS makes no difference to this fact. Whatever the type of VPN, the weak link is the part you don't have full control of - the part just after where the traffic leaves the tunnel and becomes regular non-tunneled / non encrypted traffic. In other words if you must use a VPN for general internet use, choose carefully before you put your trust in any provider.

For the record, for my own personal use case I lean towards a self hosted VPN as being the best option.

You are on a known-hostile network (eg. a public airport WiFi access point, or an ISP that is known to use MITM)

This is now increasingly becoming a problem where ISPs are being handed the power to do whatever they like with their customers' metadata. If you're in the position of having no choice but to use an ISP that has this power and you're in doubt as to whether your usage data is being sold, monitored or you're being traffic shaped due to what the ISP believes you're doing, this strengthens the case for using a VPN.

Legislation is moving to make ISPs hostile to their own customers and for the moment use of VPNs are not criminalized, but who knows how long this will be the case.

purchase a VPS and set up your own

This statement is a "stop, wait" moment because this is subject to exactly the same argument and consideration as But my provider doesn't log! and There is no way for you to verify that. Unless you own an entire data center and own all the tin and edge devices that the VPS depends on, there's no way to know if the VPS provider is retaining network logs or not. This presents exactly the same problem you have if you use a public VPN service - how can you fully trust the VPS host provider?

This gist is biased towards positing arguments against end users using VPN services and the issues in that area. However there's a whole other scenario that this gist doesn't touch upon at all: consider a business that is co-located with two branches that are connected via VPN technology for sharing sensitive business data between the offices. The business might use a regular ISP with static IPs either end or a private WAN circuit provided via some telecoms provider.

Clearly there's no commercial VPN service in play here in this B2B scenario, the VPN servers is / are hosted within the business on private hardware, the VPN technology in use will be a flavor of exactly the same VPN technology used by all commercial VPN service providers and in this case we have true end to end tunnel encryption. In this scenario it's 100% incorrect to make a sweeping generalization statement of "do not use a VPN" because this type of setup works and can be trusted.

Where does that leave us? For personal user use where encrypted tunneled traffic leaves the VPN and exits onto the internet I agree that the implementation and use of any VPN involves a certain amount of trust. Whether you use a public commercial service or you host your own VPN server on a remote VPS makes no difference to this fact. Whatever the type of VPN, the weak link is the part you don't have full control of - the part just after where the traffic leaves the tunnel and becomes regular non-tunneled / non encrypted traffic. In other words if you must use a VPN for general internet use, choose carefully before you put your trust in any provider.

For the record, for my own personal use case I lean towards a self hosted VPN as being the best option.

@sofiahambly

This comment has been minimized.

Show comment
Hide comment
@sofiahambly

sofiahambly Jun 12, 2017

Personally, I am using Express VPN for last two years and I have never experienced any kind of problem till now. The only Trusted VPN service I would like to recommend. Express VPN providing me with best promising service. It is better to go safe and go for trusted VPN service and provide strong encryption rather than to wasting money on not so good VPN Service Providers. https://www.reviewsdir.com/best-encrypted-vpn-providers/

Personally, I am using Express VPN for last two years and I have never experienced any kind of problem till now. The only Trusted VPN service I would like to recommend. Express VPN providing me with best promising service. It is better to go safe and go for trusted VPN service and provide strong encryption rather than to wasting money on not so good VPN Service Providers. https://www.reviewsdir.com/best-encrypted-vpn-providers/

@szepeviktor

This comment has been minimized.

Show comment
Hide comment
@szepeviktor

szepeviktor Jun 17, 2017

I lease a $3 VPS and use PuTTY as a SOCKS proxy. Firefox is set to use it.

Benefits:

  • continuous connection - don't have to wait for TCP to build up
  • datacenter networking and DNS resolvers
  • IPv6 access
  • fixed IP address

szepeviktor commented Jun 17, 2017

I lease a $3 VPS and use PuTTY as a SOCKS proxy. Firefox is set to use it.

Benefits:

  • continuous connection - don't have to wait for TCP to build up
  • datacenter networking and DNS resolvers
  • IPv6 access
  • fixed IP address
@EdRoxter

This comment has been minimized.

Show comment
Hide comment
@EdRoxter

EdRoxter Jun 19, 2017

@1n1r2 https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1827407

Yes: VPN builds a secure tunnel
No: It does not protect my private communication
It's a giant keylogger on the net that I have given permission to steal my keystrokes.
It merely funnels the secure keystrokes through a proxy that can log them.

While this is true for proxies (HTTP[S] proxies) because they have to "break" TLS encryption by design, it's not true for VPN software that configures a routing set on your PC to route all traffic over the VPN provider's servers. This happens on another OSI level than classic proxying, so with a VPN connection your traffic to the site you're logging into (Apple ID, Microsoft Account, whatever) is still end-to-end encrypted. You can validate this by looking at the TLS certificate when you're visiting the website.

@1n1r2 https://gist.github.com/joepie91/5a9909939e6ce7d09e29#gistcomment-1827407

Yes: VPN builds a secure tunnel
No: It does not protect my private communication
It's a giant keylogger on the net that I have given permission to steal my keystrokes.
It merely funnels the secure keystrokes through a proxy that can log them.

While this is true for proxies (HTTP[S] proxies) because they have to "break" TLS encryption by design, it's not true for VPN software that configures a routing set on your PC to route all traffic over the VPN provider's servers. This happens on another OSI level than classic proxying, so with a VPN connection your traffic to the site you're logging into (Apple ID, Microsoft Account, whatever) is still end-to-end encrypted. You can validate this by looking at the TLS certificate when you're visiting the website.

@muzikman

This comment has been minimized.

Show comment
Hide comment
@muzikman

muzikman Jul 12, 2017

How do I avoid the automated emails after I download torrents that are being watched? That's the only reason I wanted to use a VPN. I don't want to get busted downloading torrents directly.

I have been doing a lot of research on VPN's the past month. I tried a few out for free. Tried to trick some services to see if it worked and it did. I read some interesting information from PIA about DNS Leaking, etc..... Yes, of course they will tell you want you want to hear. It's a business.

If a VPN isn't what I am looking for to download torrents safely, is there anything that will?

Also - Is it true that ISPs will throttle your bandwidth based on the source/content? If so, wouldn't a VPN prevent this?

Thanks,
Matt

muzikman commented Jul 12, 2017

How do I avoid the automated emails after I download torrents that are being watched? That's the only reason I wanted to use a VPN. I don't want to get busted downloading torrents directly.

I have been doing a lot of research on VPN's the past month. I tried a few out for free. Tried to trick some services to see if it worked and it did. I read some interesting information from PIA about DNS Leaking, etc..... Yes, of course they will tell you want you want to hear. It's a business.

If a VPN isn't what I am looking for to download torrents safely, is there anything that will?

Also - Is it true that ISPs will throttle your bandwidth based on the source/content? If so, wouldn't a VPN prevent this?

Thanks,
Matt

@f1r4s

This comment has been minimized.

Show comment
Hide comment
@f1r4s

f1r4s Aug 6, 2017

Personally, i would love to be a bot in this fucking world and be one of Fast-flux network!

I think if Fast-flux techniques lead us to be using it as our proxy we will be in safe place... !

f1r4s commented Aug 6, 2017

Personally, i would love to be a bot in this fucking world and be one of Fast-flux network!

I think if Fast-flux techniques lead us to be using it as our proxy we will be in safe place... !

@yukuai0011

This comment has been minimized.

Show comment
Hide comment
@yukuai0011

yukuai0011 Aug 19, 2017

Then
How Do you trust your vps server provider,.
And What's more how about the ISP for your vps server provider.

Then
How Do you trust your vps server provider,.
And What's more how about the ISP for your vps server provider.

@kamilla

This comment has been minimized.

Show comment
Hide comment
@kamilla

kamilla Aug 21, 2017

The post is interesting and does raise many valuable points and issues, but I still agree on more with touya-akira, atoponce, Rich700000000000 and other well reasoned arguments.

I wasn't so interested in my privacy before. I always thought that I wasn't doing anything that I wouldn't mind anyone to know. And if I did do something that I wanted to keep in private, I used TOR and other countermeasures to hide my online actions. I never thought that those anti-piracy letters that were already been sent in the US could be threat at all here in Finland. And as you can guess, I was wrong. Anti-piracy-letter-blackmailers landed in Finland about 2-3 years ago in big way. Lawsuits began to appear and even then I thought that those charges would never hold. I was wrong again. I was stunned to see the Finnish District Court gave a verdict where the defendant was sentenced as guilty and ordered to pay enormous amounts of compensation. (800 euros / one TV episode that he was downloading (or missclicked, the sentence based on still capture and no proofs of complete downloads or even sharing 1 byte were made at all)). Just few weeks after that I got my first blackmail-letter from Hedman & Partners (the legal battle is still ongoing).

After the incident I started to search VPN providers and found very promising one, NordVPN (this is not a commercial! make your own decisions!), that at least promised to not log anything and offered other nice features, so I decided to try that. Now it's been almost 2 years without a single blackmail-letter. My friends with no VPN have got those letters and few of them even have had to pay the amount in court decision (or they didn't want to start a big legal battle against evil blackmailing companies, in which they couldn't be sure to have won here in Finland). So yes, VPN has done a great job for me and I keep trusting them way more than I would for example my ISP, that initially was the one who gave thousands and thousands of IP addresses and personal information to blackmailing companies like Hedman Partners. Thank god it was decided now year ago, that it is illegal to hand over thousands of IPs and identified data based only on IP address logs on the wiretapping-tool (that itself did and does share way more data than any individual as they have to join to torrent swarm to get any data).

I definitely trust more to my VPN than I trust for my government for example. And what comes to VPS and other self hosted systems, why on the earth would you trust them more to not give your private information than VPN provider that allows anonymous registration and payments? And even if you could get VPS anonymously. The glorified proxy as you see the VPN as, offers more security because of its shared IP. And at least I haven't read any story about VPN company (at least here in Europe) that would have given its customers personal data and connection logs (if they even exist) to government officials or blackmailing companies. There are also some legal battles concerning the logging and they have all dried out to see that there were no logs, as others have already mentioned.

Of course VPN is not a magic tool to hide you or anything. You need to know what it is and what are you doing with it. Same goes for TOR and other privacy offering services. They are next to nothing when used incorrectly. But not all VPN:s are evil, even if some of the free ones are. (Who even uses free VPN and thinks that they are not trying to exploit you? I know, money is not a guarantee to make service better, but still)

kamilla commented Aug 21, 2017

The post is interesting and does raise many valuable points and issues, but I still agree on more with touya-akira, atoponce, Rich700000000000 and other well reasoned arguments.

I wasn't so interested in my privacy before. I always thought that I wasn't doing anything that I wouldn't mind anyone to know. And if I did do something that I wanted to keep in private, I used TOR and other countermeasures to hide my online actions. I never thought that those anti-piracy letters that were already been sent in the US could be threat at all here in Finland. And as you can guess, I was wrong. Anti-piracy-letter-blackmailers landed in Finland about 2-3 years ago in big way. Lawsuits began to appear and even then I thought that those charges would never hold. I was wrong again. I was stunned to see the Finnish District Court gave a verdict where the defendant was sentenced as guilty and ordered to pay enormous amounts of compensation. (800 euros / one TV episode that he was downloading (or missclicked, the sentence based on still capture and no proofs of complete downloads or even sharing 1 byte were made at all)). Just few weeks after that I got my first blackmail-letter from Hedman & Partners (the legal battle is still ongoing).

After the incident I started to search VPN providers and found very promising one, NordVPN (this is not a commercial! make your own decisions!), that at least promised to not log anything and offered other nice features, so I decided to try that. Now it's been almost 2 years without a single blackmail-letter. My friends with no VPN have got those letters and few of them even have had to pay the amount in court decision (or they didn't want to start a big legal battle against evil blackmailing companies, in which they couldn't be sure to have won here in Finland). So yes, VPN has done a great job for me and I keep trusting them way more than I would for example my ISP, that initially was the one who gave thousands and thousands of IP addresses and personal information to blackmailing companies like Hedman Partners. Thank god it was decided now year ago, that it is illegal to hand over thousands of IPs and identified data based only on IP address logs on the wiretapping-tool (that itself did and does share way more data than any individual as they have to join to torrent swarm to get any data).

I definitely trust more to my VPN than I trust for my government for example. And what comes to VPS and other self hosted systems, why on the earth would you trust them more to not give your private information than VPN provider that allows anonymous registration and payments? And even if you could get VPS anonymously. The glorified proxy as you see the VPN as, offers more security because of its shared IP. And at least I haven't read any story about VPN company (at least here in Europe) that would have given its customers personal data and connection logs (if they even exist) to government officials or blackmailing companies. There are also some legal battles concerning the logging and they have all dried out to see that there were no logs, as others have already mentioned.

Of course VPN is not a magic tool to hide you or anything. You need to know what it is and what are you doing with it. Same goes for TOR and other privacy offering services. They are next to nothing when used incorrectly. But not all VPN:s are evil, even if some of the free ones are. (Who even uses free VPN and thinks that they are not trying to exploit you? I know, money is not a guarantee to make service better, but still)

@g33klord

This comment has been minimized.

Show comment
Hide comment
@g33klord

g33klord Sep 8, 2017

Here by VPN you mean "third party VPN service provider". What if I have set up my own VPN servers. With projects like Algo (https://github.com/trailofbits/algo) It has become very easy to setup your own VPN server.

I don't want my ISP to see what I am browsing.

g33klord commented Sep 8, 2017

Here by VPN you mean "third party VPN service provider". What if I have set up my own VPN servers. With projects like Algo (https://github.com/trailofbits/algo) It has become very easy to setup your own VPN server.

I don't want my ISP to see what I am browsing.

@tdemin

This comment has been minimized.

Show comment
Hide comment
@tdemin

tdemin Sep 10, 2017

@g33klord the article mentions this as a preferred way to do things if you still have to use a VPN. So, the article has got you covered. 😉

tdemin commented Sep 10, 2017

@g33klord the article mentions this as a preferred way to do things if you still have to use a VPN. So, the article has got you covered. 😉

@icyunv98

This comment has been minimized.

Show comment
Hide comment
@icyunv98

icyunv98 Sep 12, 2017

Nice article. I assume that there's really no such thing as anonymity on the world wide web. That being said i do use a vpn so that i stop getting those warnings from my isp.

Nice article. I assume that there's really no such thing as anonymity on the world wide web. That being said i do use a vpn so that i stop getting those warnings from my isp.

@MartinAlex12

This comment has been minimized.

Show comment
Hide comment
@MartinAlex12

MartinAlex12 Sep 19, 2017

I disagree. Using a VPN is safe especially when you use free wi-fi in public places and can be easily hacked. Here is an article which explains how VPN works https://vpnclientapp.com/blog/what-is-vpn/

I disagree. Using a VPN is safe especially when you use free wi-fi in public places and can be easily hacked. Here is an article which explains how VPN works https://vpnclientapp.com/blog/what-is-vpn/

@yangyichris

This comment has been minimized.

Show comment
Hide comment
@yangyichris

yangyichris Sep 27, 2017

I use OpenVPN for several years, but now I think softether is the best encrypted VPN protocol, here is a post discuss about it,
https://privatevpnservice.com/softether-vpn/
And set up a VPN by yourself on vps is easy, but i dont want to take my time to do it :)

I use OpenVPN for several years, but now I think softether is the best encrypted VPN protocol, here is a post discuss about it,
https://privatevpnservice.com/softether-vpn/
And set up a VPN by yourself on vps is easy, but i dont want to take my time to do it :)

@notjoe

This comment has been minimized.

Show comment
Hide comment
@notjoe

notjoe Sep 30, 2017

Hey there,

VPNs are probably even worse than your ISP assuming you're not using a trusted VPN. Think about it for a minute. Your ISP has less to gain by stealing your packetz than a rogue VPN Provider.

notjoe commented Sep 30, 2017

Hey there,

VPNs are probably even worse than your ISP assuming you're not using a trusted VPN. Think about it for a minute. Your ISP has less to gain by stealing your packetz than a rogue VPN Provider.

@markhascole

This comment has been minimized.

Show comment
Hide comment
@markhascole

markhascole Oct 10, 2017

I complete disagree with this article because after reading this article https://www.reviewsdir.com/why-use-a-vpn/ I become a lifetime user of VPN.

I complete disagree with this article because after reading this article https://www.reviewsdir.com/why-use-a-vpn/ I become a lifetime user of VPN.

@nf3

This comment has been minimized.

Show comment
Hide comment
@nf3

nf3 Nov 9, 2017

I wrote an article in this same vein on what are the important criteria in choosing (or not choosing a VPN as this original gist would recommend). My article address many of the points that this gist touch upon.
https://www.magnumvpn.com/vpn-providers.html

And like many of the commentors, I agree and recommend that TOR plus a VPN is the the current best privacy practice in order to shield yourself from 3rd party eyes.

nf3 commented Nov 9, 2017

I wrote an article in this same vein on what are the important criteria in choosing (or not choosing a VPN as this original gist would recommend). My article address many of the points that this gist touch upon.
https://www.magnumvpn.com/vpn-providers.html

And like many of the commentors, I agree and recommend that TOR plus a VPN is the the current best privacy practice in order to shield yourself from 3rd party eyes.

@nukeop

This comment has been minimized.

Show comment
Hide comment
@nukeop

nukeop Nov 11, 2017

Article sponsored by the NSA

nukeop commented Nov 11, 2017

Article sponsored by the NSA

@moti-safer

This comment has been minimized.

Show comment
Hide comment
@moti-safer

moti-safer Dec 3, 2017

Just to protect your WIFI connection is a good enough reason why to use a VPN,
about the logs - it's company interest that users will be private, secured and happy.

moti-safer commented Dec 3, 2017

Just to protect your WIFI connection is a good enough reason why to use a VPN,
about the logs - it's company interest that users will be private, secured and happy.

@Klinsen

This comment has been minimized.

Show comment
Hide comment
@Klinsen

Klinsen Dec 10, 2017

For me, a VPN is an important tool. In my country there are always restrictions to sensitive content which isn't all the time sensitive. If you want freedom on the net then a VPN is for you. on the other hand, it can even protect you from Hackers Yeah hackers https://www.bestvpndeals.com/can-vpn-protect-from-hackers/

Klinsen commented Dec 10, 2017

For me, a VPN is an important tool. In my country there are always restrictions to sensitive content which isn't all the time sensitive. If you want freedom on the net then a VPN is for you. on the other hand, it can even protect you from Hackers Yeah hackers https://www.bestvpndeals.com/can-vpn-protect-from-hackers/

@emilyanncr

This comment has been minimized.

Show comment
Hide comment
@emilyanncr

emilyanncr Dec 11, 2017

There's quite a few analytical inaccuracies in this article but my primary issue is the statement that all VPN providers log traffic. That is simply not true. Recently, IP Vanish, Private Internet Access and other VPNs have suspended operations in Russia because Russian laws conflict with their no-log policy. In a case in March of last year, the FBI subpoenaed Private Internet Access for their logs and PIA refused stating:
“Our company was subpoenaed by the FBI for user activity logs relating to this matter,” London Trust Media Executive Chairman Andrew Lee informs TorrentFreak.

“After scrutinizing the validity of the subpoena and confirming it, we restated as we always do the content of our privacy policy and then we notified the agent that we do not log any user activity. The agent confirmed his understanding of our company’s policy and position and then pursued alternative leads.

“This report makes it clear that PIA does not log user activity and we continue to stand by our commitment to our users.” (https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/)

emilyanncr commented Dec 11, 2017

There's quite a few analytical inaccuracies in this article but my primary issue is the statement that all VPN providers log traffic. That is simply not true. Recently, IP Vanish, Private Internet Access and other VPNs have suspended operations in Russia because Russian laws conflict with their no-log policy. In a case in March of last year, the FBI subpoenaed Private Internet Access for their logs and PIA refused stating:
“Our company was subpoenaed by the FBI for user activity logs relating to this matter,” London Trust Media Executive Chairman Andrew Lee informs TorrentFreak.

“After scrutinizing the validity of the subpoena and confirming it, we restated as we always do the content of our privacy policy and then we notified the agent that we do not log any user activity. The agent confirmed his understanding of our company’s policy and position and then pursued alternative leads.

“This report makes it clear that PIA does not log user activity and we continue to stand by our commitment to our users.” (https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/)

@Bomper

This comment has been minimized.

Show comment
Hide comment
@Bomper

Bomper Dec 19, 2017

This article started well, but got a lot of junk and spam comments. Gists don't send notifications, so @joepie91 never came back in 2+ years.

Anyways, the most reliable source (recommended by the EFF) for comparing VPN services is https://thatoneprivacysite.net/vpn-section/. From there you can look up VPNs that don't log, are located outside major surveillance jurisdictions ("5 eyes"), have good business ethics etc. Mullvad.net is one of the best. It accepts Bitcoin and the first three hours are free. Their support is quite remarkable - I got a reply to the only issue I had with them in under an hour. You don't have to use their app - you can use the standard OpenVPN service that works on Mac, Windows and Linux, so there's no way to get malware from Mullvad.

Bomper commented Dec 19, 2017

This article started well, but got a lot of junk and spam comments. Gists don't send notifications, so @joepie91 never came back in 2+ years.

Anyways, the most reliable source (recommended by the EFF) for comparing VPN services is https://thatoneprivacysite.net/vpn-section/. From there you can look up VPNs that don't log, are located outside major surveillance jurisdictions ("5 eyes"), have good business ethics etc. Mullvad.net is one of the best. It accepts Bitcoin and the first three hours are free. Their support is quite remarkable - I got a reply to the only issue I had with them in under an hour. You don't have to use their app - you can use the standard OpenVPN service that works on Mac, Windows and Linux, so there's no way to get malware from Mullvad.

@pablospe

This comment has been minimized.

Show comment
Hide comment
@pablospe

pablospe Jan 2, 2018

The mysterium network (a decentralized VPN) has been mentioned. I was wondering your opinion about this, and if this could be a solution to the current VPN problems mentioned here; namely, the need to trust in VPS or VPN providers.

pablospe commented Jan 2, 2018

The mysterium network (a decentralized VPN) has been mentioned. I was wondering your opinion about this, and if this could be a solution to the current VPN problems mentioned here; namely, the need to trust in VPS or VPN providers.

@CHEF-KOCH

This comment has been minimized.

Show comment
Hide comment
@CHEF-KOCH

CHEF-KOCH Jan 6, 2018

Garbage article, stupid and wrong 'arguments'. VPN is still better than nothing, choosing the right one is a key. The server location doesn't matter if the encryption is strong enough so that no one can look into it, even if there forced to give user data away they would only see giberish, that's a fact.

There wong myths and rumours but there only a handful of people which really understanding what it really takes to harden your VPN service against attacks, so it's at the end a matter of how fast your provider fixes known holes (because you can't aware of every possible attack).

Garbage article, stupid and wrong 'arguments'. VPN is still better than nothing, choosing the right one is a key. The server location doesn't matter if the encryption is strong enough so that no one can look into it, even if there forced to give user data away they would only see giberish, that's a fact.

There wong myths and rumours but there only a handful of people which really understanding what it really takes to harden your VPN service against attacks, so it's at the end a matter of how fast your provider fixes known holes (because you can't aware of every possible attack).

@frazras

This comment has been minimized.

Show comment
Hide comment
@frazras

frazras Feb 7, 2018

@joepie91 would the perfect VPN be a service that offers preconfigured VPNs on your own secured VPS with an encrypted hard disk?

frazras commented Feb 7, 2018

@joepie91 would the perfect VPN be a service that offers preconfigured VPNs on your own secured VPS with an encrypted hard disk?

@rosoposo

This comment has been minimized.

Show comment
Hide comment
@rosoposo

rosoposo Feb 14, 2018

BTW, I use a private VPN server which can be setup on aws in a few minutes https://github.com/webdigi/AWS-VPN-Server-Setup

No logging on server side guaranteed. AWS could monitor but I do not think of that as an issue for my use cases.

BTW, I use a private VPN server which can be setup on aws in a few minutes https://github.com/webdigi/AWS-VPN-Server-Setup

No logging on server side guaranteed. AWS could monitor but I do not think of that as an issue for my use cases.

@bramswenson

This comment has been minimized.

Show comment
Hide comment
@bramswenson

bramswenson Feb 14, 2018

Better yet, seek out reasonable advice from those proven to be invested in our privacy: https://ssd.eff.org/

Better yet, seek out reasonable advice from those proven to be invested in our privacy: https://ssd.eff.org/

@medatlas

This comment has been minimized.

Show comment
Hide comment
@medatlas

medatlas Feb 14, 2018

Saying that VPN providers log all traffic is a big assumption! First, It’s impossible to log trillions of GBs daily. Second, your traffic is supposed to go through a secure tunnel between you and your provider. Third, it’s easy to know if your provider decrypts your traffic: simply view SSL certificate of the website that you are visiting and see if your VPN provider replaces it with its own. If SSL certificate is issued to the website that you are visiting then you are safe. Some providers offer a second layer of encryption and in this case they need to work as MITM. If you own an iPhone an App called Inspect can help you to view SSL certificates. Regarding ISPs, they have no interest to decrypt your traffic unless a big brother asks them to do so! ISPs still have interest in some metadata that FCC allow them to collect and sell. So the decision to use VPN or not depends on what you want to achieve and what are your risks to be victim of spying or stalking!

Saying that VPN providers log all traffic is a big assumption! First, It’s impossible to log trillions of GBs daily. Second, your traffic is supposed to go through a secure tunnel between you and your provider. Third, it’s easy to know if your provider decrypts your traffic: simply view SSL certificate of the website that you are visiting and see if your VPN provider replaces it with its own. If SSL certificate is issued to the website that you are visiting then you are safe. Some providers offer a second layer of encryption and in this case they need to work as MITM. If you own an iPhone an App called Inspect can help you to view SSL certificates. Regarding ISPs, they have no interest to decrypt your traffic unless a big brother asks them to do so! ISPs still have interest in some metadata that FCC allow them to collect and sell. So the decision to use VPN or not depends on what you want to achieve and what are your risks to be victim of spying or stalking!

@lordgreg

This comment has been minimized.

Show comment
Hide comment
@lordgreg

lordgreg Feb 14, 2018

You forgot to add one crucial point about VPN. Where the server is located (country). Meaning the law prosecution triggers more in some countries and less in another.

And... how is home VPN same as VPN in country XYZ? my VPN is always my VPN address. VPN provider elsewhere adds at least one layer aka. another ip. And where is your data retention time mentioned? You're missing some big points in your article.

However, its written in a way people should consider using own brain before buying a VPN service.

You forgot to add one crucial point about VPN. Where the server is located (country). Meaning the law prosecution triggers more in some countries and less in another.

And... how is home VPN same as VPN in country XYZ? my VPN is always my VPN address. VPN provider elsewhere adds at least one layer aka. another ip. And where is your data retention time mentioned? You're missing some big points in your article.

However, its written in a way people should consider using own brain before buying a VPN service.

@iamandrewluca

This comment has been minimized.

Show comment
Hide comment
@iamandrewluca

iamandrewluca Feb 14, 2018

If I'm providing VPN Services. Am I in any danger? For example government wants info about some customers and I don't want to provide it.

If I'm providing VPN Services. Am I in any danger? For example government wants info about some customers and I don't want to provide it.

@HelioCampos

This comment has been minimized.

Show comment
Hide comment
@HelioCampos

HelioCampos Feb 14, 2018

@CHEF-KOCK if they (police) start their search in the destination, they will have the content you were looking for. All they will require from your vpn provider is where this connection come from and not its content. And this is the only data the a vpn or a vps provider could log and handle. Any way, there are good cases to use a vps and vpn providers, like living in countries that free speach is forbidden, so I would like to provide an alternative to commercial vpn. Its the Streisand project that automate the configuration of a number of tool to surf anonymously: https://github.com/StreisandEffect/streisand/blob/master/README.md
Again, it should not be used to access private contents or for hacking because it would be wrong and it would give the police an excuse to go after you and your IP in the vps provider than in your ISP.

@CHEF-KOCK if they (police) start their search in the destination, they will have the content you were looking for. All they will require from your vpn provider is where this connection come from and not its content. And this is the only data the a vpn or a vps provider could log and handle. Any way, there are good cases to use a vps and vpn providers, like living in countries that free speach is forbidden, so I would like to provide an alternative to commercial vpn. Its the Streisand project that automate the configuration of a number of tool to surf anonymously: https://github.com/StreisandEffect/streisand/blob/master/README.md
Again, it should not be used to access private contents or for hacking because it would be wrong and it would give the police an excuse to go after you and your IP in the vps provider than in your ISP.

@kamyarghasemlouDH

This comment has been minimized.

Show comment
Hide comment
@kamyarghasemlouDH

kamyarghasemlouDH Feb 14, 2018

Would strongly recommend this for setting up your own vpn, super easy to use:
https://github.com/trailofbits/algo

Would strongly recommend this for setting up your own vpn, super easy to use:
https://github.com/trailofbits/algo

@robdunne-uom

This comment has been minimized.

Show comment
Hide comment
@robdunne-uom

robdunne-uom Feb 14, 2018

Security advice that 99.9% of Internet users can’t implement is garbage information.

Security advice that 99.9% of Internet users can’t implement is garbage information.

@igorescobar

This comment has been minimized.

Show comment
Hide comment
@igorescobar

igorescobar Feb 14, 2018

It's easier to hack into your neighbors WiFi do what you got to do and get out :*

It's easier to hack into your neighbors WiFi do what you got to do and get out :*

@hollerith

This comment has been minimized.

Show comment
Hide comment
@hollerith

hollerith Feb 14, 2018

If it makes no difference then why not? You are always on a known-hostile network (i.e. EVERY NETWORK). VPN is a misnomer - it is not truly 100% private. However, most paid for services are good enough to bypass ISP. You could set up your own, extend your network slightly to bypass your ISP, appear in different locales, https://github.com/trailofbits/algo is easy enough, on a cheap cloud provider. If you do implement VPN make sure you route DNS through your VPN. If you want absolute nation-state proof privacy - it can't really be had that easily as even TOR is pretty well mapped now. You're gonna need a bigger boat.

If it makes no difference then why not? You are always on a known-hostile network (i.e. EVERY NETWORK). VPN is a misnomer - it is not truly 100% private. However, most paid for services are good enough to bypass ISP. You could set up your own, extend your network slightly to bypass your ISP, appear in different locales, https://github.com/trailofbits/algo is easy enough, on a cheap cloud provider. If you do implement VPN make sure you route DNS through your VPN. If you want absolute nation-state proof privacy - it can't really be had that easily as even TOR is pretty well mapped now. You're gonna need a bigger boat.

@Pushergene

This comment has been minimized.

Show comment
Hide comment
@Pushergene

Pushergene Feb 14, 2018

This is just bullshit. ProtonVPN is very secure and should be used. Others like Hotspotshield and Betternet should not be used.
https://epiphany12.github.io/
here you can see very trusted VPNS in good countries.
This Post is OLD! Stop trusting this useless shit. Some VPNs can provide 90% Anonymity.

This is just bullshit. ProtonVPN is very secure and should be used. Others like Hotspotshield and Betternet should not be used.
https://epiphany12.github.io/
here you can see very trusted VPNS in good countries.
This Post is OLD! Stop trusting this useless shit. Some VPNs can provide 90% Anonymity.

@ttlequals0

This comment has been minimized.

Show comment
Hide comment
@ttlequals0

ttlequals0 Feb 14, 2018

Shameless plug, but there is a reason why I made this https://github.com/ttlequals0/autovpn

I can make disposable VPN endpoints anywhere in the world.

Pros
I pay as I need no monthly subscription.

You always will have a fresh endpoint, making it unlikely to compromised without you knowing.

Cons
This is not meant to be used for illegal activities but more of a way to protect your self on hostile networks.

There is a lack of anonymity because you have an AWS account tied to credit card.

There is an inherent trust in AWS. They probably log and most likely don't monitor traffic

ttlequals0 commented Feb 14, 2018

Shameless plug, but there is a reason why I made this https://github.com/ttlequals0/autovpn

I can make disposable VPN endpoints anywhere in the world.

Pros
I pay as I need no monthly subscription.

You always will have a fresh endpoint, making it unlikely to compromised without you knowing.

Cons
This is not meant to be used for illegal activities but more of a way to protect your self on hostile networks.

There is a lack of anonymity because you have an AWS account tied to credit card.

There is an inherent trust in AWS. They probably log and most likely don't monitor traffic

@Pushergene

This comment has been minimized.

Show comment
Hide comment
@Pushergene

Pushergene Feb 15, 2018

@ttlequals0

Payment Method is not so important... Because your payment won't be written in the Logs. If the Service is Trustworthy, your payment informations won't be compromised. Its just about what VPN-Service you are paying for. It's important where the VPN is based at. They have to respect the Laws, so it means they can't just say they cannot see what you are doing while using the VPN. And in some countries there's no data retention law. US VPN's should not be used.

ISP's react to requests for data informations from lawyers when it's about filesharing. Good VPN's ignore requests from lawyers because theres no court order.
Some Countries dont have Data Retention laws and are outside US and EU. For example ExpressVPN, NordVPN, VPN.ac, Perfect-Privacy, ProtonVPN are in good countries.

Pushergene commented Feb 15, 2018

@ttlequals0

Payment Method is not so important... Because your payment won't be written in the Logs. If the Service is Trustworthy, your payment informations won't be compromised. Its just about what VPN-Service you are paying for. It's important where the VPN is based at. They have to respect the Laws, so it means they can't just say they cannot see what you are doing while using the VPN. And in some countries there's no data retention law. US VPN's should not be used.

ISP's react to requests for data informations from lawyers when it's about filesharing. Good VPN's ignore requests from lawyers because theres no court order.
Some Countries dont have Data Retention laws and are outside US and EU. For example ExpressVPN, NordVPN, VPN.ac, Perfect-Privacy, ProtonVPN are in good countries.

@alanhogan

This comment has been minimized.

Show comment
Hide comment
@alanhogan

alanhogan Feb 15, 2018

rather ill-considered. the advice to set up your own proxy / host your own VPN trades a lot of things away just to make sure you are not being logged by a VPN service. Your cost is probably more, reliability probably less, and your traffic may be much more readily identifiable as 'you' because instead of sharing an address with other customers, it’s … just you. Take into account the reasons someone may want a VPN.

rather ill-considered. the advice to set up your own proxy / host your own VPN trades a lot of things away just to make sure you are not being logged by a VPN service. Your cost is probably more, reliability probably less, and your traffic may be much more readily identifiable as 'you' because instead of sharing an address with other customers, it’s … just you. Take into account the reasons someone may want a VPN.

@mhsabbagh

This comment has been minimized.

Show comment
Hide comment
@mhsabbagh

mhsabbagh Feb 15, 2018

Those people in the comments linking to their own articles/websites trying to bring in few visitors/customers are pathetic.

Those people in the comments linking to their own articles/websites trying to bring in few visitors/customers are pathetic.

@megawattz

This comment has been minimized.

Show comment
Hide comment
@megawattz

megawattz Feb 16, 2018

I would only direct certain traffic through a VPN, not everthing. Dedicate one browser to be the VPN browser.

Why? Because IP Address is not the only identifying data you are sending. Cookies, E-Tags and other methods can identify you uniquely and VPNs don't block any of that. Also a VPN will direct ALL traffic, not just browser traffic. Who knows what your apps are transmitting? If you send ANY identifying data thought the VPN then the attacker can associate THAT data with your non-identifying data by assuming the same TCP addresses showing indentifying data are yours. Also ONLY use HTTPS websites, never HTTP. A VPN does not decrypt your HTTPS connection. i.e. you cannot be attacked by a man-in-the-middle. (Unless the NSA has co-opted all digital certificates which is actually a distinct possibility)

Dedicate one browser as the private browser, that and only that uses the VPN. Opera has a built in VPN. Also always use the incognito or privacy mode also. This deletes cookies after your session so you can only be identified as "this person" for your session, and no longer. Set the browser to NOT retain 3rd party cookies to reduce tracking in general.

Now, all your vanilla traffic you use your normal, open browser. "Look NSA, I'm just a solid citizen, taking my vaccines, watching CNN and voting for Hillary". But for stuff that has any degree of controversy, use the private VPN dedicated browser. "Look Chief, this isn't our guy. This is Mr. Brain Dead American zombie wanker. He's not into anything weird". (wink wink, nudge nudge, say no more)

megawattz commented Feb 16, 2018

I would only direct certain traffic through a VPN, not everthing. Dedicate one browser to be the VPN browser.

Why? Because IP Address is not the only identifying data you are sending. Cookies, E-Tags and other methods can identify you uniquely and VPNs don't block any of that. Also a VPN will direct ALL traffic, not just browser traffic. Who knows what your apps are transmitting? If you send ANY identifying data thought the VPN then the attacker can associate THAT data with your non-identifying data by assuming the same TCP addresses showing indentifying data are yours. Also ONLY use HTTPS websites, never HTTP. A VPN does not decrypt your HTTPS connection. i.e. you cannot be attacked by a man-in-the-middle. (Unless the NSA has co-opted all digital certificates which is actually a distinct possibility)

Dedicate one browser as the private browser, that and only that uses the VPN. Opera has a built in VPN. Also always use the incognito or privacy mode also. This deletes cookies after your session so you can only be identified as "this person" for your session, and no longer. Set the browser to NOT retain 3rd party cookies to reduce tracking in general.

Now, all your vanilla traffic you use your normal, open browser. "Look NSA, I'm just a solid citizen, taking my vaccines, watching CNN and voting for Hillary". But for stuff that has any degree of controversy, use the private VPN dedicated browser. "Look Chief, this isn't our guy. This is Mr. Brain Dead American zombie wanker. He's not into anything weird". (wink wink, nudge nudge, say no more)

@nordvpnsucks

This comment has been minimized.

Show comment
Hide comment
@nordvpnsucks

nordvpnsucks Feb 18, 2018

I do not know how or why but my personal experience has shown me that using vpn is LESS secure then not using vpn. I started using vpn about a month ago and things have been worse, not better, in relation to privacy.

I do not know how or why but my personal experience has shown me that using vpn is LESS secure then not using vpn. I started using vpn about a month ago and things have been worse, not better, in relation to privacy.

@MichaelVPN

This comment has been minimized.

Show comment
Hide comment
@MichaelVPN

MichaelVPN Feb 18, 2018

This is a bunch of crap. You make valid points but you forget that without a VPN you still have to trust the ISP that you are using. Even when you build your own VPN, there are so many drawbacks that come with that. Limited locations, limited app support, network experience and so many other things that are required to do it right which the 99% consumers has no awareness off.

Basically, your VPN provider becomes your ISP. Your write up assumes every VPN provider is malicious. This couldn't be further from the truth and while you can't verify what they do with your encryption keys and data, you HAVE to trust some entity...and I would much rather trust a VPN company versus an ISP who 1000% is going to track me and resell my data and browsing activity. You can find a huge list of VPNs and everything about them at vpn.com.

As for your reference of a glorified proxy is terrible too. A proxy uses no encryption which is exactly what differentiates it from a VPN. Regardless of who has access to this encryption (you, your ISP, or your VPN provider), a VPN offers a lot more benefits than a "glorified proxy" or simply not using one altogether.

MichaelVPN commented Feb 18, 2018

This is a bunch of crap. You make valid points but you forget that without a VPN you still have to trust the ISP that you are using. Even when you build your own VPN, there are so many drawbacks that come with that. Limited locations, limited app support, network experience and so many other things that are required to do it right which the 99% consumers has no awareness off.

Basically, your VPN provider becomes your ISP. Your write up assumes every VPN provider is malicious. This couldn't be further from the truth and while you can't verify what they do with your encryption keys and data, you HAVE to trust some entity...and I would much rather trust a VPN company versus an ISP who 1000% is going to track me and resell my data and browsing activity. You can find a huge list of VPNs and everything about them at vpn.com.

As for your reference of a glorified proxy is terrible too. A proxy uses no encryption which is exactly what differentiates it from a VPN. Regardless of who has access to this encryption (you, your ISP, or your VPN provider), a VPN offers a lot more benefits than a "glorified proxy" or simply not using one altogether.

@mr25thfret

This comment has been minimized.

Show comment
Hide comment
@mr25thfret

mr25thfret Feb 20, 2018

Great read (comments included). Much appreciated.

Great read (comments included). Much appreciated.

@wenell

This comment has been minimized.

Show comment
Hide comment
@wenell

wenell Feb 22, 2018

Well, I don't think all VPNs are log users activities. I thought there is no need to use VPN after the read user's reviews. I really feel that I should need to use VPN. I use VPN all the time and on all devices like Laptop and Smartphone, etc. without VPN I feel like unsafe because I pay the bills via credit card while using public wifi. I don't think all VPN provider log users activities because they claim that they do not log users activities and I think I am using log less VPN. I don't know if they record activities, but we can trust them there no other way.

wenell commented Feb 22, 2018

Well, I don't think all VPNs are log users activities. I thought there is no need to use VPN after the read user's reviews. I really feel that I should need to use VPN. I use VPN all the time and on all devices like Laptop and Smartphone, etc. without VPN I feel like unsafe because I pay the bills via credit card while using public wifi. I don't think all VPN provider log users activities because they claim that they do not log users activities and I think I am using log less VPN. I don't know if they record activities, but we can trust them there no other way.

@dmzpkts

This comment has been minimized.

Show comment
Hide comment
@dmzpkts

dmzpkts Feb 23, 2018

They finally let you out of jail Sven????

This "article" was written by a person who had his IRC server rooted, and compromised all of the users across his network. The group responsible released over a million lines of chatlogs. Joepie found them and apparently thought that echoing the word "cocks" into the file would delete the rest...

Nope.

See for yourselves.

" Towards the end of this dump, we just stopped taking backups and left tail -f
running. joepie97 found the hook, just a little too late (a million PMs in
the PM log alone). He then ran: "echo 'cocks' > ._IRCD". Interestingly,
neither Stanford, nor Gentoo developers, nor the EFF list "echo 'cocks'>file"
as a secure deletion method. As such, we proceeded to take the latest copy
directly off the HDD (sed cocks). Check out the Files section for the
chanlogs & PM logs. "
https://www.exploit-db.com/papers/42901/

Sven Slootweg is no one to listen to when it comes to security.

dmzpkts commented Feb 23, 2018

They finally let you out of jail Sven????

This "article" was written by a person who had his IRC server rooted, and compromised all of the users across his network. The group responsible released over a million lines of chatlogs. Joepie found them and apparently thought that echoing the word "cocks" into the file would delete the rest...

Nope.

See for yourselves.

" Towards the end of this dump, we just stopped taking backups and left tail -f
running. joepie97 found the hook, just a little too late (a million PMs in
the PM log alone). He then ran: "echo 'cocks' > ._IRCD". Interestingly,
neither Stanford, nor Gentoo developers, nor the EFF list "echo 'cocks'>file"
as a secure deletion method. As such, we proceeded to take the latest copy
directly off the HDD (sed cocks). Check out the Files section for the
chanlogs & PM logs. "
https://www.exploit-db.com/papers/42901/

Sven Slootweg is no one to listen to when it comes to security.

@ABDKT3D

This comment has been minimized.

Show comment
Hide comment
@ABDKT3D

ABDKT3D Feb 25, 2018

For slightly better privacy during browsing - use a VPN combined with a cloud based browser in private mode like silo or puffin. Website attributes it to cloud ip, all cookies are sent to and stored on cloud server, cannot correlate it with windows update logs, VPN knows you are visiting the domain cloudmosa, nothing is stored locally unless you download it. I wouldn't do my banking on it though.

ABDKT3D commented Feb 25, 2018

For slightly better privacy during browsing - use a VPN combined with a cloud based browser in private mode like silo or puffin. Website attributes it to cloud ip, all cookies are sent to and stored on cloud server, cannot correlate it with windows update logs, VPN knows you are visiting the domain cloudmosa, nothing is stored locally unless you download it. I wouldn't do my banking on it though.

@contrawise

This comment has been minimized.

Show comment
Hide comment
@contrawise

contrawise Feb 26, 2018

Now that US ISPs are allowed to sniff our data legally and share it, I believe a carefully selected commercial VPN service is more likely to be looking out for my privacy than my ISP. I only have a couple of ISPs to choose from, and both have shown themselves to be quite self-centered. I'll take my chances with my respected VPN provider.

Now that US ISPs are allowed to sniff our data legally and share it, I believe a carefully selected commercial VPN service is more likely to be looking out for my privacy than my ISP. I only have a couple of ISPs to choose from, and both have shown themselves to be quite self-centered. I'll take my chances with my respected VPN provider.

@rojagit

This comment has been minimized.

Show comment
Hide comment
@rojagit

rojagit Mar 16, 2018

I tend to trust PIA (though their client sucks) just with the statement 'no one has been busted yet using PIA'

https://www.privateinternetaccess.com/forum/discussion/19273/am-i-really-anonymous

rojagit commented Mar 16, 2018

I tend to trust PIA (though their client sucks) just with the statement 'no one has been busted yet using PIA'

https://www.privateinternetaccess.com/forum/discussion/19273/am-i-really-anonymous

@JohnMasonVPN

This comment has been minimized.

Show comment
Hide comment
@JohnMasonVPN

JohnMasonVPN Mar 26, 2018

Kinda agree with you here. Earlier VPNs used to be a good tool, but now there's more than 100 different VPNs, some of them using shared/cloud 3rd party servers, many have fake "no logs", although claiming so (hint: PureVPN & HideMyass: https://thebestvpn.com/118-vpns-logging-policy).

If you really need a VPN, you should try using the ones that allow anonymous payment options such as Mullvad or ExpressVPN. Just my 2 cents...

JohnMasonVPN commented Mar 26, 2018

Kinda agree with you here. Earlier VPNs used to be a good tool, but now there's more than 100 different VPNs, some of them using shared/cloud 3rd party servers, many have fake "no logs", although claiming so (hint: PureVPN & HideMyass: https://thebestvpn.com/118-vpns-logging-policy).

If you really need a VPN, you should try using the ones that allow anonymous payment options such as Mullvad or ExpressVPN. Just my 2 cents...

@shipdog7

This comment has been minimized.

Show comment
Hide comment
@shipdog7

shipdog7 Mar 27, 2018

26 of the 115 most popular VPNs are secretly keeping tabs on you. Do a search and look it up. A recent investigation into 115 of the world’s most popular VPN services revealed that many are antithetical to their stated claims. To build trust, providers make promises not to track users through logs or other identifying information. But as a popular VPN comparison site found out, this isn’t always true. The Best VPN recently peeked under the hood of over 100 of the biggest VPN services. All told, 26 of them collect three or more important log files that could contain personal and identifying information — things like your IP address, location, bandwidth data, and connection timestamps.

26 of the 115 most popular VPNs are secretly keeping tabs on you. Do a search and look it up. A recent investigation into 115 of the world’s most popular VPN services revealed that many are antithetical to their stated claims. To build trust, providers make promises not to track users through logs or other identifying information. But as a popular VPN comparison site found out, this isn’t always true. The Best VPN recently peeked under the hood of over 100 of the biggest VPN services. All told, 26 of them collect three or more important log files that could contain personal and identifying information — things like your IP address, location, bandwidth data, and connection timestamps.

@ricardokittrell11

This comment has been minimized.

Show comment
Hide comment
@ricardokittrell11

ricardokittrell11 Mar 30, 2018

I successfully do transactions with LiviaCoins. You can try it but you will have to thank me later.

I successfully do transactions with LiviaCoins. You can try it but you will have to thank me later.

@galik

This comment has been minimized.

Show comment
Hide comment
@galik

galik Mar 31, 2018

AirVPN Have printed a personal rebuttal to this article here: https://airvpn.org/topic/26206-rebuttal-of-article-dont-use-vpn-services/

Obviously you can make wild claims about any group of businesses, accusing them of whatever you like. That doesn't mean that all of them are.

galik commented Mar 31, 2018

AirVPN Have printed a personal rebuttal to this article here: https://airvpn.org/topic/26206-rebuttal-of-article-dont-use-vpn-services/

Obviously you can make wild claims about any group of businesses, accusing them of whatever you like. That doesn't mean that all of them are.

@Geraner

This comment has been minimized.

Show comment
Hide comment
@Geraner

Geraner Mar 31, 2018

It remembers me about another interesting article regarding this topic.
Are VPN providers more trustworthy than your ISP?

Geraner commented Mar 31, 2018

It remembers me about another interesting article regarding this topic.
Are VPN providers more trustworthy than your ISP?

@IfitissoRedditorsarereallyclever

This comment has been minimized.

Show comment
Hide comment
@IfitissoRedditorsarereallyclever

IfitissoRedditorsarereallyclever Apr 17, 2018

I thank you from the bottom of my heart because you sure have the guts!
I was tired, tired of Redditors, because everyone is making this VPN providers popular by saying some bullshit and then everyone follow that opinion like sheep. Idiots, they're called, because they speak without any knowledge at all, without any knowledge of IT security whatsoever. You sure showed of being able to use the brain to think. Indeed, all these people trusting random business about their data are just fools. These fools are even here, offended since the article make them believe they're wasting money (indeed, they don't know the value of money, too), just have a look at the comments. I think VPN is a geek trend like Bose is for headphones. But every time I look info about them I get 90% of people who doesn't provide any reason behind their statements, it took me a while to find this.

Hackers have often been arrested under the stupid VPN protection. Surely, any VPN providers who claim to don't log you and care about your privacy will protect users while they browse Pornhub, but none will do if there are serious legal issues, as the police won't stop if that's the case (in USA, FBI don't give a fu** about people watching porn and protecting their anonimity..., but it gives a shi** if someone seriously break the law. Elsewhere, it's the same). As a proof of what I'm saying, not even one serious hacker would trust a VPN provider as safe for their tasks and their job. Now, since you do need to believe your fantasy and illusions, since we're not speaking about privacy or security, but of a trend, like Bose, Apple, or an expensive car, I'll leave you to continue defending your super VPN provider. After all, they're nothing more than a business making money, they must be good at marketing to make their products sell, so it's their intention to make you believe they're a beneficial organization. People need illusions, 'cause people need to spend money as a status quo. That is why VPN mostly exist. It's not anyone is evil, it's just business, and the geeks are the one who are going to buy. Anyway, most of the user don't really need anonymity so any VPN is fine as it is their ISP (the author spoke about P2P and scare-letters, indeed). If it'll come the time somehow you'll want to protect your anonymity from the worst of the case, first you'll realize it is actually impossible, then you'll do your best instead of believing some company advertising shit.
It's all for today.

PS/TL;DR: I was seriously wondering if we have the brain for something, cause the more I googled, the more I just found the same stuff said over and over without any logic behind it, regarding VPN. The ones who defend themselves they're just ridiculous. I want to see a VPN provider not giving out their logs in the case of an illegal issue (i.e. killer), then you can say they don't keep logs... Of course it won't happen, since the lawyer is cost and they're a Company, they won't pay out of their pockets. This is like the encryption and the $5 wrench, https://imgs.xkcd.com/comics/security.png (no matter the efforts, some idiot will still believe their encrypted porn collection is safe).
I've put many efforts at empathizing the porn thing to make people realize most of this VPN users don't need anonymity, it's just the cool thing of it. I also use proxy, VPN and stuff sometimes, but I realize they're not safe and I do only to bypass country restrictions, anyway.
I'd recommend anyone to head over to Tails site and have a good read of what anonymity really is, what is your fingerprint (no, not the browser, yours...) and why true anonymity is impossible. Those FAQ and articles on that website were written by people who know about security, and who research before opening their mouth.
Thank you, author, again, since you go against the general mainstream opinions.

I thank you from the bottom of my heart because you sure have the guts!
I was tired, tired of Redditors, because everyone is making this VPN providers popular by saying some bullshit and then everyone follow that opinion like sheep. Idiots, they're called, because they speak without any knowledge at all, without any knowledge of IT security whatsoever. You sure showed of being able to use the brain to think. Indeed, all these people trusting random business about their data are just fools. These fools are even here, offended since the article make them believe they're wasting money (indeed, they don't know the value of money, too), just have a look at the comments. I think VPN is a geek trend like Bose is for headphones. But every time I look info about them I get 90% of people who doesn't provide any reason behind their statements, it took me a while to find this.

Hackers have often been arrested under the stupid VPN protection. Surely, any VPN providers who claim to don't log you and care about your privacy will protect users while they browse Pornhub, but none will do if there are serious legal issues, as the police won't stop if that's the case (in USA, FBI don't give a fu** about people watching porn and protecting their anonimity..., but it gives a shi** if someone seriously break the law. Elsewhere, it's the same). As a proof of what I'm saying, not even one serious hacker would trust a VPN provider as safe for their tasks and their job. Now, since you do need to believe your fantasy and illusions, since we're not speaking about privacy or security, but of a trend, like Bose, Apple, or an expensive car, I'll leave you to continue defending your super VPN provider. After all, they're nothing more than a business making money, they must be good at marketing to make their products sell, so it's their intention to make you believe they're a beneficial organization. People need illusions, 'cause people need to spend money as a status quo. That is why VPN mostly exist. It's not anyone is evil, it's just business, and the geeks are the one who are going to buy. Anyway, most of the user don't really need anonymity so any VPN is fine as it is their ISP (the author spoke about P2P and scare-letters, indeed). If it'll come the time somehow you'll want to protect your anonymity from the worst of the case, first you'll realize it is actually impossible, then you'll do your best instead of believing some company advertising shit.
It's all for today.

PS/TL;DR: I was seriously wondering if we have the brain for something, cause the more I googled, the more I just found the same stuff said over and over without any logic behind it, regarding VPN. The ones who defend themselves they're just ridiculous. I want to see a VPN provider not giving out their logs in the case of an illegal issue (i.e. killer), then you can say they don't keep logs... Of course it won't happen, since the lawyer is cost and they're a Company, they won't pay out of their pockets. This is like the encryption and the $5 wrench, https://imgs.xkcd.com/comics/security.png (no matter the efforts, some idiot will still believe their encrypted porn collection is safe).
I've put many efforts at empathizing the porn thing to make people realize most of this VPN users don't need anonymity, it's just the cool thing of it. I also use proxy, VPN and stuff sometimes, but I realize they're not safe and I do only to bypass country restrictions, anyway.
I'd recommend anyone to head over to Tails site and have a good read of what anonymity really is, what is your fingerprint (no, not the browser, yours...) and why true anonymity is impossible. Those FAQ and articles on that website were written by people who know about security, and who research before opening their mouth.
Thank you, author, again, since you go against the general mainstream opinions.

@AndersonKay

This comment has been minimized.

Show comment
Hide comment
@AndersonKay

AndersonKay Apr 20, 2018

First of all, why there is a translation to russian? When Russia is actually one of the most who needs a vpn?((https://www.zdnet.com/article/google-amazon-drawn-into-telegram-ban-as-russia-blocks-1-8-million-ip-addresses/ )
Secondly, there is a tough difference between proxy and vpn: proxy only changes your IP, and vpn actually encrypts your activity, so you wouldnt call vpn a ‘glorified proxy’ because it is false.
Thirdly, about data retention laws - the countries which doesnt have those laws are usually outside US and EU, so you would want to look at ProtonVPN or NordVPN (based in Panama).

First of all, why there is a translation to russian? When Russia is actually one of the most who needs a vpn?((https://www.zdnet.com/article/google-amazon-drawn-into-telegram-ban-as-russia-blocks-1-8-million-ip-addresses/ )
Secondly, there is a tough difference between proxy and vpn: proxy only changes your IP, and vpn actually encrypts your activity, so you wouldnt call vpn a ‘glorified proxy’ because it is false.
Thirdly, about data retention laws - the countries which doesnt have those laws are usually outside US and EU, so you would want to look at ProtonVPN or NordVPN (based in Panama).

@ZigmundVonZaun

This comment has been minimized.

Show comment
Hide comment
@ZigmundVonZaun

ZigmundVonZaun Jun 16, 2018

Heres how I see it. VPN provider services are safe for small time crooks. VPN services, Tor and all other encryption technologies that have humans involved are all just toys providing a false sense of security. If they want to catch you, they will catch you irregardless. The three letter agencies are increasingly everywhere. From processor manufacturers; Intel to CA Authorities; Verisign.

But catching you means investing in a good and talented forensic and legal team. Resources are scarce. They have to make choices. So if the cost of catching you is greater than the damage you make, you are left alone. You are sent annoying letters. A random opportunist who wants to exploit the law and rip you off might take the golden opportunity. But if the damage you make the industry in the long run is greater than the cost of catching you, you'll get got in a few months. The internet is a large place and you probably fucked up years or a decade ago leaving pieces of yourself in your uniquely fingerprintable machines. I'm sure there is some incriminating information about you lying around somewhere. In the event of an indictment, a VPN service provider might consult with lawyers and weigh the risk of taking on your case.

They might want the publicity. Any publicity is good publicity they say. Sometimes the lawyers will tell the board, "we can't win the case." And nobody really wants to go to jail or lose their cash cow for you and your 100 € p.a subscription.

ZigmundVonZaun commented Jun 16, 2018

Heres how I see it. VPN provider services are safe for small time crooks. VPN services, Tor and all other encryption technologies that have humans involved are all just toys providing a false sense of security. If they want to catch you, they will catch you irregardless. The three letter agencies are increasingly everywhere. From processor manufacturers; Intel to CA Authorities; Verisign.

But catching you means investing in a good and talented forensic and legal team. Resources are scarce. They have to make choices. So if the cost of catching you is greater than the damage you make, you are left alone. You are sent annoying letters. A random opportunist who wants to exploit the law and rip you off might take the golden opportunity. But if the damage you make the industry in the long run is greater than the cost of catching you, you'll get got in a few months. The internet is a large place and you probably fucked up years or a decade ago leaving pieces of yourself in your uniquely fingerprintable machines. I'm sure there is some incriminating information about you lying around somewhere. In the event of an indictment, a VPN service provider might consult with lawyers and weigh the risk of taking on your case.

They might want the publicity. Any publicity is good publicity they say. Sometimes the lawyers will tell the board, "we can't win the case." And nobody really wants to go to jail or lose their cash cow for you and your 100 € p.a subscription.

@duketwo

This comment has been minimized.

Show comment
Hide comment
@duketwo

duketwo Jun 16, 2018

The article itself is pretty awkward to read. Some of the opinions make up for it at least. @nukeop

duketwo commented Jun 16, 2018

The article itself is pretty awkward to read. Some of the opinions make up for it at least. @nukeop

@mmendescortes

This comment has been minimized.

Show comment
Hide comment
@mmendescortes

mmendescortes Jun 16, 2018

Dude, change the title...

There are uses for a VPN... Like setting up a bridged network to link computers... I used a bridged VPN with DHCP and a Squid proxy in order to unify my local machines with my cellphone and any computer I might need to use while traveling... This way I can access files, ssh and other services from anywhere in the same way I do in my home...

Yes, you said truths...

But this post title is a bait! It nearly discouraged me from using a vpn... A while ago, when I was trying to find a way to unify my machines, servers and mobile devices, I saw your post and it nearly made me give up the idea for using a VPN...

Please, change your title...

Dude, change the title...

There are uses for a VPN... Like setting up a bridged network to link computers... I used a bridged VPN with DHCP and a Squid proxy in order to unify my local machines with my cellphone and any computer I might need to use while traveling... This way I can access files, ssh and other services from anywhere in the same way I do in my home...

Yes, you said truths...

But this post title is a bait! It nearly discouraged me from using a vpn... A while ago, when I was trying to find a way to unify my machines, servers and mobile devices, I saw your post and it nearly made me give up the idea for using a VPN...

Please, change your title...

@jcanfield

This comment has been minimized.

Show comment
Hide comment
@jcanfield

jcanfield Jun 17, 2018

As most of the commenters pointed out, the title is misleading. Yes, you point out Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does. but you could still change it. Maybe Reasons not to use VPN Services (Outside of their intended purpose) or something. Just a thought.

As most of the commenters pointed out, the title is misleading. Yes, you point out Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does. but you could still change it. Maybe Reasons not to use VPN Services (Outside of their intended purpose) or something. Just a thought.

@Piv475

This comment has been minimized.

Show comment
Hide comment
@Piv475

Piv475 Jun 27, 2018

I know nothing of the ins and outs of VPN VPS TOR etc. But the simple way of looking at all of them if you expect to hide your activity is: how difficult is it for a government agency to form a vpn? they already do it and you may be using it. Do not be fooled into thinking "they can't do that, it would be illegal" (I am ex special forces and believe me they do many things that are not legal, it is all about being found out, and they have far greater resources than you will ever have). It is a collective information center for corruption and illegal activities. You all then use it, sell your wares, buy your dope, whine about spies, worry about information theft, steal films and music, whatever it is that you feel the need to hide. If you cant hide it yourself, it is not to be trusted.

Piv475 commented Jun 27, 2018

I know nothing of the ins and outs of VPN VPS TOR etc. But the simple way of looking at all of them if you expect to hide your activity is: how difficult is it for a government agency to form a vpn? they already do it and you may be using it. Do not be fooled into thinking "they can't do that, it would be illegal" (I am ex special forces and believe me they do many things that are not legal, it is all about being found out, and they have far greater resources than you will ever have). It is a collective information center for corruption and illegal activities. You all then use it, sell your wares, buy your dope, whine about spies, worry about information theft, steal films and music, whatever it is that you feel the need to hide. If you cant hide it yourself, it is not to be trusted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment