Thinking about a VPN but clueless about how it would work

I'm not saying it just passing on relevant information.

 

I hear that and just because the words FBI and CIA are used in this forum, you can bet it has already been flagged.

 

Just a couple of highlights from HMA terms,

Acceptable use policy...

Acceptable Use
You may use our site or VPN product and our services only for lawful purposes. You may not abuse our site, our VPN product or any of our services, or use them in any way that breaches any applicable local, national or international law or regulation, including, but not limited to the following:

• in any way that breaches any applicable local, national or international law or regulation;
  to upload, post, email or otherwise transmit or access any content that infringes any contract, patent, trademark, trade secret, copyright or other proprietary rights of any party.
  
  
  Logging Policy And Use
  
  If we are notified or determine that your VPN account has been used in breach of our End User Agreement (including our Acceptable Use Policy, e.g. for spamming, file sharing or other illicit activity, then we may store your VPN Data for an extended period of time beyond the normal 3 month maximum.
  
  If your account is identified by us following a notification that it has been used in breach of our terms of service, we reserve the right to suspend your account to prevent further abuse, however, in such circumstances we will never voluntarily hand over your personal data to a third party unless we are legally compelled to do so in accordance with English law.
  
  
  

 

No, they complied with a UK court order, which the FBI requested, through official legal channels.

 

Yes, as @MisterB says, it's good to compartmentalize. Your real identity can go without a VPN. Or with a different VPN. But for some sites, like banks, it's a major hassle to use VPNs. And arguably not worth it, because they know who you are for sure.

 

Ok I must be missing something altogether here. My understanding is the FBI has no jurisdiction out of the USA, only the CIA does and so how did the FBI make any official channels? If they did they broke the law.

 

Most nations have reciprocal legal cooperation agreements with each other. Even US and Russia, for standard criminal stuff. And certainly US with all EU.

It's not like CIA has "jurisdiction out of the USA". From the US perspective, sure. They just do whatever they want, as secretly as they need to be, even if they're breaking friendly countries' laws in doing so. Now that stuff, the FBI doesn't have US authority to do. But there's a gray area, I suspect.

 

The FBI has offices in London and I would imagine shares information of cybercrime including terrorism with the UK's NCA (National Crime Agency) a kind of FBI equivalent.


https://www.fbi.gov/contact-us/legal-attache-offices/europe/london-england

 

I like PIA for several reasons, but two that stand out are:

1) users can pay anonymously with many major brand gift cards, and
2) they do not keep traffic logs.

Some critics/skeptics point to the fact that they are a US-based company, but if they don't keep logs, there is nothing to subpoena.

 

Yes, and PIA did recently prevail in US court on that claim. So good on them!

 

At these times when you need to use your real identity, why don't you just exit the VPN?

 

Exactly, and seeing they state they "May" store your data past the already implemented 90 days, is of little concern, the point of concern is that they store your data at all in the first place weather its 90 days or not.
This VPN provider is to be avoided Period !

 

PureVPN recommend disabling Teredo, I only connect with IPv4, should I?

 

Yes.

 

Thank you. Done!

 

Quick question: Is this enough?

Code:

netsh interface Teredo set state disabled

 

My Windows skills have wasted away.

I would have done it in adapter properties.

 

Currently, I'm using IKEv2 protocol with my VPN.
How secure is IKEv2?

 

I'm no IPsec expert.

If it uses a key that's shared by all users, it's not secure. As I understand it, for IPsec to be secure, you must have a unique key from the provider, which isn't shared by other users. Also, it's my impression that built-in IPsec clients tend to use keys that are shared by all users, and so aren't secure. But maybe that's just a subset of devices with out-of-date IPsec clients.

 

Here's what PureVPN says:

 

OK, but see https://gist.github.com/kennwhite/1f3bc4d889b02b35d8aa

So sure, if you're using a custom PureVPN client, OK. Otherwise, beware.

 

Here is one of the commenters words of wisdom.

"Here are some things to check with any VPN provider:

1. Do you have to provide an email to have an account? You're being logged.
2. Do you have to provide a credit card? You're being logged.
3. Does the service require you to use a binary installer to gain access? You're being logged AND rooted."

Doesn't AirVPN do those three?

 

So use something like bainztzf25@b7xhj.anonbox.net via Tor. No tracking there.

So pay with well-mixed Bitcoin. No credit card involved.

So use stock OpenVPN with the config files. That's what I do, or use pfSense VMs.

All of those are possible with AirVPN. Or BolehVPN, IVPN, Mullvad or PIA.

 

Here is what I've noticed about my several VPN's.

When I'm checking for the DNS Leaks, usually it ALWAYS correctly identifies my Internet Service Provider, but no my IP address, my location, etc...
How insecure it is?

Also, one web-site with the DNS check tool said this (with everything else OK).

 

Yeah, I understand that but I can't get a refund as I've used over 3 GB data through their VPN. I've paid for two years so unless I want to throw my money away I'm stuck with them. That's OK, it's a learning experience. I'll know next time to use a more reputable provider.

Besides, from your link...