I'm a little unclear why I would trust that there is no logging. With root access to the VPS, I'd be able to determine that the OpenVPN service on the VPS is not logging the connection between my device and the VPS, but I obviously don't have any access to the infrastructure beyond the VPS. My ISP might not be able to see my traffic, but the ISP of the VPS would, and I'd be just as identifiable if there are logs matching my dedicated IP to my account.
I don't have control what goes on outside the VPS, but root access is my proof to my customers that I am not logging. Certainly no VPS is the magic pill to internet security or anonymity.
This is what makes this no better than any other VPN service. I still need to completely trust that the provider is not watching me. Even with full hardware access, there could be an invisible sandbox or hardware DMA to some chip I can't see. There is no easy scalable solution to avoid this in a technical level. But you can be one anonymous user in a sea of many others and hope for the best, which is why I'd advise to go to a trusted mainstream VPN provider.
Yep. I have heard stories of people that setup a Streisand VPN on a digital ocean droplet, and then got sent DMCA letters for torrenting. Digital Ocean turned over their identity and banned their account.
If you're just doing it for privacy, then cool. If you're doing it to mask potentially illegal activity, don't. Use PIA or something like that.
I think it depends on threat model. If you’re looking to do anything illegal, probably no VPN is a good idea.
But if you care about privacy in general, a VPN is always a clear win. No VPN will ever be perfect. But for a VPN, this is pretty good with regards to security.
All depends on what you're doing and threat model.
Some may just be avoiding local isp surveillance. Some are just getting a vpn to access a site blocked on their country.
For what you said,it really matters what country it's in and who is hosting it. For example, switzerland and finland means no dmca cooperation (not easily at least). If the owner is publicly known and had a lot to lose outside of the vpn business in the event of a reputaional loss, that would be even more preferable (for me it's freedome or protonvpn due to the risk they take by associating it with f-secure and protonmail respectively)
