DeletedUser87

This is why I still use Brave. It isn't perfect at all but the blocking of unproxied UDP with the fingerprint randomization does help. It is badness enumeration but it is more protection than no protection.

More on topic the VPN recommendations are biased based on experience. Some companies are located in better regions and have stricter policies and some companies have a better reputation based on their ownership, people that work there and previous experiences with legal action.

A regularly Audited VPN that doesn't keep logs is something you want to look for but don't expect it to ever be bulletproof.
Almost ervers are always hosted in a data center (even if the company owns them) and those do keep connection logs as the bare minimum required by law. Even if you pay cash.

You can connect, or multihop, to a server in the most privacy friendly location, this does help a little but not for everything.

if you change your view on VPN services as a much more private alternative to your ISP (when using a privacy friendly one) it will be much more objective.

I personally use PIA (not a popular choice because of it's KAPE ownership) but they are relatively cheap, have a decent infrastructure, decents apps, have been audited and have been to court several times. This is no guaranteed privacy for the future but there is no guarantee for any company mentioned above or below this post.

My opinion is subjective thus my own. Many might disagree (which is fine).

      rellhom
      No particular reason. Mullvad is a good company. PIA is cheaper and has a slightly larger infrastructure iirc. I haven't done any speed tests on mullvad in a while but I think Mullvad is sightly faster on certain servers. Both are decent companies imo because neither have proven to be ineffective at what they do (not what they claim, mullvad wins there because there is less marketing since it's not a subsidiary of a larger company the last time I checked).
      However, after years of using PIA combined with other services I can't complain about the service in general.

        FOSSOS A regularly Audited VPN

        is most of the time audited for security. That's something that is hard to hide, as you can't just rewrite the code willy-nilly and become an expert overnight. And frankly, security is very crucial for a VPN provider, so I appreciate when companies allow that.
        However, let's not forget that VPNs were never built with privacy in mind. The only thing a VPN does, is shift the trust from the ISP to the VPN company. The whole debate is therefore based more on belief than anything else. Your ISP can be the rebel who doesn't log anything either or has "accidents" when the feds show up and your VPN provider could secretly be a fed honeypot - you simply can never be 100% sure. Even if you work at that same VPN company, you wouldn't know everything (and a lot of companies operate on a zero-trust policy nowadays, so it's expected to work that way), so trusting random employees of a company is a bad starting point in my opinion.
        For me personally, I don't think I can ever trust VPN providers ever. For me, again personally, it simply introduces another 3rd party I have to trust. It has the nice side effect of not giving me a false sense of security. I know that I can't trust my ISP; if I was using a VPN... I think I would have a different mindset. If anyone here reading this feels dissuaded by my assumptions - don't be. Make your own decisions and don't listen to people on the internet too much. If you want to use a VPN, do it. I just decided that it isn't worth for me paying money for a service that doesn't offer me any real benefits. The situation might be completely different for you.
        Last note: there are very legitimate reasons to use a VPN (or a proxy for that matter), just don't rely on it too much from a privacy standpoint.

            DeletedUser87 of course I agree with you . That's why I said "

            FOSSOS if you change your view on VPN services as a much more private alternative to your ISP (when using a privacy friendly one) it will be much more objective

            There is a 100% chance your ISP is logging you and is a honeypot when requested to be so by LE. There is a somewhat smaller chance your VPN is a honeypot. Using it with that knowledge, to circumvent censorship, download copies of Linux distributions and similar things it offers some protection from tracking. Some peace of mind and some privacy if they are audited and are court proven to not log. But like you said this can change at any moment after an audit. It all comes back to threat model. For the average Joe it will increase privacy by a littlend increase security for the most part. As a last thing to mention I like PIA because they has the privacy model audited at a random server and it was shown that even with their static IP's the company itself did not log traffic and was not able to determine the current or past user in any way.

            This will always depend on the amount of pressure they receive. The few $ a month you spend is not worth losing their company. This is why I always see a VPN as a slightly more private and secure option to your default ISP.

                  FOSSOS I'm glad to hear that PIA seems to be doing well on that front.
                  I at least hope that the average GOS-enjoyer is not an average Joe ;), YMMV. And yes, as I said there are various different and very valid reasons to use a VPN, some of which you mentioned above, just that none of them apply to me sadly (or maybe fortunately?).
                  On that note, I am also fully aware that most modern apps and websites will rather use browser fingerprinting, keystroke patterns, screen taps/swipes, WebRTC and other much more modern and accurate techniques, none of which will be reduced or mitigated by a VPN. It certainly feels like an uphill battle, but this is where my utmost attention is right now. I feel like the knowledge about all of this can help the average Joe step up their game far outside the scope of just relying on a VPN.
                  As a closing note, I hope this is some food for thought for everyone reading this thread and to bring awareness that everything isn't as simple. Especially for beginners it can be quite overwhelming, so focussing on a VPN as a first measure is probably a good idea before tackling all the other issues.

                      DeletedUser87 I could not agree more. When you step into the world of (I'm going to use the word Semi here because we are talking about mostly money hungry data harvesting that will to everything to defeat your perfect privacy setup) Semi-Privacy in the current state of the internet you are dazzled with choices. GOS is not created and maintained to solely support the more advanced user but also to drastically increase the security and privacy of the average Joe.
                      But yes, unfortunately there are many kinds of fingerprinting methods. There are billions of dollars working towards (or already working with?) fingerprinting methods we haven't even heard of yet (speculation but plausible). All that we can currently do is rely on GOS, rely on opensource projects to increase our privacy. If you want some more privacy and security while browsing using GOS try to use browsers like Vanadium for security or Brave for security and some form of privacy by badness enumeration. While it breaks my heart not to mention Firefox anymore it's not the best choice unless you use Tor or maybe Mull (I don't know enough about the hardening to recommend it).

                      VPN recommendations will stay subjective like I said before but they can slightly or drastically (depending on your ISP) enhance your privacy and security. However, it doesn't onion, garlic, or in any other way try to create anonymity online. It might help but it does not actively try to do this by bouncing you around through layers of encryption.

                      A VPN is a very useful tool to circumvent censorship and can help boost privacy and security. Regardless of suggested VPN providers (which is subjective based on current state and personal experience) if you find a service that does not log, has nothing to show in court, blocks trackers, ads, malware etc on a DNS level, and has your trust, it can increase your privacy and overall browsing experience. More so if combined with the right browsers and privacy friendly apps.

                        DeletedUser87 these companies do not rely on IP addresses and haven't for years. They can utilize browser fingerprinting and stuff like WebRTC, among many other techniques, to identify you. Having the IPs is just the icing on the cake for them.

                        Hiding your real IP address is crucial for privacy and anonymity, but it alone is not enough against the larger sites on the internet that have capabilities to fingerprint your browser or app too. For that you need a browser or app with fingerprint resistance too.

                        But most smaller sites and services on the internet, including all open source ones, only routinely log IP addresses and user agent strings. That is the only logging most server software supports doing out of box. For those, a VPN plus Vanadium (or other reputable open source app) should be way enough to get a high level of privacy and anonymity.

                        One can always do more to protect oneself. If just a VPN isn't enough, one can switch to trusted open source apps instead or use the service entirely in a browser, but it may sacrifice usability a bit. If not enough, one can use apps or browsers with fingerprinting resistance, but there aren't many options to pick from, and some services and sites won't let you in if you try to conceil your identity to that degree. If not enough, you can disable all script execution like JavaScript too, and all dynamic loading of resources. This will remove almost all fingerprinting vectors and attack vectors, but most services and sites will break. If this is not enough, one can switch to using Tor Browser instead, but not only will most sites and services not work with Tor, but things will be slow, and you will have to login again every single time. But Tor Browser is so secure only state sponsored attackers can reliably deanonymize you or track you, and they need weeks if not months of targetting you specifically. And if that is not enough, you can always stop using internet altogether.

                        So it is all about choosing how far it is warranted to go. Getting a VPN is always the first step, and fairly easy to do, in the journey towards privacy and anonymity.

                          2 months later

                          So far I have used Proton, Mullvad and IVPN. Since I did not want all eggs in one basket I downgraded from Proton Unlimited to Mail Plus and took IVPN and Mullvad for a test drive.
                          Since I can't get direct notifications with Mullvad when reconnecting after a good night sleep I decided to go back to IVPN for a while.
                          BTW I read the policy of my ISP, I'd suggest to do that :)
                          Since then I have rarely been without VPN and then there is this recommendation:
                          https://discuss.grapheneos.org/d/11553-grapheneos-network-requests-and-privacy-policy/31
                          Which is another reason I stay on VPN wherever possible

                          Everyone should use a VPN. If nothing else it stops your telecom from being able to turn over every site you visit to the authorities upon request.

                          Mullvad is generally the recommendation for a general use VPN.

                          PIA is useful for the dedicated VPN feature. That allows the establishment of a persistent IP to tie to a distinct persona. Hosting your own VPN on a server paid for via Monero is a better choice but setup is more difficult.

                          Surfshark is an alright choice if you are running a low threat model simply because it supports unlimited devices, so you can just cram it on anything you don't need better for.

                          Orbot is the most secure but is slow.

                            Xtreix
                            None of that changes the fact that Orbot is still the most secure VPN option at the moment. Unless you know of a better way to force all traffic through Tor in a user friendly manner?

                                JollyRancher Mullvad is much more secure and their developers are much more trustworthy. Orbot just acts like a glorified VPN and isn't an official Tor project, but of course you're free to use whatever you like.

                                  Why have the FBI etc decided that we shouldn’t use a “private VPN” (not sure exactly what that is) and then they talk about free VPNs.

                                  What am I not understanding here?

                                    Blastoidea don't use a free one from a nobody company. A VPN can access your traffic so obviously it's preferable to have a reputable one.

                                        wuseman
                                        Okay, thanks.

                                        FBI telling folks to stop using a VPN made the BS Detector ring loudly.

                                          Rizzler that is concerning, and as a long time customer of theirs, I feel stupid for not investigating this early on.

                                              DeletedUser87 most modern apps and websites will rather use browser fingerprinting, keystroke patterns, screen taps/swipes, WebRTC and other much more modern and accurate techniques, none of which will be reduced or mitigated by a VPN. It certainly feels like an uphill battle,

                                              Amazing how hostile many sites, apps, companies, etc. are to anonymity. G**gle especially. What explains this desperation?

                                                  I use Wireguard VPN to my home network. If you're asking about commercial VPN, then no. It doesn't protect you the way you were told it would. Most sites are HTTPS now, and there is no boogeyman behind your router sucking up all that juicy data.

                                                  Go on here, https://www.doineedavpn.com/, to see if it applies to you.