Don't use VPN services.

vpn.md

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intented purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

Why not?

Because a VPN in this sense is just a glorified proxy. The VPN provider can see all your traffic, and do with it what they want - including logging.

But my provider doesn't log!

There is no way for you to verify that, and of course this is what a malicious VPN provider would claim as well. In short: the only safe assumption is that every VPN provider logs.

And remember that it is in a VPN provider's best interest to log their users - it lets them deflect blame to the customer, if they ever were to get into legal trouble. The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over.

But a provider would lose business if they did that!

I'll believe that when HideMyAss goes out of business. They gave up their users years ago, and this was widely publicized. The reality is that most of their customers will either not care or not even be aware of it.

But I pay anonymously, using Bitcoin/PaysafeCard/Cash/drugs!

Doesn't matter. You're still connecting to their service from your own IP, and they can log that.

But I want more security!

VPNs don't provide security. They are just a glorified proxy.

But I want more privacy!

VPNs don't provide privacy, with a few exceptions (detailed below). They are just a proxy. If somebody wants to tap your connection, they can still do so - they just have to do so at a different point (ie. when your traffic leaves the VPN server).

But I want more encryption!

Use SSL/TLS and HTTPS (for centralized services), or end-to-end encryption (for social or P2P applications). VPNs can't magically encrypt your traffic - it's simply not technically possible. If the endpoint expects plaintext, there is nothing you can do about that.

When using a VPN, the only encrypted part of the connection is from you to the VPN provider. From the VPN provider onwards, it is the same as it would have been without a VPN. And remember, the VPN provider can see and mess with all your traffic.

But I want to confuse trackers by sharing an IP address!

Your IP address is a largely irrelevant metric in modern tracking systems. Marketers have gotten wise to these kind of tactics, and combined with increased adoption of CGNAT and an ever-increasing amount of devices per household, it just isn't a reliable data point anymore.

Marketers will almost always use some kind of other metric to identify and distinguish you. That can be anything from a useragent to a fingerprinting profile. A VPN cannot prevent this.

So when should I use a VPN?

There are roughly two usecases where you might want to use a VPN:

1. You are on a known-hostile network (eg. a public airport WiFi access point, or an ISP that is known to use MITM), and you want to work around that.
2. You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters.

In the second case, you'd probably just want a regular proxy specifically for that traffic - sending all of your traffic over a VPN provider (like is the default with almost every VPN client) will still result in the provider being able to snoop on and mess with your traffic.

However, in practice, just don't use a VPN provider at all, even for these cases.

So, then... what?

If you absolutely need a VPN, and you understand what its limitations are, purchase a VPS and set up your own. I will not recommend any specific providers (diversity is good!), but there are plenty of cheap ones to be found on LowEndBox.

But how is that any better than a VPN service?

A VPN provider specifically seeks out those who are looking for privacy, and who may thus have interesting traffic. Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be.

So why do VPN services exist? Surely they must serve some purpose?

Because it's easy money. You just set up OpenVPN on a few servers, and essentially start reselling bandwidth with a markup. You can make every promise in the world, because nobody can verify them. You don't even have to know what you're doing, because again, nobody can verify what you say. It is 100% snake-oil.

So yes, VPN services do serve a purpose - it's just one that benefits the provider, not you.

- go troll elsewhere -

- go troll elsewhere -

The post is fine but the headline is wrong. Especially since you clearly state valid use-cases for a VPN. So, yes, there are reasons to use a VPN. (Another use-case, probably covered in 2) is access to country-restricted services like netflix, bbc, etc). You just should never rely on a VPN to guarantee your anonymity.

You just should never rely on a VPN to guarantee your anonymity

same goes for Tor or any other privacy service. you should always take as many measures as possible to prevent yourself from being tracked if you want to guarantee anonymity.

@DynamicShitposter420 You're welcome to contribute to the discussion in a constructive manner (whether agreeing or not), but if all you're going to do is attacking me and trolling, then you can go elsewhere.

The post is fine but the headline is wrong. Especially since you clearly state valid use-cases for a VPN.

Yes, and this is intentional. My experience is that, whenever any claim is made of a VPN being even remotely usable for some usecases, people immediately assume that that includes theirs. This way, people need to read and understand the actual content of the article (and its described limitations and valid usecases) before drawing a conclusion.

Additionally, the concerns for "VPN services" remain applicable. You should still self-host your VPN.

I disagree, if the use-case is avoiding DMCA letters and alike. It's way too complicated to set it up in a way so it is not tied to your name. The vast majority of torrenters lack the ability to set up a VPS (let alone make sure it's anonymous) and run VPN servers securely. A VPN provider is the better solution.

If you are not capable of obtaining a VPS anonymously, you are also not capable of obtaining a VPN anonymously, so this does not make a difference. It also still does not address the privacy concerns. If you just want to torrent and use a different service as a pincushion, then what you want is a proxy, not a VPN.

How does it matter that you're not able to obtain a VPN anonymously (we are talking about IP-address I suppose)? Your point in the original is that you're never anonymous to the VPN (which is why you shouldn't trust them). However, they don't pass on data to DMCA litigation companies (unless we are talking about HMA and alike who clearly state in their ToS that they log & pass on data).

As for proxies, how are they more secure? Also, please tell me where I get a 1Gbit proxy with unlimited traffic and ideally port forwarding, I'd definitely be using that.

Ok, but if you use TOR and VPN?

A better solution is pay voor use from usenet and torrents ,so that your no longer afraid for trouble.
Now cost VPN money.

How does using your own VPS help? It's still easy for someone to trace the IP to your VPS and then to you.