Don't use VPN services.

vpn.md

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

Why not?

Because a VPN in this sense is just a glorified proxy. The VPN provider can see all your traffic, and do with it what they want - including logging.

But my provider doesn't log!

There is no way for you to verify that, and of course this is what a malicious VPN provider would claim as well. In short: the only safe assumption is that every VPN provider logs.

And remember that it is in a VPN provider's best interest to log their users - it lets them deflect blame to the customer, if they ever were to get into legal trouble. The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over.

But a provider would lose business if they did that!

I'll believe that when HideMyAss goes out of business. They gave up their users years ago, and this was widely publicized. The reality is that most of their customers will either not care or not even be aware of it.

But I pay anonymously, using Bitcoin/PaysafeCard/Cash/drugs!

Doesn't matter. You're still connecting to their service from your own IP, and they can log that.

But I want more security!

VPNs don't provide security. They are just a glorified proxy.

But I want more privacy!

VPNs don't provide privacy, with a few exceptions (detailed below). They are just a proxy. If somebody wants to tap your connection, they can still do so - they just have to do so at a different point (ie. when your traffic leaves the VPN server).

But I want more encryption!

Use SSL/TLS and HTTPS (for centralized services), or end-to-end encryption (for social or P2P applications). VPNs can't magically encrypt your traffic - it's simply not technically possible. If the endpoint expects plaintext, there is nothing you can do about that.

When using a VPN, the only encrypted part of the connection is from you to the VPN provider. From the VPN provider onwards, it is the same as it would have been without a VPN. And remember, the VPN provider can see and mess with all your traffic.

But I want to confuse trackers by sharing an IP address!

Your IP address is a largely irrelevant metric in modern tracking systems. Marketers have gotten wise to these kind of tactics, and combined with increased adoption of CGNAT and an ever-increasing amount of devices per household, it just isn't a reliable data point anymore.

Marketers will almost always use some kind of other metric to identify and distinguish you. That can be anything from a useragent to a fingerprinting profile. A VPN cannot prevent this.

So when should I use a VPN?

There are roughly two usecases where you might want to use a VPN:

1. You are on a known-hostile network (eg. a public airport WiFi access point, or an ISP that is known to use MITM), and you want to work around that.
2. You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters.

In the second case, you'd probably just want a regular proxy specifically for that traffic - sending all of your traffic over a VPN provider (like is the default with almost every VPN client) will still result in the provider being able to snoop on and mess with your traffic.

However, in practice, just don't use a VPN provider at all, even for these cases.

So, then... what?

If you absolutely need a VPN, and you understand what its limitations are, purchase a VPS and set up your own (either using something like Streisand or manually - I recommend using Wireguard). I will not recommend any specific providers (diversity is good!), but there are plenty of cheap ones to be found on LowEndTalk.

But how is that any better than a VPN service?

A VPN provider specifically seeks out those who are looking for privacy, and who may thus have interesting traffic. Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be.

So why do VPN services exist? Surely they must serve some purpose?

Because it's easy money. You just set up OpenVPN on a few servers, and essentially start reselling bandwidth with a markup. You can make every promise in the world, because nobody can verify them. You don't even have to know what you're doing, because again, nobody can verify what you say. It is 100% snake-oil.

So yes, VPN services do serve a purpose - it's just one that benefits the provider, not you.

---

This post is licensed under the WTFPL or CC0, at your choice. You may distribute, use, modify, translate, and license it in any way.

---

Before you comment: Be aware that any non-constructive comments will be removed. This includes advertising for VPN providers (yes, even when you phrase the marketing claims like a question), trolling, harassment, insults towards other people, claims that have already been addressed in the article, and so on.

If your comment isn't a genuine question or a concrete counterargument supported by evidence, it probably doesn't belong here.

Perhaps the reason ExpressVPN messed up the user's network connection is due to a proprietary client modifying network settings to try to prevent the OS network stack from bypassing their tunnel.

I don't see the point of VPNs. Like what's the difference between a VPN & a free public proxy ? VPNs are just a glorified paid proxy that pretends to be private. Caz you don't run the VPS by yourself & donno whether the service really doesn't keep logs.

You wanna bypass geo restriction ? Just use public proxies man. If you're using VPNs to hide yourself, good luck with that.

If I need anonymity, I use Tor. Either the Tor Browser, or the Tails OS, both of which forget everything when closed.

For geo-restrictions, proxies might only be good enough for static websites, as they may not allow streaming media or other high bandwidth loads.

There are lot of proxies that can allow js too. It's just that the limitations are in bandwidth.

@madgoat It's kinda hard to believe you when you're shilling for the lowest ranked so-called VPN for privacy and security.
Firstly, they've never had a truly independent audit. Parent companies often own auditors or pay them for a good score. Second, Nord is a literal data broker. The entirety of your VPN traffic, data collected from your device about location, bluetooth, wifi, any type of data the app can wrestle permission out of you for, any data the app can wrestle from the OS behind your back, including pictures, videos, or even your whole filesystem, is all sent through Google Analytics. At BEST, Nord isn't keeping logs on their end, which by the way, they have to keep short term logs and then keep them long term upon government request, to comply with the laws of the countries they operate in. But regardless, Nord as a company is a data broker. Their parent company, a data broker. The fact you can ONLY connect through a PROPRIETARY app and, unlike almost every other supposedly safe VPN, you ABSOLUTELY cannot connect using a standard protocol, is a sure sign that they're using key replacement to decrypt.
PIA, Express, and Ghost are an example of one company owning multiple VPN services, AND their parent company owns the review sites and auditors. Ya know, sites like VPN Mentor and WizCase - Those are owned by the parent company of Express, PIA, and Ghost. The sites that Nord owns are harder to pin down, but it's clear that Nord and Kape (Express/PIA/Ghost) own review sites and auditors.

this is the most annoying thread on github, my email is being spammed by it and every time i take a look here i lose another braincell, im in the negatives already, jesus fucking crist, get a life

this is the most annoying thread on github, my email is being spammed by it and every time i take a look here i lose another braincell, im in the negatives already, jesus fucking crist, get a life

Dude fucking same. And on top of that every time I click on this email thread I am always forced to read a 3 year old email from a guy who called me "an arrogant mother fucker", because that's apparently the first email I got from this thread, LMFAO!

(FYI gmail doesn't collapse the first email of a thread, a feature that is handy in many scenarios, but is now annoying as fuck only thanks to this cesspool of a thread 🤣)

OMFG!!!! why are you fucking ners so fucking retarted. of course they do that was the entire reason freevpn are made u fucking idiot. to male money. hey everybody the nerd figured out that companies like to make money. they wanted to make a very usful and attractive peice of software that a lot of ppl would want use then they would offer usage of the software for free in exchange they gain our permission to collect our data which they then sell to to hundreds of companies and marketing firms which is all perfectly ok and not nefarious or even immorall and if u werent so busy trying to soumd like a super smart fucking nerd fucking nerd you would have realized that vpn have a very specific and usefull purpose and that is to protect ur traffic and location ishidden from your modem u idiot cause if you didnt hide what ur doing on the internet from modem cause if you dont and you doing something less than legal totally can have and will shut ur internet off forever and because ur internet company is lickely a local bussiness and now have the evidence to prove that while u were both in the same town the intenet company saw u comitting illigLL ACTIVITIES ALONG WITH UR LOCATION AND THE DEVICE IDENTIVACTION DATA THAT THEY HAVE PROVEN WITH OUT A DOUBT THAT THAT DEVICE IS BEING USE BY YOU THEN THEY CALL THE COPS GIVE THEM THE EVIDENCE AND LOCATION AND THE COPS BEING SUMMONED IN THEI JURISDICTION BY A LOCAL TO BE GIVEN TETOMNY AND SIGNIFIGANT EVIDENCE PUT OUT A DOJ WARRANT FOR ARREST FOR UR ASS AND FORCE THERE WAY INTO UR HOUSE TACKLE YOU CYFF U AND THROW U IN JAIL WHICH IS VERY VERY VERY VERY LKELY TO HAPPEN IF U DECIDE NOT TO USE A VPN JUST BECAUSE IT COLLECTS YOUR DATA. U IGNORANT STUPID LITTLE MAN I HOPE U READ ALL OF THIS AND FEEL LITTERALY RETARTED ENOUGH FOR SPECIAL ED U FUCK EVER NERD EVER THAT HAS BEEN BEATEN DOWN FOR BEING A NERD TOTALLY DESERVS IT. @joepie91

Not sure if trolling or just batshit insane. Either way I'm making this into a copypasta and posting it to the subreddit. Thanks for the comedy dude 🤣😂🤣

this is the most annoying thread on github, my email is being spammed by it and every time i take a look here i lose another braincell, im in the negatives already, jesus fucking crist, get a life

Dude fucking same. And on top of that every time I click on this email thread I am always forced to read a 3 year old email from a guy who called me "an arrogant mother fucker", because that's apparently the first email I got from this thread, LMFAO!

(FYI gmail doesn't collapse the first email of a thread, a feature that is handy in many scenarios, but is now annoying as fuck only thanks to this cesspool of a thread rofl)

lmaoooooooo

unsubscribe!

…

unsubscribe!
…

do you now think i havent thought of that ? i dont think theres a way to ubsubscribe from singular threads, unless, idk

look at the bottom your your email, there is an unsubscribe link

…

------ Original Message ------ From "TruncatedDinosour" ***@***.***> To "TruncatedDinosour" ***@***.***> Cc "Comment" ***@***.***> Date 25/12/2022 16:46:15 Subject Re: joepie91/vpn.md

@TruncatedDinoSour commented on this gist. -------------------------------------------------------------------------------- >unsubscribe! >… <#> > do you now think i havent thought of that ? i dont think theres a way to ubsubscribe from singular threads, unless, idk — Reply to this email directly, view it on GitHub <https://gist.github.com/5a9909939e6ce7d09e29#gistcomment-4413152> or unsubscribe <https://github.com/notifications/unsubscribe-auth/ATM2XBBN6UQZR4HYOT7BM6TWPAUIBBFKMF2HI4TJMJ2XIZLTSKBKK5TBNR2WLJDHNFZXJJDOMFWWLK3UNBZGKYLEL52HS4DFQKSXMYLMOVS2I5DSOVS2I3TBNVS3W5DIOJSWCZC7OBQXE5DJMNUXAYLOORPWCY3UNF3GS5DZVRZXKYTKMVRXIX3UPFYGLK2HNFZXIQ3PNVWWK3TUUZ2G64DJMNZZDAVEOR4XAZNEM5UXG5FFOZQWY5LFVAZDQNJSGY3DMNNHORZGSZ3HMVZKMY3SMVQXIZI>. You are receiving this email because you commented on the thread. Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.

I think the best use case for consumer VPNs is accessing region-locked content\websites etc. In case of Russia you literally can't even pay in some websites even if you have European or American credit card and\or you are European citizen, and you've set the region to any European one. Just because of the fact that you're connecting from Russian IP.

To be honest, I use whatever seems working but only turning VPN on for specific usecases, and turning off immediately after I'm done. Everything else - yep, it's just stupid. You just giving the data to some shady unregulated VPN company instead of shady and barely regulated ISP.

look at the bottom your your email, there is an unsubscribe link
…
------ Original Message ------ From "TruncatedDinosour" @.> To "TruncatedDinosour" @.> Cc "Comment" @.***> Date 25/12/2022 16:46:15 Subject Re: joepie91/vpn.md
@TruncatedDinoSour commented on this gist. -------------------------------------------------------------------------------- >unsubscribe! >… <#> > do you now think i havent thought of that ? i dont think theres a way to ubsubscribe from singular threads, unless, idk — Reply to this email directly, view it on GitHub https://gist.github.com/5a9909939e6ce7d09e29#gistcomment-4413152 or unsubscribe https://github.com/notifications/unsubscribe-auth/ATM2XBBN6UQZR4HYOT7BM6TWPAUIBBFKMF2HI4TJMJ2XIZLTSKBKK5TBNR2WLJDHNFZXJJDOMFWWLK3UNBZGKYLEL52HS4DFQKSXMYLMOVS2I5DSOVS2I3TBNVS3W5DIOJSWCZC7OBQXE5DJMNUXAYLOORPWCY3UNF3GS5DZVRZXKYTKMVRXIX3UPFYGLK2HNFZXIQ3PNVWWK3TUUZ2G64DJMNZZDAVEOR4XAZNEM5UXG5FFOZQWY5LFVAZDQNJSGY3DMNNHORZGSZ3HMVZKMY3SMVQXIZI. You are receiving this email because you commented on the thread. Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

hm. is it for singular threads though ? im scared to get unsubscribed from all notifications

hm. is it for singular threads though ? im scared to get unsubscribed from all notifications

How do you achieve breathing? Unbelievable. I'd like to point out that there is an “unsubscribe” button at the top of this very page.

hm. is it for singular threads though ? im scared to get unsubscribed from all notifications

How do you achieve breathing? Unbelievable. I'd like to point out that there is an “unsubscribe” button at the top of this very page.

didnt look at the top, anyway, thank god, finally i can begin braincell recovery

@LokiFawkes

The fact you can ONLY connect through a PROPRIETARY app and, unlike almost every other supposedly safe VPN, you ABSOLUTELY cannot connect using a standard protocol

You might want to revise your information, or lack thereof.

• Nord allows you to connect however you want (OpenVPN, IPSec, IKEv2, etc...), you don't need their software.

they've never had a truly independent audit. Parent companies often own auditors or pay them for a good score.

• So you're telling me that PricewaterhouseCoopers is owned by Nord, and that they were paid off to make them pass? Man, if that exclusive information ever got out, that would be bad news for PWC.

Next time look into things before spewing falsities. Sure, you might not like certain companies, but there's no need to lie about them.

@madgoat Assuming their instructions even WORK (last I had even touched their site, such instructions didn't even exist because the app was REQUIRED so they could pass your traffic to their GoogleAnalytics account), there's still the fact that they lie about data handling.
There's also the fact that not entirely having to use their app does not mean they don't collect data, only that the proprietary app GUARANTEES maximum data collection. Even a company that does allow connection over open protocols can be collecting data, just likely less data than when you use their proprietary app.
As mentioned, owning an auditor is not the only way to have a conflict of interest. Money can change hands behind closed doors, and the dissonance between reality and the score given makes that clear that PWC is either dumb or paid for. Pick your poison.
For privacy, data collection, and data collection disclosure, Nord is among the worst rated for a reason. It's run by, say it again, a data broker.

Using a virtual private network (VPN) improves the security of your social media accounts by encrypting your internet connection and masking your IP address and location. This can make it more difficult for hackers to access your sensitive information and can protect your privacy when using social media. However, you should not relay on VPNs alone are for social media security, you need to be aware of many other security tips for securing your social media accounts.

No. Pretend VPN do not improve security in any way. Please read the article you're commenting about that explains why they are not security tools at all, and stop puking marketing dump from those snakeoil vendors.

@aptblog Ad bot spotted. VPN services (glorified proxies) do not improve your security. In the age of HTTPS and DoT/DoH, your attack surface is on the client end and the server end. The attack surface is nowhere in the middle. At best, a man in the middle might get the hostname of a service you're connecting to at the handshake in the beginning of a TLS connection, a connection that could last from seconds to years, and that's if a method of encrypting the SNI (ESNI, ECH, etc) is not being implemented. Since the Web2 era, in which most sites are hosted on just a few servers, IP addresses are kinda useless for spying on users.

Things you can do to protect your browsing habits at home from being discovered by a MITM such as a hacker or your ISP:
Use DoT or DoH. DoT is superior for security and more lightweight, but browsers typically require DoH to implement ECH, the current encrypted SNI standard. Though currently they also hide this feature behind a config flag, too.
Enable ECH in your flags, even if you won't be able to use it due to your DNS configuration.
Set up a recursive resolver in your LAN, configure it to connect to other DNS servers via DoT. This server will cache your queries for a predefined length of time known as a Time To Live (TTL), either the TTL of the DNS record or the TTL the resolver has set globally, whichever is shorter. Hard mode: Use reverse-proxy software to implement DoH with this server as the DNS server, enabling you to use ECH on your favorite browser (they really should enable this for using DoT as well)

By encrypting your DNS queries and minimizing the amount of queries that reach WAN, all people see is you connecting to servers that usually host multiple domain names. By encrypting the Server Name Indicator, even the TLS handshake between you and a site will contain no usable data. At that point, only you and the site you connect to have any idea what's going on. From there, browser extensions that block ads and analytics further protect you. You can also blackhole certain hostnames on your resolver to minimize tracking where browser extensions aren't an option (mobile, for example) though that can come with its own set of functionality penalties.

Without the hostname, if a server hosts multiple sites, nobody knows what you're actually connecting to. They might be able to guess that yl-in-f101.1e100.net is probably an edge server for google.com, but they wouldn't be certain that the site is google.com and not, for example, just a site using Google's cloud services as a CDN.

@LokiFawkes Agreed. At least I hope. His primary arguement is directly addressed by OP.

@aptblog "(VPN) improves the security of your social media accounts by encrypting your internet connection and masking your IP address and location."

vs

@joepie91 " VPNs can't magically encrypt your traffic" & "Your IP address is a largely irrelevant metric in modern tracking systems."

also,

@joepie91 "claims that have already been addressed in the article... doesn't belong here."

Defense in depth approach for security and VPN & Social Media Account Security.

Defense in depth is a security strategy that involves implementing multiple layers of defense at different points within a system or network. The goal of defense in depth is to make it more difficult for attackers to compromise the security of the system or network by requiring them to bypass multiple layers of defense.

Defense in depth is needed now more than ever as more employees work from home and as organizations increasingly rely on cloud-based services and social media is a weak human link in security.

Some examples of different layers of defense that might be included in a defense in depth strategy include:

Physical security measures, such as locks and security guards, to protect against physical attacks.
Network security measures, such as firewalls and intrusion detection systems, to protect against network-based attacks.
Application security measures, such as input validation and authentication controls, to protect against attacks targeting specific applications or services.
Data security measures, such as encryption and access controls, to protect against unauthorized access to sensitive data.

A virtual private network (VPN) is a network technology that creates a secure, encrypted connection between a device and a VPN server.

This can provide several benefits, including:

Privacy: By routing traffic through the VPN server, a VPN can hide the device's IP address and make it more difficult for third parties to track the device's online activity.
Security: The encrypted connection provided by a VPN can help protect against various types of cyber threats, such as man-in-the-middle attacks and data leaks.
Geo-blocking: Some websites and services are only available in certain countries. By connecting to a VPN server in a different country, a user can "trick" these websites into thinking they are located in the allowed country, allowing them to access restricted content.

VPN is only one component of a defense in depth strategy, and it should be used in combination with other security measures to provide the greatest level of protection.

Defense in depth for a social media account:

Choose strong and unique passwords: Use a password manager to create strong, unique passwords for your social media accounts, and enable two-factor authentication (2FA) if it is available. This will help protect against password-based attacks, such as brute-force attacks or credential stuffing.

Be cautious with links and attachments: Be cautious when clicking on links or downloading attachments from unknown sources, as these can potentially be used to deliver malware or phishing attacks.

Use privacy settings: Use the privacy settings provided by the social media platform to control who can see your posts and personal information.

Be aware of scammers and impersonators: Be aware of scammers and impersonators who may try to trick you into giving away personal information or money.

Use antivirus software: Install antivirus software on your devices and keep it up to date to help protect against malware.

Avoid sharing sensitive information: Be mindful of what personal information you share on social media, as this information could potentially be used to target you with attacks.

@aptblog The application of VPN technology in a defense-in-depth strategy involves using an actual VPN, not a "VPN" service. VPNs are used in a defense in depth strategy to connect employees to a private network, not to serve as a proxy for their WAN traffic. When it does function as a proxy, this is to keep custody of that traffic until it goes to the WAN, not to dance around the globe via an untrustworthy third party. This way, if something leaks to WAN, it leaks through the company's private network, and is either stopped by the firewall or cannot be sniffed by the employee's home ISP.

If you are using a VPN service rather than a company VPN for your defense in depth strategy, you've defeated your whole security model.

The doctrine of defense in depth is also outdated.
For example, "strong" passwords are often short but use a wide character range instead of being long. They're not memorable, they're easy for machines to bruteforce, and they're plagued by the need to write down passwords or save them in a password manager. Passphrases are king.
For another example, antivirus software as we know it is ineffective. The most effective antivirus for Windows is Defender, with many commercial offerings actually spying on you, bypassing Defender (it disables itself if you have another AV installed) and leaving doors open for malware whose developer has bribed them for whitelisting to get through. The most effective antivirus for macOS is in fact is the Gatekeeper/Notarization/XProtect stack built in to macOS. As for Linux, there is no real AV offering (just about every offering you see for Linux is either a scam or a Windows AV scanning on Linux) and the method of defense is to patch out vulnerabilities and never give anyone but designated administrators administrative privileges. Just like macOS, a password is needed when escalating to admin power, and you must be in the admin wheel to escalate.

@LokiFawkes actual VPN and VPN as service discussion is similar to choosing "Private Cloud" vs "Public Cloud".

Windows Defender a built-in antivirus software for Windows operating systems is generally effective at detecting and protecting against viruses and other malware. However keeping your OS up to date with the latest security patches and updates, enabling virtualization-based security, and using cloud storage service to store your important files and documents adds extra layer to security.

The doctrine of defense in depth is a military strategy that involves positioning defensive forces at various levels or depths in an area in order to create multiple layers of defense. While the specific tactics and technologies used in defense in depth may change over time, the fundamental principles behind this strategy remains relevant.

The doctrine of "Defense in depth" can be applied in a variety of contexts, including military, cybersecurity, and critical infrastructure protection.

Doctrine of defense in depth can also be applied to emotional security or personal security.

Here are some ideas for how to build a defense in depth for emotional security:

Identify and address sources of stress: Identify the things that cause you stress, such as work, relationships, or financial issues, and take steps to address them. This might involve seeking support from friends and family, seeking therapy, counseling, finding ways to manage your workload more effectively.

Practice self-care: Take care of yourself physically and emotionally by getting enough sleep, eating well, exercising, and engaging in activities that bring you joy.

Build a support network: Surround yourself with people who are supportive and who you can turn to for help when you're feeling overwhelmed or distressed.

Develop coping skills: Learn techniques for managing your emotions and coping with stress, such as deep breathing, meditation, or journaling.

Seek professional help if needed: If you're struggling to cope with stress or negative emotions on your own, consider seeking help from a mental health professional or a health coach.

@aptblog No, actual VPN vs VPN service is similar to choosing self hosted vs public cloud.

Audits of antivirus software showed the best to be Defender, which also happens to be the one that comes with Windows. Currently, as OS developers put their money into providing an antivirus, they've proven to be the best to turn to when protecting the OS they develop. Virtualization-based security is typically not needed unless you're downloading shit from Softonic, and even then, most malware you'll be worrying about can break the hypervisor or simply get sufficient permissions from the user for the hypervisor not to be a threat to its goal.

Cloud storage is not a form of security. You're thinking of backup, but also, it's not a form of backup either. It's not an archival service, it's a centralized sync service. Centralizing your files to Muh Cloud can actually make it easier for malware to destroy your data thoroughly enough that without a real backup you'll be unable to retrieve it.

If the doctrine of defense in depth hasn't embraced long passwords, it's outdated. End of.

Is protonvpn trustworthy? There is no way to confirm it to be trustworthy but they seem so legit :( https://protonvpn.com/blog/is-protonvpn-trustworthy/

Is protonvpn trustworthy? There is no way to confirm it to be trustworthy but they seem so legit :( https://protonvpn.com/blog/is-protonvpn-trustworthy/

I would be curious to know if OP read anything especially convincing in their lists of reasons to trust them.

I vote for my all-time favourite VPN. StreamVPN is an excellent virtual private network (VPN) service that offers its users a fast, secure, and private internet browsing experience. The service is easy to use and has a user-friendly interface that makes it easy for even those new to VPNs to navigate.

One of the standout features of StreamVPN is its ability to bypass internet censorship and geo-restrictions. With servers in multiple locations, users can easily connect to a server in a different country and access content that may be restricted in their region. This makes it an ideal VPN for users who want to stream content from other countries or access websites that may be blocked.

Another great feature of StreamVPN is its strict no-logs policy, which ensures that user activity and connection logs are not stored. This means that users can enjoy a high level of privacy and security while browsing the internet.

StreamVPN also offers fast connection speeds, which is essential for users who want to stream high-quality content or engage in online gaming. Additionally, the service offers excellent customer support and has a dedicated support team available 24/7 to assist users with any issues they may encounter.

Overall, StreamVPN is an excellent VPN service that offers its users a great mix of privacy, security, and functionality. It is a reliable and efficient VPN that is well worth considering for anyone looking for a top-quality VPN service.

I vote for my all-time favourite VPN. StreamVPN is an excellent virtual private network (VPN) service that offers its users a fast, secure, and private internet browsing experience. The service is easy to use and has a user-friendly interface that makes it easy for even those new to VPNs to navigate.

One of the standout features of StreamVPN is its ability to bypass internet censorship and geo-restrictions. With servers in multiple locations, users can easily connect to a server in a different country and access content that may be restricted in their region. This makes it an ideal VPN for users who want to stream content from other countries or access websites that may be blocked.

Another great feature of StreamVPN is its strict no-logs policy, which ensures that user activity and connection logs are not stored. This means that users can enjoy a high level of privacy and security while browsing the internet.

StreamVPN also offers fast connection speeds, which is essential for users who want to stream high-quality content or engage in online gaming. Additionally, the service offers excellent customer support and has a dedicated support team available 24/7 to assist users with any issues they may encounter.

Overall, StreamVPN is an excellent VPN service that offers its users a great mix of privacy, security, and functionality. It is a reliable and efficient VPN that is well worth considering for anyone looking for a top-quality VPN service.

Says someone that just subscribed to Github. It seems more an advert/affiliate link.

I vote for my all-time favourite VPN. StreamVPN is an excellent virtual private network (VPN) service that offers its users a fast, secure, and private internet browsing experience. The service is easy to use and has a user-friendly interface that makes it easy for even those new to VPNs to navigate.

One of the standout features of StreamVPN is its ability to bypass internet censorship and geo-restrictions. With servers in multiple locations, users can easily connect to a server in a different country and access content that may be restricted in their region. This makes it an ideal VPN for users who want to stream content from other countries or access websites that may be blocked.

Another great feature of StreamVPN is its strict no-logs policy, which ensures that user activity and connection logs are not stored. This means that users can enjoy a high level of privacy and security while browsing the internet.

StreamVPN also offers fast connection speeds, which is essential for users who want to stream high-quality content or engage in online gaming. Additionally, the service offers excellent customer support and has a dedicated support team available 24/7 to assist users with any issues they may encounter.

Overall, StreamVPN is an excellent VPN service that offers its users a great mix of privacy, security, and functionality. It is a reliable and efficient VPN that is well worth considering for anyone looking for a top-quality VPN service.

Bot detected 1000000%

So, Mullvad isn't trustworthy?

Trust Mullvad as far as you can throw it. Don't expect it to keep your network traffic a secret any more than any other service, though it does have less data-broker baggage than many others.

You can somewhat trust some rare VPNs as some of them made their canary tactics public and you can observe how the VPN/company interacted with other court orders in the past.

e.g. Mullvad and Proton

Basically, if they have logs, they just hand them encrypted jargon, if they have no logs, then nothing can be given.
This gist is somewhat right but too pessimistic.

99% of people use VPNs for geolocation bypass (Netflix or living in an authoritarian regime) or p2p torrenting, which are fairly valid use cases.

I'd say Mullvad, Proton and iVPN are trustworthy considering what I've seen from their responses and what happened during equipment seizures.

List of garbage VPNs that are to be avoided 100%:

• GhostVPN: Owned by ex-malware company
• PIA: Now owned by ex-malware company
• Tunnelbear: Owned by McAfee
• PureVPN: Lied about not keeping logs
• Windscribe VPN: Lied about encryption
• HideMyAss: Lied about not keeping logs
• DoubleVPN: Lied about not keeping logs
• EarthVPN: Lied about not keeping logs
• ProtonVPN: Garbage apps.
• Hola: Malware

Of course, never trust VPNs that are mass-peddled on YouTube channels.

It's all very circumstantial and somewhat "no brainer". Kind of like how you'd trust pCloud to harbor sensitive data but never Google Drive. But you can circumvent the whole thing by running Cryptomator on your Gdrive folder contents locally.

You just have to be smart about it.

As far as the best one, it definitely goes to Mullvad. You don't even need an identity tied to your payment method.

What if we use openvpn and connect to free vpn providers like https://www.freeopenvpn.org/index.php?lang=en. is that safe?

I mean i am just looking to watch anime on pirated sites like gogoanime. and i don't need a letter knocking on my door.

@ranazain0009 Looks like all these vpn indicated in the website are logging all consumer traffic and personal data that's stored in their DB. Is that true or am I paranoid? Just because you pay them, doesn't mean that they will be ethical. Still giving them all the power to sell or use your info for nefarious purposes...

Just a thought, please correct me if I am mistaken.

They most certainly won't log "all consumer traffic" as it would be way too much to store. Not even the NSA does that or would be capable of holding all that stuff.

If at all, it will be the meta-data about the connection itself.

Paranoia? Depends on your use case. I'd claim that for a little P2P, etc. ANY will do it as "investigations" in that regard will stop at the first visible IP-address and as long as it is not your easily accessible ISP, I'm yet to hear of any case where they took the effort to follow up the chain. If you plan "more" or your safety is a stake like being a Snowden, then cascade several up to your personal level of paranoia. ;)

literally shit for brains

Don't make careless arguments about VPNs as a useless or harmful service. Deprecating VPNs as "glorified proxies" is more sensationalist than accurate, as they are completely different in measures of bandwidth and encryption strength. Joepie91 does not consider that a main usage of VPNs is to prevent deep packet inspection and evade censorship. Plentiful VPNs are a reason why censorship is dead. If you are in a f#@&'ed up place with f#@&'ed up internet and want to read the Washington Post or stream some CBC Radio, a VPN works.

As one who has lived and worked in f#@&'ed up places with f#@&'ed up internet, VPNs are useful. I don't trust commercial VPN services either, and advocate usage of one's own VPS to run something like Wireguard. Streisand or Algo are tools for making the setup easy. Let me rephrase my point: VPNs are useful for circumventing internet surveillance and censorship imposed locally or regionally. For a higher level of trust, use your own server to avoid the pitfalls of commercial services.

If you are doing something risky, you need a solution requiring zero trust. Use Tor, Lokinet, or I2P (and a hardened browser) for anonymity. If you don't want your data accessed, use end-to-end encrypted services. As mentioned in this thread, there are some very good messaging applications which have strong E2EE and smartly written implementations. Briar, White Mouse, Element come immediately to mind.

Thank you for coming to my Ted Talk..

If you want to read WaPo something in your life is really fucked up already. For tasks described above any regular socks-proxy is more than enough.

@AB9IL So what you're saying is,
VPN services are a glorified proxy.
They don't provide privacy, only a very shallow and easily defeated evasion of censorship. Any proxy (and that's what these services usually are anyway) can do that. But again, that's all you're doing, is getting around geofilters until you're discovered.
No security or privacy benefit is involved. And that's what this gist is about.

@nukeop Your ISP knows your IP address. The site you go to knows your IP address or the IP of the server you're proxying through. Those are the only two parties that could normally track you by IP address. And neither does.

This is because your IP address is useless garbage information in the current internet structure. Clients have dynamic IP addresses, v4 uses NAT to combat the limited address space, meaning you can only identify a home or place of business at best, and IPv6 is currently poorly managed. Hell, my ISP gives me my own range of IPv6 addresses and somehow I still can't retain the addresses themselves. If a machine loses connection, or I lose internet connection, it's back to the drawing board and trying to set static addresses will just screw things up worse. Likely so they can sell a business plan that costs 10 times as much.

Servers often host multiple sites on one address, even sites owned by different people. So IP addresses are virtually useless for determining what site you connected to as well.

ISPs look for DNS requests and unencrypted client hello messages. They also source records from popular DNS providers. They also know if you're using a popular proxy service like NordVPN, and often are buying data from data brokers that own these proxy services.

That hello message, by the way, can still lead the people snooping between your proxy and the site back to you, to know you visited it. It's not as easy as if it came directly from you, but it still works.

Then there's the endpoint you're connecting to. They make a fingerprint of your browser, try to install cookies in your browser, and employ many other tricks to track you not only on their site but across sites and apps. Your IP address is not involved in that process.

Finally, a man in the middle cannot get the contents of your communication with the site. From the time you're done saying hello, to the time the encrypted connection is closed for good, an observer would need your private key and the site's private key to know what the hell you two are saying to each other. It's like listening to dialup. Just like how you'd need a demodulator to listen in on a dialup connection (even one that isn't encrypted), and without one you just hear noise, an observer cannot make heads or tails of a TLS connection.

With a private DNS server, either on your local network or over DoT/DoH, and a browser that will let you use ECH with a private server, nobody knows who connected to what site except you and the other party. And if you're worried about the site tracking you, don't worry, they already are, even if you don't have an IP address at all. It doesn't matter if you're communicating over TCP/IP or carrier pigeon. There's no turnkey solution to stop them tracking you. You have to use your brain, reject all conveniences, and leave your identity at the door. Only static webpages with JS disabled and cookies rejected for you, as well as a predetermined canvas size that makes you look like all the Tor Browser users out there.

privacytools/privacytools.io#1760 (comment)

Sounds like an american problem to me. Most of these things are outlawed in civilized countries.

Ahh yes. America; the country that brought the entirety of the planet standards of living up by a factor of 10, won 2 world wars, and was the primary country that said NO to slavery in the previous century; is not civilized. Privacy, torrenting, and VPN's are the only reason that places which do NOT have the ability to speak of atrocities (China, Venezuela, North Korea{if anyone can get a computer and is smart enough to figure this stuff out they will for sure will be able to access the unfiltered web} are some modern examples thanks to this kind of technology. Meanwhile our standards of speech lead Alexander Solzhenitsyn to be able to wildly publish his book, "The Gulag Archipelago". This book was one of the direct contributors to the downfall of the USSR; as he was able to show the world an inside look at what the Soviet's war machine looked like.

Not to mention the audacity to come onto a thread about VPN's; which are the only way that some people are able to see the outside world at all, and say something as profoundly ignorant as "most of the things that stop mass genocide are outlawed in the countries that originally sponsored some of it".

Stop it. Get help.

Lol, this is your mind on CIA propaganda. Check what happened to Gary Webb and Edward Snowden.

Don't think I am oblivious to the fact that the three letter agencies in the US are traitorous entities. But to throw out the entirety of the US, and say that we are uncivilized because we have privacy and protection laws? HA! Enjoy communism, Marxism, Socialism, Totalitarianism, and all the other "Ism's" there are; because freedom of speech is the Sword of Damocles to any Tyrant.

nukeop

so your argument is that because people are in jail, that we have no freedom of speech? point to me the political dissidents within the country that are currently in jail because they spoke ill of the governmental bodies in place

It's always easy to talk about things you don't know. In North Korea there are white lists of IPs you are allowed to connect to. Everything else are just dropped. It's pretty dumb and straightforward but no workaround exists. You can't pull routs out of your ass where they don't exist.
And in China shadowsocks is rather popular socks-proxy. But it's not a VPN and there are good reasons for that.

Alex Jones has to pay 6 gorillion dollars for his freedom of speech

alex jones had a lawyer that accidently emailed private conversations between him and AJ to the opposing defense team.
he also was up for deformation, in saying that no one was killed in Sandy Hook. News flash, they were.
He is a misinformation agent that is a MOSSAD plant. he purposefully tells you the truth, but twists it into a narrative. his job is to make people look crazy. and he does a fantastic job at it too.

he also; is not in jail. so please. try again. im very interested in understanding your logic on this.

i was speaking as to people in NK. the government does issue computers to its citizens, but they are incredibly limited on what they see, and we are incredibly limited on what we see. what im saying is if a NK official who has unrestricted access (a hacker) can figure out how to setup a VPN, he more than likely could, because he would be able to get the information. from that point he could see the whole web.

i am, however; not an expert in this field, and will defer to others on their expertise.

dont forget that they even developed a video game at one point
https://en.wikipedia.org/wiki/Category:Video_games_developed_in_North_Korea

He is a misinformation agent that is a MOSSAD plant.
his job is to make people look crazy.

I wonder if this is fruits of his labour or you are just so... unique on your own...

He is a misinformation agent that is a MOSSAD plant.
his job is to make people look crazy.

I wonder if this is fruits of his labour or you are just so... unique on your own...

if you know; you know

Kids, now you see the effects of propaganda of success being forced on people for their entire lives. Americans truly believe their dystopic police state is a paradise on earth. You see, wikipedia has no information on north korean videogames; therefore amerimutts are the best.

im still waiting on proof of concept for your political dissidents.

not once did i claim America was a paradise. it has its problems like everywhere else does. but please; continue to say nothing, and put words in my mouth. if you want to know why I personally believe it is better than other countries; look at the tax rates (our highest tax rate overall is still lower than any other country on the planet) and healthcare (not its insurance system but the actual quality itself. people come from all over the world to get healthcare here) is, broken; but top of the line for the ones that have insurance. (not to mention most hospitals will treat you if you're not an American citizen, with American citizens tax dollars). not to mention freedom of speech; which is full circle back to what this whole conversation started on!

do you think NK is a wonderful place? go live there! they'd happily take you, as target practice once you approach the border.
my comparison was not to their quality of life, but as to how development does go on in the country with computers; and that people there may or may not have an ability to see the outside world.
you may have an issue with dyslexia and contextual information if you're struggling with that.

im trying to ask you a serious question. please. inform me, how we are all brainwashed and controlled by the system because we have a judicial system that operates. tell me which American in our country is a political prisoner. if you refuse to and continue to just take jabs at me; while providing no proof of anything. I'll just block you

Kids, now you see the effects of propaganda of success being forced on people for their entire lives. Americans truly believe their dystopic police state is a paradise on earth. You see, wikipedia has no information on north korean videogames; therefore amerimutts are the best.

I am laughing at your idiocy. Either you must be a troll, or it must be a birthright to write such a comment unironically.

If the best you can say is that it's in some aspects better than North Korea then the bar isn't set very high

You clearly aren't interested in an intellectual conversation 😂😂. I never said this. Not once.

Kids, now you see the effects of propaganda of success being forced on people for their entire lives. Americans truly believe their dystopic police state is a paradise on earth. You see, wikipedia has no information on north korean videogames; therefore amerimutts are the best.

I am laughing at your idiocy. Either you must be a troll, or it must be a birthright to write such a comment unironically.

I choose to apply Hanlon's Razor with nukeop. He is right about one thing. The CIA loves to disinform people. He clearly has been affected.

do you think NK is a wonderful place? go live there! they'd happily take you, as target practice once you approach the border.

You mean like this? https://en.wikipedia.org/wiki/Migrant_deaths_along_the_Mexico%E2%80%93United_States_border

Ok and when the border is open this problem gets worse because human trafficking of children goes up.

If people followed a legal process VS leaving it up to Cartel Cyoties women and children over the border who end up victims of SA and Rpe

But no. Open border clearly is the way to go. Turn on any TV channel and you'll see that.

Also no one tries to shoot you for traveling internationally

USA: The country that heroically overcomes problems unknown in any other country

Keep watching that TV

Nuke. Your all over the board bro. Bring it back to the start of the conversation.

Show me any political dissonant who have been locked up In the US. Any US citizen who is being held and not given his rights.

@nukeop If you want to play argumentum ad hominem, your profile says "fullstack software developer".

Nobody outside of HR cares about that term, at all. It's a term people who can't name what they do use to describe their skills, or lack thereof, in a favorable manner.

@nukeop It's so commonly used that anyone actually in tech knows you need to go into more detail or we throw out your application and tell our recruiters to stop sending people like you to us.

What do you write? What languages do you use in this "full stack", what do you use for backend, what do you use for frontend? Is your frontend HTML and JS or is it a generated page? Is your backend PHP, Node, Python, Java, C++, Rust(tm), etc? What do you use for SQL, or do you even use SQL? And finally, what do you specialize in?

Fail to answer any of these, or arrogantly say "all of it", and you're blacklisted from applying for a fucking year.

Lol ok

am curious as to why you deleted your previous comments....did you recognize your arguments fallacy?

No, I recognized that Github is an am***can service and as such, heavily censored, and I don't want to risk my account. Please stop sealioning

I haven't heard that term before. But looking it up; just sounds like a defense that someone throws out when they have no logical backing to their argument. Especially because I have no intention of bad faith in the argument. I would of love to have heard your reasoning to a logical conclusion. Especially since you were the one that initiated the topic of conversation in the first place.

Your a victim of your own creation. You know that; right?

I wish you would stop talking and leave me alone

—
Reply to this email directly, view it on GitHub or >unsubscribe.
You are receiving this email because you commented on >the thread.
Show quoted text
@nukeop commented on this gist.
The message you're not getting is that nobody wants to talk to you
Show quoted text

You basically call me an idiot and expected me to just lie down and take it. Well bless your heart. Americans don't work that way. I'll stop replying once you stop replying. Till then I'll just keep quoting you.

@nukeop commented on this gist.
Yes I already know that americans are brainwashed, obnoxious, and clueless. No need to drive the point home buddy

Wow you just continue to be oblivious too! You're not superior to anyone. Just as I am not superior to you. Clearly I have more common sense. But you just keep making fun of people; on a place where it won't go away. And where your future comments could be looked at as "doesn't cooperate well with others"

I'm not here to troll you. I'm just going to continue to hold up a mirror untill you've decided you've had enough.

Btw. Hope your having a wonderful day. God loves you brother.

I accept your concession.

I hope things get better for you

is there a French fork of this file please?

VPNs will hide what you do from ISPs, at least.

It seems most people don't know anything about proxy servers, but VPN concept was popularized by YouTubers. And the 'glorified proxy' part is just ignored as something vague and inexplicit.

@2gn Not really. ISPs buy data from data brokers, which own almost all if not all the "vpn" services (which again are just proxies that maybe, MAYBE use a protocol meant for actual VPNs). Literally all they're good for is getting around geofilters and not a damn thing else.

It seems most people don't know anything about proxy servers, but VPN concept was popularized by YouTubers. And the 'glorified proxy' part is just ignored as something vague and inexplicit.

Actually it is in more recent years that VPN companies have approached YouTubers with sponsorship deals.

From Nigeria with love.

We got another shill: @vpnsguru

Aaaand @nukeop steps back in the shill ring.

Keep shilling, you only have your reputation to lose... If that.

Talking to yourself? Cause you're the only mad one here.

Install Sponsorblock: https://sponsor.ajay.app/ Why would anyone watch videos with sponsor segments?

This doesn't address the issue, it sweeps it under the rug.

The article is rather short but you still failed to read it till the end. Well done.

Sunshine, you fail to understand the difference between using VPN in general and using VPN SERVICE. I highlighted the important word for you, but there is not much hope it'll make any difference.

I use both VPN and proxy all the time, but I set it up myself on a small VPS.

I don't know what it supposed to mean. I deleted my Reddit account back in 2020 when Americans were caught up in BLM hysteria. Reddit admins always have been completely fucked in the head but at that moment they've outdone themselves.

@phr34k0 Assuming you're not talking out your ass (you are), it begs the question, why chain when you can just use Tor or I2P

hello

@phr34k0 Assuming you're not talking out your ass (you are), it begs the question, why chain when you can just use Tor or I2P

@LokiFawkes Dude ever heard about entry and exits nodes? try selling yo momma on TOR and watch CIA bust down your door. Nodes can be watched or controlled. This happens all the time. TOR routing is secure but not to the exit nodes.

It's always fascinating to see the discussion of true professionals.

@T0asti3 Firstly, if you're going through exit nodes, you're as insecure as if you're using a proxy service. NordVPN ain't gonna protect you any more than a malicious exit node, even if you've chained three NordVPNs.
Second, with Tor and I2P, you don't have to pay anyone or reveal your identity to anyone to use onion routing. There are very few proxies that might behave hands-off and that let you gain service without revealing yourself. And the ones, or really one, I'm speaking of, doesn't like to be chained.
And even the one I spoke of, still wouldn't recommend for privacy so much as obscurity for basic IP filters.
If you want privacy through an overlay network, you need that overlay network to not be owned by any third party. Tor and I2P for example, completely decentralized, at least in terms of design. I2P is better at staying that way, but less accessible, while Tor gained popularity by connecting to exit nodes by default to let you access the clearnet through Tor.
The endgame is you shouldn't have to exit the overlay network through anything you can't trust.
Some people actually use I2P with an outproxy into Tor instead of using Tor or I2P directly to the clearnet. Some people go as far as setting up a Tor outproxy on I2P using a server they got pseudonymously and use that as their outproxy wherever they go.
Try to sell your mom on Tor, you've just revealed yourself. Try to sell people who don't exist on Tor, you've got yourself a worthwhile scam.

I can confirm beyond any doubt that vpns do not work. They do not mask your identity. You are just throwing money away using them. If you really want to not be tracked don't conduct activity that would get you on the radar.

Yes listen to the shill throwing slurs. Speaking from experience with federal police no VPNs do not work. But hey gotta respect the hustle to get kickbacks from trying to convince people to sign up.

VPNs are very much useful for "when should I" argument 2.
My ISP would frequently squeeze traffic to known public trackers, which hasn't been an issue ever since I started using glorified proxies. And it also helps circumvent blocks on certain sites, which is precisely what I need it for.

As such, a third point to note is "when you need access to services or resources that you can't reach through your current network or ISP."

Sunshine, you fail to understand the difference between using VPN in general and using VPN SERVICE. I highlighted the important word for you, but there is not much hope it'll make any difference.

I use both VPN and proxy all the time, but I set it up myself on a small VPS.

For me, my VPN lives inside my router and gives me remote access to my connected devices.

For me, my VPN lives inside my router and gives me remote access to my connected devices.

And this is what I like to call, an actual VPN.

Some questions:

But I want to confuse trackers by sharing an IP address!

Your IP address is a largely irrelevant metric in modern tracking systems. Marketers have gotten wise to these kind of tactics, and combined with increased adoption of [CGNAT](https://en.wikipedia.org/wiki/Carrier-grade_NAT) and an ever-increasing amount of devices per household, it just isn't a reliable data point anymore.

Marketers will almost always use some kind of other metric to identify and distinguish you. That can be anything from a useragent to a [fingerprinting profile](https://panopticlick.eff.org/). A VPN cannot prevent this.

Just suppose my ISP doesn't use CGNAT but I keep my IP for weeks, and my browser doesn't allow fingerprinting because only fake data is sent. If I visit different websites without VPN, the fingerprint is always different but I have the same IP, what sense does that make, you can not track easier?
If I use a VPN and / or proxies, I get a different IP every day that I share with thousands of other people and always have a different fingerprint. What should not work in this practice?

When using a VPN, the only encrypted part of the connection is from you to the VPN provider. From the VPN provider onwards, it is the same as it would have been without a VPN. And remember, the VPN provider can see and mess with all your traffic.

Yes, but how can an outsider see which of the thousands of users is accessing which websites? The data streams that go in cannot be assigned to the decrypted streams that go out. Thus, you have 1000 defendants when someone fucks up.
Before the question is answered again with "But the VPN provider knows everything", please read my last question.
The VPN provider can know everything, but does not have to.

Because a VPN in this sense is just a glorified proxy. The VPN provider can see all your traffic, and do with it what they want - including logging.

The ISP does that too and sells the data and you can't always choose the ISP. A VPN provider that shares data with its customers without obtaining their consent is acting illegally and committing a crime itself. The ISP writes it in its terms of service.

And remember that it is in a VPN provider's best interest to log their users - it lets them deflect blame to the customer, if they ever were to get into legal trouble. The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over.

Wouldn't it be much easier to tell the authorities "Sorry I can't identify my users because I have no logs! I can only provide all users as a list"? It would never come to a criminal complaint, how do you want to prove a specific person did a crime? For what reason should the VPN provider here can be legally prosecuted, as long as no law requires that I do not log my users, which in turn must then be written in the terms of service?

@M-um-p-i-t-z Exactly as stated: The IP address is a useless metric these days.

Firstly, good luck actually setting up a browser that flies under the radar like that. If you sign in anywhere, your browser will be tracked, your new fingerprint will be tracked as long as you stay signed in or sign in again.

Marketers employ many different methods of tracking. From the classic cross-site tracking cookie, to the modern fingerprinting methods we know today. You basically aren't safe from this unless you're using Tor Browser (with or without actually using the Tor network) and not signing in anywhere.

As long as you're signed in, or allowing cookies, or allowing javascript, or it's able to get actual canvas sizes, etc from your browser, no proxy in the world can protect you.

The VPN provider that shares data of its customers without obtaining their consent is actually protected by silver tongued legalese in the terms of service and gag orders in the law.

It is in fact not easier to tell the authorities, "Sorry I can't identify my users because I have no logs!". That's a good way to get in trouble with 14 Eyes surveillance laws. And no, those surveillance laws are not limited to the 14 core nations of the Eyes. Most nations of the world are in on it without increasing the number of "eyes" in the name, and even if your company is from another country, if you have servers in an Eyes country, you're subject to their laws.

If they can't directly command you by law to conduct mass surveillance, they can hold you accountable for "letting" your users commit what these countries consider to be crimes. Such as journalism, protests, or god forbid being Fr*nch.

I think the IP part is confusing people because first the post says "You're still connecting to their service from your own IP, and they can log that." then later it says "Your IP address is a largely irrelevant metric in modern tracking systems. ". I think the confusion is because joepie91 is talking about tracking by the government in the first one, and tracking by advertisers in the second one. It might be a good idea to clarify that.

@LokiFawkes It depends on the fingerprinting software. Some include your IP address, other people don't. Either way, there is more to fingerprinting than your IP address. Here's a test site many people use: https://coveryourtracks.eff.org/

Edit: Actually the original gist already links to this site

@Naleksuh Yeah, it seems a lot of people are confused by the concept of attacking the same assertion from multiple angles.

Firstly, good luck actually setting up a browser that flies under the radar like that. If you sign in anywhere, your browser will be tracked, your new fingerprint will be tracked as long as you stay signed in or sign in again. Marketers employ many different methods of tracking. From the classic cross-site tracking cookie, to the modern fingerprinting methods we know today. You basically aren't safe from this unless you're using Tor Browser (with or without actually using the Tor network) and not signing in anywhere.
Since some time Firefox prevents exactly these practices with its tracking protection, each domain has its own memory here where no other domain can access and if you use containers in addition, even the domain gets a different memory in each container.
As long as you're signed in, or allowing cookies, or allowing javascript, or it's able to get actual canvas sizes, etc from your browser, no proxy in the world can protect you.
With each domain the browser fingerprint changes and remains valid for this domain until the browser is closed but each container has different fingerprints for the same domains and another IP.
The VPN provider that shares data of its customers without obtaining their consent is actually protected by silver tongued legalese in the terms of service and gag orders in the law.
My government's laws prohibit the unstoppable storage of connection data. There must be a reasonable suspicion of a serious crime and there must be a suspect, not just thousands of VPN users because someone might have done something wrong.

It is in fact not easier to tell the authorities, "Sorry I can't identify my users because I have no logs!". That's a good way to get in trouble with 14 Eyes surveillance laws. And no, those surveillance laws are not limited to the 14 core nations of the Eyes. Most nations of the world are in on it without increasing the number of "eyes" in the name, and even if your company is from another country, if you have servers in an Eyes country, you're subject to their laws.
Why should a company get into trouble with the secret service if it complies with the laws in force in its country, where no one has to store any data. And if it would be so easy to get companies to record, why does even the NSA have its own department that deals with cracking VPN connections?
Be honest, if the secret service is looking for you, it will find you, no question, but who is wanted by the secret service?
The only danger you are exposed to when using VPN or even Tor is that you are swimming in a pot together with a few criminals, the price is not too high for me to protect my privacy.

What's the point of fingerprinting if my fingerprint changes every 30s? And what's the point of tracking if I block tracking scripts and ads?

@M-um-p-i-t-z I can answer your entire response by answering your last sentence. You're not protecting your privacy. This is called the action bias.

But sure, if you think Firefox is protecting you by changing your fingerprint, go ahead and double check with the EFF.
No, it's not.

You have to set everything manually, make your canvas generic (thereby also limiting the screenspace in your browser or glitching certain graphics), and put every tab in a container. And even then, it's still not enough.

I'm a firefox user, with container tabs, strict privacy settings to the point that about:config is unrecognizable from the original, whole nine yards. And yet sites still find ways to worm cross site cookies across the containers. It's a neverending arms race, and the one thing they're not concerned with, is the IP address.

@nukeop Let's pretend you aren't the butt of the joke in this entire thread. Just for a second.
To what are you referring?

@nukeop
You did not answer. To what are you referring?
Have you forgotten that it is you who knows less than nothing on the topic as you have proven multiple times in this thread?

Also, github gists is a discussion platform.

@nukeop You did not answer. To what are you referring? Have you forgotten that it is you who knows less than nothing on the topic as you have proven multiple times in this thread?

Also, github gists is a discussion platform.

You know nukeop is a vpn shill right. Likes to attack anyone calling it out on it's grift. Ignore it and it will go away.

I agree. though I use one, because i trust it more, travel and torrenting

@LokiFawkes

@M-um-p-i-t-z I can answer your entire response by answering your last sentence. You're not protecting your privacy. This is called the action bias.

But sure, if you think Firefox is protecting you by changing your fingerprint, go ahead and double check with the EFF. No, it's not.

What is this supposed to prove? But I did it for you with the result that I double check on two days with 3 containers with different IPs from VPNs and I get 3 Yes in every single tab on both days. Tor Browser also. Seems like u have a mass of changes in about:config, that you look unique to the side. I am not. And your IP can be tracked, so they do so. Whether this is relevant or whether you do not want to believe it is irrelevant. So stop spreading such generalizations, they are not true.

A few comments:

• I think you are being to harsh on VPN services here. I understand that we cannot know for sure if a specific VPN provider is not logging you, but I wouldn't go so far as to say that none like that exist. It's a bit of a gamble, maybe, but sometimes that's better than nothing.
• Additionally, I use a free VPN service to access geo-blocked content and to bypass network restrictions. I don't really trust it's privacy value, given that it's free, but for my purposes I'm content with that. And also, being a free tier of an otherwise paid service, it has an nice-looking and intuitive UI, much more than can be said for many open source projects.

Overall, given that VPNs provide benefits outside of privacy, and that privacy may very well be also provided, I think VPNs, even paid ones, have their place. But I don't think that this should detract from your argument that with no verifiability, VPN privacy may often be false advertising.

I am pretty sure the main selling point of VPN services is to use IP ranges of foreign countries in order to circumvent being caught when doing illegal file sharing. Copyright holders work together with local authorities and local authorities can request user information from local internet providers. As long as the user's IP is from a country where there is no cooperation between authorities in this regard, copyright holders will not even try. So it does not even matter if there are logs or not. Even if, at one point in time, authorities would work together and if there are logs, chances are that the user's IP addresses are not stored anymore by the users actual internet provider or that the case becomes time-barred. Furthermore as long as there was not a single case of mass charges against VPN users, those users will keep using VPNs.

I think users that understand enough of IT to know what a VPN service is and that are able to use it and only use it legally for privacy and against tracking are quite a minority.

I use VPN (OpenVPN with Pihole), with a private/ dedicated ip address, on a private VPS server, only to hide my traffic from my ISP (ISP's have the biggest share in selling data), to hide my true location for the websites I visit, to block ads and to block sites like facebook, google from tracking me... and to log my own network activities. In this way I have found a virus on my computer sending packages of information every hour to a certain host. Legally they could find out what websites I visit, but a VPN adds another threshold for them to find out. Don´t give them (legal agencies) any reason to track you down. Doing something illegal on the internet is extremely stupid, even with a VPN.

quite a lot of comments and discussions, apparently there is no complete solution.
Except acquiring a service from some server in a corner of Eastern Europe. XD

Mullvad VPN is easily the best

Hello everyone.

These same questions that can be asked here about the cloud's open source. It is contradictory that open software works in cloud like sass (software as a service) or baas (backend as a service) etc. Because, in theory, we do not have access to any source code and the control of this server.

Some people have created the software license as AGPL for this. Although the company distributes the software to AGPL, you can never check which function is being performed. First, because we have a feeling of arrest, because you don't have the money to execute the software with your own infrastructure (hosting, physical server). And second, because we have the feeling of not knowing the future direction of the cloud product or service.

Just as we cannot trust VPNs, I don't think we should trust cloud services that uses open license as AGPL, MIT, GPLv2, GPLv3 etc. Does these concerns of mine make sense?

This approach is parroted in various MSM articles but doesn't address all the potential concerns. I trust VPN providers more than my ISP. I see no evidence that I should trust my ISP by default even if they don't MITM me. They would know every single domain I connect to on all of my devices if I didn't tunnel my traffic. Why can't I find an explanation of how my data is used/stored on their site?
https://www.privacyguides.org/en/basics/vpn-overview/#should-i-use-a-vpn

Yeah, it's a list of defeatist, often false or easily refuted bullet points written in a style of total confidence, which to some impressionable people may look like competence. Some of the bullet points are actually strawmen that nobody who uses VPNs would argue.

Why can't I find an explanation of how my data is used/stored on their site?

Can you find something like that on the site of you favourite VPN service?
Have you actually read articles that short summary on privacyguides.org is referring to?

Mullvad is the only good VPN services
Either that or tor

Mullvad is the only good VPN services Either that or tor

ivpn is pretty good too
check out https://www.ivpn.net/blog/why-you-dont-need-a-vpn

A valid reason for VPN is by NOT want to hide your VPN but make sure you connect with a trusted one, IE if you have a dynamic IP and need to go to a firewalled site, this might be a very valid point. Another valid point can be Geolocation barriers, IE many content providers block based on your countries IP. The other points are pretty valid by the way. For real privacy use Tor and make sure that you don't login with accounts that you also use on your normal connection.

"A VPN provider specifically seeks out those who are looking for privacy, and who may thus have interesting traffic. Statistically speaking, it is more likely that a VPN provider will be malicious or a honeypot, than that an arbitrary generic VPS provider will be."

Can I see that statistic and your dataset?

^
I'm pretty sure this is why most people need a glorified proxy service.

^ I'm pretty sure this is why most people need a glorified proxy service.

Precisely. I cannot believe the idiocy of morons on the internet with the idea that there is some way to outsmart intelligence agencies with the smartest people on the planet working together stacked against them. That there are thus conversely certain activities that "expose" one to said agencies. We need legislation to fight this battle on the same scale that this violation of user privacy operates on.

Leaked NSA documents prove that they are powerless against TOR and have been since its inception.

@5aturnius

Precisely. I cannot believe the idiocy of morons on the internet with the idea that there is some way to outsmart intelligence agencies with the smartest people on the planet working together stacked against them. That there are thus conversely certain activities that "expose" one to said agencies. We need legislation to fight this battle on the same scale that this violation of user privacy operates on.

The smartest people on the planet generally do not work for government agencies, because they pay less than private companies. The ones that do not care so much about money often have a problem with intelligence agencies and work for the science mostly at universities. Still, they have very good people and apart from probably not being the smartest people on the planet, they have money and power. That is probably not enough to hack security standards like VPN or encryption algorithms, but they can force companies to cooperate by legislation or pay companies to get into systems or pay to get software or hardware vulnerabilities to hack into systems.

That being said, you do not use VPNs to outsmart intelligence agencies that work together against you. If you are really so criminal or unlucky that you want to hide from intelligence agencies, then you use VPNs or better TOR in order to not draw any attention to yourself, so they won't even start to work against you.

Dumbest article ever. Completely glosses over the utmost mission to privacy Mulvad has, or the fact that Private Internet Access is court-tested.

utmost mission to privacy

Someone can type that unironically. Fascinating.

Someone can type that unironically. Fascinating.

Someone can be this dumb unironically. Fascinating.

You can pay for Mulvad by sending in a letter with cash money. All you get back (and what they know) is an account number.

Private Internet Access has been audited too, btw : )

Anyway, I'm done here. Anyone reading this will realize how moronic this article is and just sign up for a good VPN.

Byee

OK. For those who can read unlike that chap.
PIA is a US based company. It will obey US laws by definition no matter what. Furthermore the company still uses physical drives to store user data, and those drives can be ceased by authorities.

Mullvad is better in that regard. But Sweden is a member of 14 Eyes Alliance and not a completely safe jurisdiction for a VPN provider.

Anyway, I'm done here. Anyone reading this will realize how moronic this article is and just sign up for a good VPN.

I cannot speak for everyone, but the aggressiveness in your writing makes me stay away from Mullvad.

Your arguments also make me trust less. „Sending a letter with money“ is trying to tell a potential customer, that you have no private data, so nothing could ever happen. But that only distracts from the fact, that you cannot prove that there is no logging. If Mullvad logs account number with real IP, „money in a letter“ does not help at all.

Even if there were court decisions in the past with no log files, or audits, that does not change the fact that a VPN is always able to implement logging in the future for all or specific customers. You can also disable logs for audits and turn them on afterwards. Also, how can we trust the auditor?

There is no way for a VPN provider to prove that there are no logs, so the article makes fully sense. The fact that you call it „moronic“ without providing good arguments, just makes the article even more convincing.

@BrodyDoggo I can explain this. The purpose of a VPN is to provide a tunneled connection into a private network. It's like a proxy, except you can traverse firewalls and connect to devices over any port or protocol through it. In a proper VPN, you even get your own IP address in the private network. However, this is not how clearnet VPN services like NordVPN or ExpressVPN work. Even when they use real VPN protocols, they're just putting you into a NAT network and hiding you behind one IP address, their IP address. Essentially, the same as a proxy. They can control what ports you get to use, what protocols you get to use. Essentially, the same as a proxy. At best, with no restrictions on ports and protocols, you'd be looking at something called a SOCKS proxy. In many actual VPN setups, you might even set your virtual network adapter that's connected to the VPN, as a SOCKS proxy to prevent direct access to the clearnet. But these VPN services you see out there range from web proxies to SOCKS proxies, advertised as being more private than a proxy, and often come with proprietary apps that strip SSL so they can collect and sell your browsing habits. They even advertise this SSL-stripping function as virus protection, when in reality, their VPN cannot protect you from viruses even by stripping SSL (though if they're honest they can try), but it can make them money by collecting data. By stripping SSL, typically by replacing your root certificate so your browsing happens in an encrypted form that they can read but outsiders still can't, they not only can get your browsing habits beyond just IP addresses and DNS requests, but they can also harvest metadata AND the payload of the connection, including passwords and other personally identifying information that would have otherwise been transmitted without a man in the middle. So really the difference between a VPN and a proxy is the P in VPN - private. If it doesn't provide a tunnel to a private network, it's not a VPN, regardless of what protocol it uses or what its name is. VPN - Virtual connection to private resources like company servers Also a VPN - Virtual connection to your company or home's private network, doubling as a proxy for the clearnet Not a VPN - A tunnel to a web proxy, branded as a VPN, meant to look like you're browsing from the server you connected to rather than from where you are

If you still want to call these VPNs, the distinction would then be between Virtual Private Networks and Virtual Public Networks.

Is there any difference to them on a local perspective, like isp traffic protection and such?

Overquoting should be punishable by death.

@maoydev Between not having a proxy and having one? Not really.
Without these services, most your ISP will know is what IP you're talking to, and currently between CDN centralization and Web2 "just trust the cloud" centralization, too many services share the same IP addresses with each other for it to really matter. Aside from that, if they're clever they may catch the SNI at the start of your connection. They still can't make anything of it if you have a bunch of ongoing sessions. Once ECH catches on (and browsers start supporting ECH while using a nameserver of your own choosing), that vulnerability will be dead too. You stand to lose more privacy than you stand to gain when trusting a Virtual Public Network.

Hmmm the lone vpn simp is still at it. Almost like she gets kickbacks for each service sold.

Thinking logically, do you genuinely believe that the government would allow a means of hiding your ISP they themselves couldn't track?

Can you keep unhinged conspiracy theories out of the thread? You're not making your side look sane

Do you believe the government would allow a product they couldn't track? Yes or no? The likes of Tom Clancy and Richard Marcinko discussed communications security and spying. I would side with the experts over a shill who decries any criticism of VPNs.

I visited IP vanish for coverage. I made it through paying for the first month then I was blocked because of Cloud flare and my email

VPNs are shared, VPSes themselves (not the host) are not, so your VPS gets tied to you - not great for privacy, is it? VPNs are great for bypassing censorship in countries like China with censorship problems and you don't need to setup your own to do that, it's kinda overkill.

Dumbest article ever. Completely glosses over the utmost mission to privacy Mulvad has, or the fact that Private Internet Access is court-tested.

It doesn't touch on bypassing censorship in restrictive countries either.

so your VPS gets tied to you - not great for privacy, is it?

You get an external IP or IPs from a pool of that VPS-provider. I don't see much difference.

VPNs are great for bypassing censorship in countries like China with censorship problems...

It can be done with limited success and the result is far from great.

You get an external IP or IPs from a pool of that VPS-provider. I don't see much difference.

Sure, I can explain with difference. With a VPS, that IP is specifically tied to you for as long as you are renting that VPS. With a VPN, there is a shared pool of IPs where any individual IP can be used by multiple people at the exact same time - that's the difference. IPs are shared, not dedicated/unique.

It can be done with limited success and the result is far from great.

I guess we just disagree on this, then. VPNs are very important to these types of countries.

IPs are shared, not dedicated/unique.

Well, it's possible to choose another IP from the same pool after a while. I don't think a smaller pool compromises your identity that much but may be I'm wrong.

VPNs are very important to these types of countries.

I live in such country. The connection speed of VPN is tolerable most of the time but sometimes it slows to a crawl. And from time to time all VPN traffic, including wireguard protocol, is blocked for several hours for some reason. And there is nothing I can do on my end. Choosing another VPN provider doesn't make any difference. In these cases shadowsocks proxy with the server side on VPS works slightly better but not by much.

Well, it's possible to choose another IP from the same pool after a while. I don't think a smaller pool compromises your identity that much but may be I'm wrong.

You aren't understanding my point. Two or more people can have the same IP address at the exact same time with a traditional VPN service, whereas rolling your own VPN via a VPS means that public IP address assigned to you is only used by you and not anybody else (since you are the only one using the VPN and you are also the one responsible for hosting the VPN). That's part of why traditional VPN services claim "anonymity", because multiple people can be using the same public IP address at the exact same time, you don't know "who" is really using it. In theory, with a traditional VPN service, you could have dozens or hundreds of people using the same public IP address at the exact same time.

Well, it's possible to choose another IP from the same pool after a while. I don't think a smaller pool compromises your identity that much but may be I'm wrong.

You aren't understanding my point. Two or more people can have the same IP address at the exact same time with a traditional VPN service, whereas rolling your own VPN via a VPS means that public IP address assigned to you is only used by you and not anybody else (since you are the only one using the VPN and you are also the one responsible for hosting the VPN). That's part of why traditional VPN services claim "anonymity", because multiple people can be using the same public IP address at the exact same time, you don't know "who" is really using it. In theory, with a traditional VPN service, you could have dozens or hundreds of people using the same public IP address at the exact same time.

Most hosting providers will sell you additional IPs for your VPS at €1/mo and you can rotate your IPS all you want (and get completely new ones every month). And you can share your VPN with as many people as you like. So for the cheapest €13/mo N**dVPN plan you can get a server with like 10+ IPs, share with all your friends and even sell it if you want.

When multiple people use 1 IP, the service you are connecting to doesn't know that. So if it tracks an IP, it tracks it the same way regardless if it's from a VPS or VPN. Your VPS could as well be a VPN host used by thousands of people. That's why no service identifies users by IP. Even your home network IP will change (unless you're paying for one that doesn't). I won't even start talking about mobile data IPs.

If you want 1000% anonymity, you can't get that with anything online. If someone really really wants to know who you are, they can. "No log" VPNs have proven to have logs in the past, and if you don't control the VPN yourself to know for sure, are you willing to risk your 1000% security requirement based on trust in a corporation? And if you have a VPS, authorities can always find who you are through the VPS hosting provider. You can't get a new internet subscription without the ISP knowing who you are, so that's out of the options as well.

Furthermore, any service that really wants to, can easily block access to all VPS or VPN etc IPs. How? Every IP belongs to an ASN and all ASNs are publicly registered. Is the ASN a residential ISP? Or is it an ISP for data centres?

Don't waste money on VPN. Waste significantly less money on VPS.

Except that many VPS providers are very stingy on IP allocations and will require you to provide justification before they sell you any more IPs. Linode for instance even calls out certain reasons like multiple website domains as not valid excuses because virtual servers and SNI allow multiple sites to share an IP.

They are a lot more generous with IPv6 but of course that cannot connect without a proxy to IPv4-only endpoints.

Most hosting providers will sell you additional IPs for your VPS at €1/mo and you can rotate your IPS all you want (and get completely new ones every month). And you can share your VPN with as many people as you like. So for the cheapest €13/mo N**dVPN plan you can get a server with like 10+ IPs, share with all your friends and even sell it if you want.

Hosting providers can be pretty strict about this actually, you'd be surprised.

When multiple people use 1 IP, the service you are connecting to doesn't know that. So if it tracks an IP, it tracks it the same way regardless if it's from a VPS or VPN. Your VPS could as well be a VPN host used by thousands of people. That's why no service identifies users by IP. Even your home network IP will change (unless you're paying for one that doesn't). I won't even start talking about mobile data IPs.

Sure, that's fair, but a VPS is much less likely to be used as a VPN host than an actual VPN host itself with it's own rented/purchased dedicated hardware. A VPS is much more likely to be a 1-to-1 type of situation.

"No log" VPNs have proven to have logs in the past

Except for the ones that have, you know, literally been tested in court. Of course, that's not to say that they won't change it in the future, but still better than having it not tested at all.

Furthermore, any service that really wants to, can easily block access to all VPS or VPN etc IPs. How? Every IP belongs to an ASN and all ASNs are publicly registered. Is the ASN a residential ISP? Or is it an ISP for data centres?

Sure, but a lot of companies will avoid this because they realize there are countries with horrible censorship and don't want to punish legitimate users from those countries.

One thing I agree with you 10000% on, if you want 1000% anonymity, don't go online - it really boils down to that, it's always possible to find out who you are if someone really wants to.

Ultimately, VPNs and VPSes have different use cases and provide different functionality. I feel like people want to hate on VPNs because it's cool to do so (although I admit there are legitimate criticisms of VPNs), but they actually do have legitimate uses like easily avoiding censorship in countries with heavy censorship and they can work pretty well for this because people do use them for this.

Hosting providers can be pretty strict about this actually, you'd be surprised.

No reasonable providers are. Especially if they don't give you port 25 by default (used for SMTP and sending mail). Hosting providers would only be hurt if you use their IPs to send spam mail and get them into blocklists and unusable for other clients for mail.

Sure, that's fair, but a VPS is much less likely to be used as a VPN host than an actual VPN host itself with it's own rented/purchased dedicated hardware. A VPS is much more likely to be a 1-to-1 type of situation.

That's true, but the target service doesn't know whether you're using a VPS or not. And I'd recommend sharing your VPS-installed VPN with friends who would rather trust you than a corporation.

Except for the ones that have, you know, literally been tested in court. Of course, that's not to say that they won't change it in the future, but still better than having it not tested at all.

The only objective of VPN companies, as all other companies, is to make money, forever if possible. You can never trust a company wants what's best for you. And if you truly want security/anonymity, you don't want any trust in the equation.

I agree with what you just said, with the caveat that if you are the owner of the VPS then you become responsible for what your friends do via that VPN, rather than the responsibility falling on the VPN host company itself when using a traditional VPN service. That's one way I would think traditional VPN services would still be superior (and also ease of use since with VPN services you just download an app vs setting up your own VPN server).

...they can work pretty well for this because people do use them for this.

People use them because they have no other choice, not because of their sheer greatness.

On a side note , have tried to use Linode for a week, hated everything about them. From at least 5 fucking minutes to restart a tiny server to their retarded political activism.

On a side note , have tried to use Linode for a week, hated everything about them. From at least 5 fucking minutes to restart a tiny server to their retarded political activism.

And it's expensive. For under €4 Hetzner cloud gives you a better server with 20TB transfer. OVH currently has a promo at $1/mo for a year (but only 100 Mbps bandwidth, but I think it's unmetered). For around €5 Contabo has 4 core 6GB RAM and 32TB traffic in case you want to put something more on it. Atlantic.Net gives you a free VPS for 1 year (3 TB transfer).

This is not an endorsement for any of the companies or their services.

What political activism?

What political activism?

Probably not supporting hate/discrimination or something like that.

What political activism?

Probably not supporting hate/discrimination or something like that.

And without a passive aggressive tone that translates to...?

What political activism?

Probably not supporting hate/discrimination or something like that.

And without a passive aggressive tone that translates to...?

I do look at their TOS and it could be this clause that is grounds for termination:

be excessively violent, incite violence, threaten violence, or contains harassing content or hate speech;

Of course many hosting providers have had something similar for ages.

That doesn't mean it's desirable. IMO that clause is there just to give them grounds to ban anyone they want if there's pressure on them. "Hate speech" is meaningless and arbitrary.

They sent me several e-mails about the importance of 'hearing black voices' or with similar cheap corporate bullshit.

They sent me several e-mails about the importance of 'hearing black voices' or with similar cheap corporate bullshit.

And you decided to politicize it.

Sounds like they did.

It looks like you are this ideologically captured. Well, my condolences.
First, I don't live in US and it's not my problem Americans can't figure out why Marxism is bad for everybody. I was born and raised in USSR and it's pretty obvious to me.
Second, the only voices I care about are the ones in my head. They have some interesting ideas.

I have a feeling Godwin's about to take over any moment now.

Godwyn the Golden?

Godwin's law.