Do You Trust Your VPN? Are You Sure?

Discussion in 'privacy technology' started by mood, Feb 28, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    19,833
    Do You Trust Your VPN? Are You Sure?
    Virtual private networks are now a must-have privacy tool. But good luck figuring out which ones will actually make you safer
    February 28, 2019

    https://slate.com/technology/2019/02/best-vpn-companies-trust-privacy.html
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,721
    Location:
    U.S.A.
    :argh::'(:ouch::gack:
     
  3. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    651
    That can be a little tricky...especially in a world of 14 eyes where each country goverment agency is kissing the **** of each other. But geolocation based criteria is still better than naively believing snake-oil advertising...


    So basically, make your bet and hope for best!
     
    Last edited by a moderator: Feb 28, 2019
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,956
    You can't "trust" a VPN service. I mean, how would you know?

    Sure, if they've been around for several years, and there have been no reports about pwning users, that provides some evidence.

    So anyway, if it really matters to you -- if you really need to trust your VPN uplink -- use nested VPN chains.

    The first VPN service knows who you are, and what VPN service that you connect through it to. And the last VPN service knows what sites you access online, and what VPN service that you connect to it through. But unless the VPN services are both working with your adversary, there's no way to connect who you are with what sites you access online. Except through brute-force traffic analysis. Which the NSA can do, but not likely the FBI.

    And if privacy really matters to you, use nested VPN chains plus Tor.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,160
    My motto through and through!
     
  6. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    868
    Location:
    Land o fruits and nuts, and more crime.
    VPN's are popping up like Starbucks, on every corner. Who to trust is the big question.
    When it come to business, trust no one.
     
  7. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    651
    Also, it entirely depends of use case:

    - Do you just want to prevent your local ISP snooping you ? Heck, just rent VPS-server (cheapest ones cost few dollars a year) and setup SSH tunnel and your done (cheapskates can just use Tor).

    - Do you want to bypass geoblocking ? Ditto. No need to pay VPN-provider and believe their claims they do not log. VPS-server with SSH tunnel more than enough. (cheapskates can continue using Tor or just grab some freely available SOCKS5 proxy while being aware of risks)

    - Do you want to warez/torrent/hack or just tired of all the mass surveillance capitalism?
    Get a VPN! Several of them. And chain them together with Tor like mentioned above.

    EDIT: One way to find out if "no logging" VPN-provider is lying to you is if they have restriction
    of number of devices that can be used with their service. You can't restrict the number of device connections to VPN-provider servers without at least some logging.

    EDIT2: So instead of "no logging" or "zero logging" claims, VPN-providers should clearly state in their front page, what they log and how long. And the best one out of the bunch would be those that log the absolute minimum amount of data for most shortest time.

    EDIT3: And finally, someone should maybe keep updated list of lying VPN providers because public memory is short. So far at least HideMyAss, EarthVPN, PureVPN and IPVanish has been caught pants down of lying ...

    EDIT4: One more thing: Besides telling the truth of "no logs" VPN providers should also provide truth of fake servers (or "virtual servers" as they call them).
    Study how to pinpoint fake servers offered by VPN provider:
    https://www.andrew.cmu.edu/user/nicolasc/publications/Weinberg-IMC18.pdf
     
    Last edited by a moderator: Mar 15, 2019
  8. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    484
    Eh. I've used both AzireVPN and OVPN, and I trust them both. OVPN doesn't run with any form of permanent storage so if the server is turned off, everything is gone. AzireVPN claims to do the same.

    Probably wouldn't trust them if I had a nuclear bomb in the basement, though.
     
  9. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    993
  10. guest

    guest Guest

    Trusting or not a product is universal question, same as trusting what a cola brand is putting in their drink.

    Just do some little research, if you have any doubts , just don't use it.
     
  11. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    4,691
    Location:
    USA still the best. But getting worse!
    No one to trust or no consensus?
     
  12. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    1,558
    post #4 by @mirimir pretty much sums it up.
     
  13. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    651
    By pointing that out, writer actually managed to reinforce my avoidance of any 5-eye countries...
    And this is also why Australia (with the weakest privacy laws of the 5) passed the anti-encryption law last december.

    You don't need RADIUS for VPN to work but I would love to see how many actually use it....
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.