The most secure VPN :)

Why not hide it in a get well soon grandma card. No thief dares to mess with grandma's cards.

 

They are very smart here. No way.

 

You don't think that you're identifiable when you use a unique username/password combo to logon to your VPN?

 

Just a curiosity guys, what is the sense to pay a VPN using bitcoins when anyway our isp is perfectly able to see that we are using a vpn. Why cant we pay for it normally? Thanks for the answer

In my opinion use ppal to buy bitcoins would make it even more suspicious or i am wrong?

 

Bitcoins purchased by cash and sent via a one time use wallet is untraceable, as long as the connection is cloaked. Destroy the wallet immediately and then don't return. No mixing needed.

Regarding the ISP knowing you use a VPN. Really? Research "partition of trust" and how using multiple providers leaves the ISP in the dark as to VPN usage. It also leaves your exit node vpn provider in the dark as to the original IP. The theory is to spread out the risk by requiring the collaboration of several providers in order to track the connection backwards. And that even assumes you are on your own ISP account to start with. Open wifi everywhere around here. LOL!!

 

I just use PayPal, why? I don't care if my ISP/PayPal knows I'm using a VPN. I also don't use my VPN for illegal activities, so why go through the extra effort when there is no real world benefit, VPN software is not against the law, so why care?

 

@HungryToLearn

To amplify on Palancar's answer, some of us use more than one VPN service, routing one through another in nested chains. So the ISP and other local observers just see connections to the first VPN in the chain, and websites etc just see the last VPN in the chain. If there are three or more VPNs in the chain, the middle ones don't know the end ones. Choosing VPN providers prudently in different spheres of influence reduces the risk of collaboration.

Under those circumstances, money trails are the major risk for all but the first VPN. So it's prudent to pay with cash through the mail, or thoroughly anonymized Bitcoins. By "thoroughly anonymized", I mean Bitcoins passed through multiple mixing services, using multiple independent Multibit wallets in Whonix instances (connecting through Tor). You should use a different Multibit wallet to pay each VPN provider, so the payments aren't linked through the wallets.

 

Because an investigation can start *at* the VPN provider, and can point to you through payment records. That's different than you being the initial target, where, yes, your ISP knows you use a VPN, and which one, based on entry IP addresses.

PD

 

Sorry guys im trying to learn more about chains vpn but i have a doubt, what about torrenting? I mean if i want to torrent using a vpn i have to set up my utorrent with ONE vpn parameters, so in this case its useless to chain 3 or 4 vpn because i can only use one of them to set up my utorrent, or i am wrong? Sorry im trying to understand

 

The VPNs aren't running in the same machine. The utorrent client connects through the final VPN in the chain, which is the inner one topologically. I've explained all this several times already on Wilders

 

I am just starting to seriously look around for a good VPN, So if someone can point me to a VPN that offers the following, it would be greatly appreciated.

1. One that won't leak DNS information
2. One that provides excellent DNS spoofing protection.
3. High encryption
4. Minimal logging
5. One that respects user privacy.
6. Offers excellent speeds
7. With excellent customer support
8. Good reputation

I live in the US, if this helps any.

 

BolehVPN.

 

Thank you very much, I'll take a look at them.

 

PIA have responded to my questions regarding why they don't supply a Private Client Key - (client.key) or TLS Auth Key - (ta.key).

From this response my take away is that the crypto is not affected by the lack of these 2 files. Using just a ca.crt and config file reduces resource usage server side for no hit on the security/integrity clients side.
Does the lack of these files equal vulnerabilities server side that can be exploited to "unmask" the end user ? I don't think so....

I feel this goes a big way in explaining why not only PIA but several other reputable non logging VPN services only supply the 2 files (ca.crt and config).

On a side note, fair play to PIA customer support center for the response and explanation

 

Thanks

That's consistent with my understanding.

Overall, it's a tradeoff. There's less server load per client connection without client.crt (and client.key). However, the server is more vulnerable to DOS attacks without them. If you're not expecting attacks, that's OK, and you can have more clients per server, and charge less. On the other hand, using more resources per client connection is prudent if you are expecting attacks.

Yes, thanks

 

So iVPN is regularly recommended here, though I find their site's SSL configuration lacking for such a pricey provider:
https://www.ssllabs.com/ssltest/analyze.html?d=www.ivpn.net

In the config download, they include ca.cert, client.crt, client.key and ta.key. However they are available outside of login area and seem to be the same for everyone. I also refreshed the site and downloaded it a second time, the ZIP file got a different name but the files are exactly the same. Shouldn't client.key be unique and secret?