Do y'all use a VPN? If yes, which ones do you recommend?

mmobder

Every VPN claims that, it's not always credible

Viewpoint0232 true, they've claimed they've passed respective audit, thought I haven't checked details and decided to ask community for an experienced answer.

Is IVPN legit?

SovereignCopper I don't want to be the tinfoil guy, but this Nick Pestell seems to be a weird dude. He's from the UK (studied there as well according to his LinkedIn), now lives in Berlin, Germany, has his VPN company registered in Gibraltar while it's based in Ukraine. Uhm, what? Also, I can hardly imagine they have complied with 0 government requests. Sounds like Telegrams "0 requests". I'll investigate further, but something doesn't add up for me.

DeletedUser87 Yep, I don't know much about it, but that sounds like something he should explain 😛 Mine was just a quick check from a single source, I have no experience with IVPN other than that I've heard some positive comments here and there from the Windscribe CEO (which is a rare occurrence, if you know him a bit 😛).

I have no issues believing that a VPN has not complied with any government requests: properly done, there's barely any data to acquire about the user in question.

SovereignCopper yeah, the website you took that data from seems to be in line with their (IVPN) own transparency report. I still don't trust that guy (neither do I trust ANY VPN provider for that matter) due to the technically impossible challenge to verify their claims. There is just no guarantee any VPN is following through on their no-log policy. Fwiw I see everyone out there as just another (possibly) govt honeypot.
For my personal setup, I have a WireGuard set up on my home server which gets utilized by the auto-tunnel feature once I leave my home Wi-Fi. It doesn't hide anything from my ISP of course, but it ensures DoH at all times and tracker/ad blocking via AdGuard Home. In this constellation I at least don't have to trust the claims of a third party.

DeletedUser87 Agreed. In all honesty, I have absolutely no idea how I can justify tunneling all my data through a third party, other than that I've been involved in discussing the technical details of the VPN provider I use quite a bit. So there's a lot of communication between us that has (with ups and downs) created trust. It's still debatable as to how much I benefit in terms of privacy by using it (e.g. I'm still logged on in many places while using the VPN), but if I didn't have that "raport" with the creators, I'm sure I wouldn't be able to choose a VPN provider right now.

ryrona neither websites you visit nor peers you connect to can see or log your real unique IP address but will only see a shared one

this is pretty huge benefit when you realize that sites like reddit and facebook and instagram and google etc all keep a record of all of the IP addresses you logged in to with and can cross-reference

DeletedUser87

This is why I still use Brave. It isn't perfect at all but the blocking of unproxied UDP with the fingerprint randomization does help. It is badness enumeration but it is more protection than no protection.

More on topic the VPN recommendations are biased based on experience. Some companies are located in better regions and have stricter policies and some companies have a better reputation based on their ownership, people that work there and previous experiences with legal action.

A regularly Audited VPN that doesn't keep logs is something you want to look for but don't expect it to ever be bulletproof.
Almost ervers are always hosted in a data center (even if the company owns them) and those do keep connection logs as the bare minimum required by law. Even if you pay cash.

You can connect, or multihop, to a server in the most privacy friendly location, this does help a little but not for everything.

if you change your view on VPN services as a much more private alternative to your ISP (when using a privacy friendly one) it will be much more objective.

I personally use PIA (not a popular choice because of it's KAPE ownership) but they are relatively cheap, have a decent infrastructure, decents apps, have been audited and have been to court several times. This is no guaranteed privacy for the future but there is no guarantee for any company mentioned above or below this post.

My opinion is subjective thus my own. Many might disagree (which is fine).

FOSSOS

why PIA over Mullvad?

rellhom
No particular reason. Mullvad is a good company. PIA is cheaper and has a slightly larger infrastructure iirc. I haven't done any speed tests on mullvad in a while but I think Mullvad is sightly faster on certain servers. Both are decent companies imo because neither have proven to be ineffective at what they do (not what they claim, mullvad wins there because there is less marketing since it's not a subsidiary of a larger company the last time I checked).
However, after years of using PIA combined with other services I can't complain about the service in general.

FOSSOS A regularly Audited VPN

is most of the time audited for security. That's something that is hard to hide, as you can't just rewrite the code willy-nilly and become an expert overnight. And frankly, security is very crucial for a VPN provider, so I appreciate when companies allow that.
However, let's not forget that VPNs were never built with privacy in mind. The only thing a VPN does, is shift the trust from the ISP to the VPN company. The whole debate is therefore based more on belief than anything else. Your ISP can be the rebel who doesn't log anything either or has "accidents" when the feds show up and your VPN provider could secretly be a fed honeypot - you simply can never be 100% sure. Even if you work at that same VPN company, you wouldn't know everything (and a lot of companies operate on a zero-trust policy nowadays, so it's expected to work that way), so trusting random employees of a company is a bad starting point in my opinion.
For me personally, I don't think I can ever trust VPN providers ever. For me, again personally, it simply introduces another 3rd party I have to trust. It has the nice side effect of not giving me a false sense of security. I know that I can't trust my ISP; if I was using a VPN... I think I would have a different mindset. If anyone here reading this feels dissuaded by my assumptions - don't be. Make your own decisions and don't listen to people on the internet too much. If you want to use a VPN, do it. I just decided that it isn't worth for me paying money for a service that doesn't offer me any real benefits. The situation might be completely different for you.
Last note: there are very legitimate reasons to use a VPN (or a proxy for that matter), just don't rely on it too much from a privacy standpoint.

DeletedUser87 of course I agree with you . That's why I said "

FOSSOS if you change your view on VPN services as a much more private alternative to your ISP (when using a privacy friendly one) it will be much more objective

There is a 100% chance your ISP is logging you and is a honeypot when requested to be so by LE. There is a somewhat smaller chance your VPN is a honeypot. Using it with that knowledge, to circumvent censorship, download copies of Linux distributions and similar things it offers some protection from tracking. Some peace of mind and some privacy if they are audited and are court proven to not log. But like you said this can change at any moment after an audit. It all comes back to threat model. For the average Joe it will increase privacy by a littlend increase security for the most part. As a last thing to mention I like PIA because they has the privacy model audited at a random server and it was shown that even with their static IP's the company itself did not log traffic and was not able to determine the current or past user in any way.

This will always depend on the amount of pressure they receive. The few $ a month you spend is not worth losing their company. This is why I always see a VPN as a slightly more private and secure option to your default ISP.

FOSSOS I'm glad to hear that PIA seems to be doing well on that front.
I at least hope that the average GOS-enjoyer is not an average Joe ;), YMMV. And yes, as I said there are various different and very valid reasons to use a VPN, some of which you mentioned above, just that none of them apply to me sadly (or maybe fortunately?).
On that note, I am also fully aware that most modern apps and websites will rather use browser fingerprinting, keystroke patterns, screen taps/swipes, WebRTC and other much more modern and accurate techniques, none of which will be reduced or mitigated by a VPN. It certainly feels like an uphill battle, but this is where my utmost attention is right now. I feel like the knowledge about all of this can help the average Joe step up their game far outside the scope of just relying on a VPN.
As a closing note, I hope this is some food for thought for everyone reading this thread and to bring awareness that everything isn't as simple. Especially for beginners it can be quite overwhelming, so focussing on a VPN as a first measure is probably a good idea before tackling all the other issues.

DeletedUser87 I could not agree more. When you step into the world of (I'm going to use the word Semi here because we are talking about mostly money hungry data harvesting that will to everything to defeat your perfect privacy setup) Semi-Privacy in the current state of the internet you are dazzled with choices. GOS is not created and maintained to solely support the more advanced user but also to drastically increase the security and privacy of the average Joe.
But yes, unfortunately there are many kinds of fingerprinting methods. There are billions of dollars working towards (or already working with?) fingerprinting methods we haven't even heard of yet (speculation but plausible). All that we can currently do is rely on GOS, rely on opensource projects to increase our privacy. If you want some more privacy and security while browsing using GOS try to use browsers like Vanadium for security or Brave for security and some form of privacy by badness enumeration. While it breaks my heart not to mention Firefox anymore it's not the best choice unless you use Tor or maybe Mull (I don't know enough about the hardening to recommend it).

VPN recommendations will stay subjective like I said before but they can slightly or drastically (depending on your ISP) enhance your privacy and security. However, it doesn't onion, garlic, or in any other way try to create anonymity online. It might help but it does not actively try to do this by bouncing you around through layers of encryption.

A VPN is a very useful tool to circumvent censorship and can help boost privacy and security. Regardless of suggested VPN providers (which is subjective based on current state and personal experience) if you find a service that does not log, has nothing to show in court, blocks trackers, ads, malware etc on a DNS level, and has your trust, it can increase your privacy and overall browsing experience. More so if combined with the right browsers and privacy friendly apps.