[deleted] Great write-up. Unless you are in a country that bans VPN use, I don't see anonymous sign-up as that important if the VPN does not log what you sites visit/your IP (they have to keep some general logs that don't identify users to manage the network - and not everyone pays with a crypto so they know who you are from that). Popular/well-known/well regarded VPNs will not log because if word gets out they did so, their business is ruined. Now, could a VPN be forced to log by guv under sealed demand? Some countries are worrisome (including U.S.), but you are pretty secure in countries like Romania/Switzerland/Sweden where federal laws state VPNs located in those countries can't be compelled to log.

    ninjanoir789
    Its important to understand what a vpn is useful for and what its not useful for. vpn generally doesn't add too much security, but in some cases it could. Its used mostly for privacy and preventing your ip from being identified. Sometimes sing a vpn alone is enough to achieve privacy, but often a vpn alone is not enough because if there is a "fingerprint" then the fingerprint also needs to be dealt with and hidden.

    However if you address the fingerprint and the ip issue both, then you have good chances of eliminating tracking.

    Read this post for some explanation on this:
    https://discuss.grapheneos.org/d/6995-pc-brave-or-firefox-or-waterfox-o-librewolf/5

    In terms of vpn services worth trusting, i know of:

    • proton
    • mullvad
    • iVPN
    • [deleted]

    ninjanoir789 In my opinion, a vpn is no more secure than not having a vpn, since 95% of the Internet is encrypted using HTTPS. The only reason to have a vpn is if you're connecting to a free wifi network. It's also useless for confidentiality, as all vpns keep connection logs. In fact, if a vpn is prosecuted for refusing to comply, the price of your subscription won't even pay for the lawyer's coffee... As the old saying goes.

      • [deleted]

      [deleted] The right thing to do though, if I had the knowledge, would be to create a vpn with a subscription and lots of promises of security and privacy like they all do because it's really easy money!

      [deleted] well, I’m not sure. But I am certain that any ISP would hand the data over to any LA agency who asked, plus anyone else who paid, plus use to their own ends, plus have it all easily accessible to hackers.

      A ‘trustworthy’ vpn may have to hand data over to LA, whatever they hold, legally, but the rest of it I would trust Proton, Mullvad or IVPN with far more than my random cheap isp.

      If I were doing illegal things that I wanted to hide, I wouldn’t be using a VPN in the first place, nor would I recommend anyone else to.

        • [deleted]

        mmmm You mean my ISP resells encrypted information to people who pay for it? I doubt your ISP's laws are as different as vpn's...

        • mmmm replied to this.
          • [deleted]

          • Edited

          You don't know what the vpn does with your information, even if you pay them in cash your IP address ends up with them and they are legally obliged to keep it. An ISP like Orange or Bouygues also encrypts data, so it's no longer readable.
          The Swiss banking system has always had a reputation for privacy and anonymity... Swiss banks bought lots of Sun System computers in the 90s, and all the computers sent all the information back to the CIA or the NSA, I don't remember. So when I read somewhere that a Swiss or other vpn makes promises of security or privacy, I run away from that service!

            [deleted] my isp knows the websites I browse to, as would a vpn provider know this information. This is highly highly lucrative an information, for hackers and advertising agencies and any other profile building and or nefarious purpose. Https ensures that what happens within the site is encrypted, but not to where I go. I would trust a privacy oriented vpn provider over either orange or Bouygues or any other commercial isp, yes.

            As I said before, if I was trying to hide from LA, I wouldnt be choosing this route, nor recommending it either.

            [deleted] Swiss banks bought lots of Sun System computers in the 90s, and all the computers sent all the information back to the CIA or the NSA, I don't remember.

            I had not previously heard about that and a couple of searches don't seem to turn anything up. Can you provide a source?

              • [deleted]

              de0u It was in a TV report. I'll send it to you in a few hours

                [deleted] In fact, if a vpn is prosecuted for refusing to comply, the price of your subscription won't even pay for the lawyer's coffee... As the old saying goes.

                You've taken this quote from joepie91's article, which is quite good but also a bit exaggerated and where he proposes an alternative that's no better, that of the VPS with its own VPN since you get a unique IP address and your VPS provider can do the same thing as your VPN provider.

                The main problem with VPNs is that they're potentially honeypots because all your data passes through their servers and they can technically do whatever they want with it, so you get a centralized connection rather than a decentralized one. This doesn't mean that all providers are malicious, and your ISP probably has more interest in tracking you than your VPN provider, in fact, you trust the developers not to do anything malicious with your data as soon as you use tools that require the use of a network, and this goes for any operating system, tools, applications, software, audits have their own problems because it's always a question of examining the "T" moment, which is why system transparency is important.

                [deleted] The only reason to have a vpn is if you're connecting to a free wifi network

                If you only browse in HTTPS, it's still pretty good.

                [deleted] they are legally obliged to keep it

                No, depends of the provider, all VPNs doesn't legally obliged to keep logs, they are not considered as electronic communications networks / services in all countries.

                [deleted] An ISP like Orange or Bouygues also encrypts data, so it's no longer readable

                You talk about French ISPs, I live in France and our ISPs don't respect our GDPR laws and most of them have already received several fines, I know a bit about the field, the CNIL that allows you to complain has very little use in the real world. You go on to say that Bouyges and Orange encrypt your data, but exactly what data do they encrypt? You can't confirm this, and neither can I. There's nothing clear or transparent about what ISPs do most of the time, careful I'm not saying this is proof of malicious activity with our data.

                [deleted] It was in a TV report. I'll send it to you in a few hours

                It's not a reliable source.

                  • [deleted]

                  de0u "la société Sun Microsystems qui a livré pendant des années des serveurs dotés de portes dérobées matérielles et logicielles qui ont réduit à néant le Secret Bancaire Suisse."
                  https://souveraine.tech/pourquoi-la-nsa-aurait-elle-seulement-cible-les-banques-suisses-via-les-serveurs-sun-solaris-vendus-desormais-par-oracle/

                  It's all in French, it was originally in an arte report on computer security, but I can't find it, I can't remember which one it was.

                  • de0u replied to this.
                    • [deleted]

                    Xtreix
                    You trust a vpn, I would agree with you but for example in France we use orange, Bouygues or free or other ... People like you who apparently use reinforced OS also use VPN, it's clear you have nothing to hide everyone believes you 👍. And again almost all the web is encrypted, so as far as the internet is concerned whether you have a vpn or not it's the same, except that a vpn is more likely to be used by malicious people, so no I wouldn't trust a vpn because there's a very high chance it's being monitored just fine.

                    • mmmm replied to this.
                      • [deleted]

                      Xtreix Not a reliable source? These are proven facts, as with cryptoAG and others. Really stop with the marketing beliefs

                      [deleted]

                      [deleted] And again almost all the web is encrypted, so as far as the internet is concerned whether you have a vpn or not it's the same

                      No. You’re missing the point. The key difference, all other things being equal, is who sees where you’re going.

                      It’s down to you whether you choose to trust a privacy centric, open source, generally well regarded VPN such as Proton, Mullvad or IVPN with this info, or whether you trust Bouygues, SFR, Free or Orange.

                      I can understand that many people are rightly worried about VPNs, but it’s possible to be prudent with your choice. Don’t be duped that all VPNs are bad, in the same way that I am not duped that they are a magic bullet.

                      On the other hand, it’s impossible to know what the ISP companies are doing with your browsing info.

                      Choose your weapons wisely, but aside from being the gateway, a normal isp won’t be one of my choices.

                      Xtreix It's not a reliable source.

                      The original source was from a hacker group in a spreadsheet.

                      It is well known that the NSA has been using the american IT domination in Europe as well. The good result is that it helped developing solutions to ensure better privacy for Europeans, although the solutions are often a joke.

                      I don't consider any of the consumer services calling themselves VPN as a true VPN. Many of them are just the same service branded differently and are pretty shady, and none of them can provide you with a technical guarantee that you and/or your data are not logged/collected/monitored. If you need to anonymize yourself, use Tor/Onion. True VPNs are used to preserve privacy and secrecy of your data while travelling across insecure networks and have nothing to do with anonymizing. I'm running a VPN on my home gateway to be able to access services I run on my LAN.

                      • [deleted]

                      • Edited

                      MoonshineMidnight
                      Thanks, and yea I agree with everything you stated. I think if you can set it up anonymously, do it, but if you trust that the VPN provider does not log then it's not that big of a concern. Almost anything is going to better than allowing your ISP to manage your internet traffic and you're right regarding reputation and their business, this is essentially the entire foundation of Proton. If Proton was not transparent and logged, their business would tank. Definately agree (although not a magic bullet) that geolocation regarding providers (and subsequently their jurisdiction) matters.

                      [deleted] It's all in French, it was originally in an arte report on computer security, but I can't find it, I can't remember which one it was.

                      Interesting... I have found a Temps Présent report about Sun Microsystems, but it's too old and not on this topic: https://pages.rts.ch/emissions/temps-present/societe-moeurs/867088-les-petites-soeurs-de-big-brother.html

                      If you can find the one in question, I would be interested. But thanks for the pointer you have already provided!