Private Internet Access VPN (PIA)

Discussion in 'privacy technology' started by luciddream, Jan 28, 2014.

Thread Status:
Not open for further replies.
  1. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    I'd like to hear opinions on them. Are they worthy of being added to the list of trustworthy vendors in here ala Mullvad, Air, etc... ?
     
    luciddream, Jan 28, 2014
    #1
  2. blinking_spirit

    blinking_spirit Registered Member

    Joined:
    Feb 21, 2013
    Posts:
    56
    blinking_spirit, Jan 28, 2014
    #2
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I think so.

    I had been critical because they don't use client.crt/client.key, and authenticate users only via username and password. But now I see that it's not problematic for users. In man openvpn:

    The warnings "using this directive is less secure" and "potentially compromise the security of your VPN" aren't relevant for VPN services. For enterprise VPNs, preventing unauthorized access is essential. For VPN services, the only risk is losing bandwidth to freeloaders.

    There's another issue about client.crt/client.key: some VPN services provide user-specific certificates. That simplifies denial of access to expired or nuked users. But it also reduces user anonymity in logs.
     
    mirimir, Jan 28, 2014
    #3
  4. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,290
    Location:
    EU
    dogbite, Jan 28, 2014
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...