Opera comes with a free VPN (which does collect as much data as it can), and I think, Firefox is primed to move in that direction, as well. Given how they already have a partnership for DoH, they might extend it for Warp, which might be great if they do it in a privacy-oriented way and do right by their users. Esp, as more and more govts censor the Internet and ISPs turn into trackers the need for Firefox to be the thorn in the neck of powers-that-be is ever more important.
If Firefox included a built-in VPN, they could increase their market share substantially. As long as they keep privacy a priority, they can give Chrome solid competition.
Why? They have access to the same data, and a similar incentive to monetize. It will just be an _additional_ profit stream, not the only one.
(I trust a vpn to not be my isp or someone at the next table at a coffee place with WiFi. I trust paid vpn providers to provide decent performance. I’m not as worried about data mining)
Because I trust a private company 100x more than I trust the British government which forces all ISPs to keep my browsing history for a year and then gives dozens of agencies warrantless access to this data, including agencies like the Food Standards Agency. At least a private company has a financial incentive to keep my data safe.
:thinking_face: is the food standards agency more interested in browsing data from food-based corporations to ensure certain standards over your pleblian google searches? it's possible and sounds like a valid reason for sharing of this data. except it's broken because a loophole is to simply use an offshore VPN (guess that's harder for a corporation to get away with)
Much easier if anything. I work for a French software developer in the UK and all of our traffic goes through a Paris-based gateway as per company policy.
This whole DNS over HTTP disaster makes it pretty clear to me as an end user that it's not though. I wouldn't trust a free VPN further than I can throw it, no matter who offered.
> This whole DNS over HTTP disaster makes it pretty clear to me as an end user that it's not though.
True. We've got DoT, which is a very viable alternative. Supported at OS level by Android. And there's DnsCrypt with clients on all major platforms.
> I wouldn't trust a free VPN further than I can throw it, no matter who offered.
Valid point.
Though, the present situation is that one pays the ISPs and yet they traffic shape, surveil, censor their users. I fear, after a point, VPNs might be the only way to access censor-free Internet across the globe.
While I personally trust my ISP more than some random US based entity, that's of course true. The thing with VPN alternatives for me is that the VPN landscape today is already weirdly organized, opaque and would have no real incentive for a free tier.
Short of hosting their own, which consumers will not do, I don't see a scenario where VPN providers end up in a position that's more trustful than your average (Western world) ISP is today tbh.
I don't think any ISP can really be trusted, in most countries, since they are subject to arbitrary government demands. In Australia, for example, that includes data retention, censorship, and assistance with any kind of spying that may be demanded.
Sure, valid as well. If VPNs get relevant enough to matter to nation state actors none of that really exclusively applies to ISPs anymore though, I feel like we're in a cozy transitioning stage there. They'd either get blocked (see feeble attempts in China) or get the same treatment. Either through similar legislation or technology level interference as we've seen before with the Tor network. At that point it's a game of choosing the nation state control you're most comfortable with in terms of oversight, governmental interference, consumer protection, and business incentive. That'll likely still be my European based ISP over a US VPN to be quite honest, given (theoretically) better consumer protection legislation and generally less equipped/capable surveillance apparatus.
Don't get me wrong, VPNs e.g. for access control or untrusted networks are great use cases in my book. I just don't like the snake-oil vibe surrounding VPNs that make it out to be a great way to secure everyday networking for consumers.
How is it a disaster? From what I've seen, a number of gripes are due to people not actually understanding how DoH works or expecting it to do something it isn't designed to do.
Disaster was maybe too strong a word there. I personally don't like some aspects to put it more mildly. To me, the Firefox move centralises critical infrastructure behind players like cloudflare, including their non-contractual(?, at least not with me as the end user) promises and potential US influence. Guess we'll have to hope for upcoming transparency reports there and hope we don't find this part of the infrastructure as a sidenode in some NSA leak a decade down the road. In my view, once the stack is widely adopted, users will by default either use whatever firefox gives them, or talk to a DoH instance their ISP pushes (I assume there's still a mechanism for that?), not really achieving that much in terms of potential privacy breaches if somebody on the other side decides to act maliciously.
Please correct me if I'm wrong here, it looks like a weird approach to fix a protocol on a lower OSI level. Instead of fixing DNS&DNSSEC privacy a few key players bypass and replace it with their own solution, with Firefox pushing it onto users. My major gripes there are the added complexity and an aversion to wrap our whole networking stack into HTTPS instead of addressing the underlying problems. I realize that's more philosophical than technical grievances though, sorry for the wording.
DNSSEC explicitly doesn't provide privacy --- in fact, it does the opposite --- so if you were waiting for DNSSEC to hide your queries from your ISP's adtech analytics, you'd have been waiting a very long time indeed. Firefox made the right call. DoH, by the way, is also an open standard.
Honestly not really familiar with that but from overview graphics it looks like if you wanted to adapt that to live connections you'd end up with something similar to Tor, right? That is nice of course but comes with its own drawbacks (a few that spring to mind are performance, potentially malicious exit nodes, inconvenience).
I'm suggesting that the way Tarsnap organises its billing might be a good way for customers who buy VPNs to be sure that their browsing info is not actually the product the company offering the VPN is selling.
I've looked at their website, thanks for the pointer, I think I'll have to give them a go for my personal backups now :)
As for the application to VPN, I can't see much of a difference to other trustworthy businesses to be honest, I think I missed something there - are you referring to the prepaid aspect?
One would wish but alas a common mode of business is that people who consider themselves users sign up to use some service which is presented to them as being free, when all the while that company's actual business model is monetising those users' info and habits in every conceivable way and the 'service' is just the bait to get people on the hook.
methinks you're talking out of your butthole right now. I run a VPN service. I can get away with about 100 users per dedicated host. That gives me an average CPU of $0.80. If I went with tier-1 datacenters, my cost would triple. Public cloud DCs bring my costs up ~25%.
These numbers shrink with scale (e.g. buying dedicated bandwidth, bringing your own bandwidth, colo and increase server density, etc). Also mozilla has $69m in cash as of 2016, without counting assets and investments. They are okay to host few thousand more servers.. https://assets.mozilla.net/annualreport/2016/2016_Mozilla_Au...
But privacy is the main concern and I would only use it if their were assurances that the VPN would not log nor sell user data.
Mozilla does get a lot of money to keep Google as the default search engine on Firefox so using a built-in VPN to draw more users may get Google to pay them more.
FF is planning to add a paid VPN as a partnership. It will be a non-free, paid feature―possibly in a separate paid version of the browser (not sure if they really plan to make a whole separate FF).
