I’ve heard a lot of back and forth on this through various forums and wanted to understand this communities take on the VPN debate.
I struggle to see the downside of using always on VPN (Mullvad) on all of my devices (phone, tablet, pc) but open to learning more!
Understood that there are many more ways to fingerprint/identify an individual than IP address, but surely a VPN must have some benefit in a mass surveillance threat model and to prevent your ISP from knowing your history.
Kenny33 the way you ask the question... I'd say yes, using MullvadVPN would be a net positive in that case. Do it!
Please take a look
https://madaidans-insecurities.github.io/vpns.html
You can also look at how Apple made their Private Relay:
"When Private Relay is enabled, your requests are sent through two separate, secure internet relays. Your IP address is visible to your network provider and to the first relay, which is operated by Apple. Your DNS records are encrypted, so neither party can see the address of the website you’re trying to visit. The second relay, which is operated by a third-party content provider, generates a temporary IP address, decrypts the name of the website you requested and connects you to the site. All of this is done using the latest internet standards to maintain a high-performance browsing experience while protecting your privacy."
https://support.apple.com/en-us/HT212614#:~:text=When%20Private%20Relay,protecting%20your%20privacy.
"If you want privacy and anonymity, use Tor instead, which avoids trusting a single party and is more private by design."
Is there an ideal way to use Tor on GrapheneOS? Tor Browser is insecure and opens up a lot of attack surface since it uses a different browser engine. And Vanadium + Orbot seems to not have the anonymity that the Tor Browser has. Would a VPN be preferable to either of those options?
Kenny33 You're mostly just shifting trust from your ISP to your VPN provider while hiding your IP address from services you use. The way I like to promote their use to people who are just starting to think about these issues is to recommend they look up their current ISP privacy policy and see if they understand how their data is being used and how long of what is being stored in plain terms. Then open a privacy notice of a reputable VPN provider such as Mullvad as see if they perceive a difference. Mine just says they may retain and use my personal data as necessary to comply with their legal obligation. Frankly, I don't know what these are, lack the legal training to interpret them correctly anyway but more importantly I would rather trust someone who is incentivized to protect my privacy.
I don't really blame my ISP for the inaccessible boilerplate legalese. They do it because most people don't choose ISPs based on them having clear and transparent privacy policy.
@OpenSource-Ghost while I give you the benefit of the doubt for trying to assist and be as informative as possible I have however removed your reply due to the lack of direct response and of substantive evidential based sources for some of the claims.
@Reflux and @Kenny33 I've removed your comments regards OpenWRT and Routers as it isn't specific to the topic and initial question. (Feel free to open an OT thread specific to Routers, Firmware and VPN's specifically.)
@kopolee11 for similar reasons please feel free to open another thread asking about TOR usage, apps and configuration.
A well known and respected VPN provides the following basic guidance for VPN uses:
Do you really need a VPN?
Despite what many VPN providers advertise VPNs are useless (at best ineffective) at:
Do not rely on a VPN to protect you in any of the above scenarios.
However, a trustworthy VPN can be very effective at:
It is also important to choose VPN providers VERY wisely. The ones I found out to be the best are OVPN and Mullvad. Both accept cash payments and both are located in a VPN friendly jurisdiction (Sweden) where data privacy laws are strong and there is no legal obligation for VPN providers to retain or collect ANY data due to VPNs not being classified as ISPs.
OVPN actually won a court case where film companies sued them to get data of one of their customers The Pirate Bay. OVPN won this case and the film company had to pay their court costs, because they could prove they did not collect or retain any data after the wireguard/OpenVPN connection is terminated.
There have been numerous cases where well known "private" VPN providers collect data on their customers and freely hand them over to third parties.
I would strongly suggest you think twice and research VPN providers carefully before you choose which one to use, especially the ones with large budgets getting shilled on social media. They may very well be honeypots of various entities.
For privacy I would recommend AirVPN.org through Wireguard every day of the week.
Their client Eddie is great but I use the Wireguard app.
IPLeak.net is runned by them as well.
What about Proton VPN? They seem to be very conscious about their users privacy. Anyone thinks otherwise?
imagingGrapheneOS I've been using it since Day 1 and have encountered zero issues.
To VPN.
I'd rather my ip address and browsing habits be associated with myself and a pool of other users than just myself. My threat model is that I don't like to stand out like a sore thumb. I'd rather be one of many sore thumbs.
imagingGrapheneOS
They are great. Proton is in Switzerland which is likely the best country legally for a VPN.
router99 They are both reputable countries.
