Surely you shouldn't depend on that alone. Tor would be a wise additional layer of protection, if applicable. But to suggest that you get no privacy benefit at all from a VPN is like saying your host may be compromised, so you might as well use regular telnet rather than SSH.
Everyone agreed it was extremely important and some password protected data was very sensitive. But the conversation about authenticator apps always got bogged down with risks about malware on phones. I would get asked "will you stake your career on it never happening?" Of course not. Therefore "for security reasons" we never supported authenticator apps. Of course it was pointed out that people might lose hardware tokens, so they didn't happen either. Because mobile MFA isn't perfect, I had directives to stick with easily phished passwords for years.
"Let's make a bet over whether a customer reports an authenticator app gets hacked before a customer's account without an authenticator is broken into. If the authenticator app is hacked first, I'll resign. If an account with no 2FA is compromised, you resign."
I think you just need to be talking to someone who can understand the risks you convey, has the responsibility for both risks and the authority to effect the necessary change.
IME that's straightforward in most small companies and in large government departments it's rarely one person but multiple committees of people who you'd never be able to explain the risks to and who won't make a decision.
Feel my pain?!
But I'll stand behind the view that when ideas are being shot down with challenges like "would you stake your career on this" then a bull-headed approach is worth a try.
> I don't think offering to gamble away your job would be an effective way to convince others to accept your advice on risk management.
It won't persuade technically minded people, but it tells decision makers that you're confident, and offers them a measure of accountability.
Was anyone being asked to stake their career on all the existing security practices? I've worked on a couple of projects with politics similar to what you described, yet they had encrypted (unsalted, decryptable) passwords in a database, and only about 3 tech people seemed to understand the implications of that.
Who was staking their career on that?
Potentially - everyone who worked there, including you. :/
Sure, I went on holiday to Jacksonville - thought I would take in some culture - and the copper was stripped out of my house. But they can only rob you once ;) I go number two in a field a few miles out of town now...total peace of mind.
For posterity, here's the second part to his crusade: http://cryto.net/~joepie91/blog/2016/06/19/stop-using-jwt-fo...
Mongo is a document store, not a relational db. Mongo is a good choice if you're looking to replace ElasticSearch, not if you're looking to replace MySQL.
Your startup probably doesn't need Big Data (TM). Just use a relational database like Postgres and learn a bit of SQL. IIRC, Postgres outperformed Mongo at JSON processing, which was supposed to be one of the stronger points of MongoDB.
> they need to compromise your ISP or your VPN
Part of the point of a third-party VPN is that the ISP/router can't tell what you're doing -- you assume that they're untrustworthy. Compromising the ISP would be useless, unless your VPN is for some reason sharing the same info with your router, in which case... install a competent VPN client.
I don't see how you're adding an additional failure point, you're just moving the same failure point somewhere else.
Yes, once the VPN endpoint makes the request, an ISP can still intercept it. But this is one of the few cases where adding an additional network hop very likely does not matter at all for your privacy. Once your request is going over the open Internet there are already so many opportunities for people to spy on it. The benefit is in disassociating that request from you, not in hiding it once it goes public.
 A term of art in intelligence & cryptanalysis, https://en.wikipedia.org/wiki/Traffic_analysis
Honestly I think this is the total opposite case. "Full take" collection systems are notoriously money pits due to the nature (hence, full take). Targeted surveillance will ALWAYS be far more cost efficient than blanket mass surveillance.
Not to mention the legal trouble for an LEO to be granted a subponea in a different country. By the obstacle of "a different legal system protects this part of my data chain" alone a VPN is worth it.
Say you use a Russian VPN provider. Sure, they can see that you're connecting to whatever site, but the actual data is protected end-to-end by TLS (hopefully). Meanwhile your local ISP can see you're connecting to something in Russia, full stop. For someone to track you down, they'd have to get the compliance of both your ISP and your Russian friends... AFAIK, there are exactly zero cases on record where this has been successfully done.
I doubt this is necessarily true in the US due to the 3rd party doctrine (which I abhor). I think they may refuse and request a subpoena, though. But, nothing stopping a company (generally) from handing over your data if asked for. Maybe T.O.S?
Yes, people would rather give their entire packet to a hacker than five eyes, wouldn’t they?
was logging client connections as recent as 2018
despite claiming they do not log
see openssl/server.cfg it should contain special lines to disable logging
The article is just wrong the way it is. It would be correct if it was titled "Don't use VPN Services as your only means to ensure perfect privacy".
The point of the assertion is that you can be tracked even if your IP address is obscured, mangled, or spindled.
However, if you don't use a VPN: Your ISPs (Broadband, coffee shop, whatever) can see all your traffic!
20 years ago I passed ALL my traffic on my laptop through a VPN, I just happened to run my own. But back then much less of the standard traffic was encrypted. Now, pretty much all web traffic is encrypted. So that makes the VPN less of a concern, IMHO. Depends on what you're doing though...
There was this one time I went to Defcon. Installed a scratch laptop for it. The firewall on it would only allow DHCP and OpenVPN on the physical interfaces.
VPN services have to compete with each other. Consumers can't really be sure their provider is doing the things they say they are, but at least their incentives are somewhat more in line with doing the right thing. I hope so anyway. Hopefully, VPN customers are a little more informed than the article suggests. I guess we will see how much NordVPN was punished in the market over the next few months.
That said, don't trust anyone on the internet - to the extent that you can - especially Comcast.
For routing all your internet it's as simple as this (on the client only, no server setup):
sshuttle -r email@example.com 0/0
It's also far more powerful for slicing up and mixing subnets or only routing specific targets ... for example unblock a specific site, but don't re-route other traffic:
sshuttle -r firstname.lastname@example.org sci-hub.tw
Minor issue worth mentioning, not to disappoint people trying this out - it's currently necessary to use the -x option to exclude the server itself from being routed on Linux, I think this is due to a kernel bug? which is a little annoying, hoping this will go away eventually. This is not relevant to BSD or Mac, although on Mac you have other kernel bugs to worry about in XNUs network stack.
sshuttle -r email@example.com -x 18.104.22.168 0/0
As "icelancer" has pointed out bellow, please note that using your own server ties your activity to your identity more definitively if you are the only one using the server and you pay for the server in your name. Not being a purpose built consumer VPN makes it a less likely target through significant obscurity, however in the event it IS targeted, it's uniqueness will make it easier to associate activity with you via the VPS provider.
> This also ties your identity to a provider definitively. That's fine, as long as you tell people that's what is happening. A good consumer VPN that isn't a garbage one offers plausible deniability.
"Generate a private and public key pair for the WireGuard server:"
wg genkey | tee privatekey | wg pubkey > publickey"
"This will save both the private and public keys to your home directory; they can be viewed with cat privatekey and cat publickey respectively."
"Create the file /etc/wireguard/wg0.conf and add the contents indicated below. You’ll need to enter your server’s private key in the PrivateKey field, and its IP addresses in the Address field."
That's not within reach of your average computer user.
Same for sshutle.
Given that WireGuard is headed for inclusion into Linux mainline soon, it probably would be a good idea for folks to take a few minutes to learn how to use a technology that is going to be part of core Linux.
But you're quite right that if you already have a config that you know works, WireGuard has no significant advantage in this area (in terms of ease-of-configuration -- though the keys being quite short is nice for SSH-like key distribution). But if you're starting from scratch then you need to first figure out what is the right configuration to use (or you need to pick from the many dozens of "set up OpenVPN quickly" scripts) and then you need to hope that your configuration is not insecure.
WireGuard can be set up and work just as well as any other configuration without a script in a couple of minutes (or less than a minute with a script). The script that was linked in a sister comment to "set up OpenVPN quickly" also sets up Apache for god's sake...
sshuttle uses ssh, which in turn is not wedded to any one cipher. How does wiregaurd improve on this?
Among many other things, you cannot do a port scan for WireGuard servers. You can do a port scan for SSH. This is because the WireGuard handshake was designed such that there is no response to unauthenticated packets (the first packet is authenticated by the client knowing the server's public key -- something port scanners won't know).
Jason Donenfeld has a few talks that explain why the cryptographic design is the way it is, and it has several very clear improvements over SSH (as a VPN protocol).
I really can't overstate how awesome WireGuard is. I really would suggest you take a look at it.
The "agility is bad" crew have a decade or two to wait before they can show anything at all meaningful beyond "my new thing is newer than your old thing".
That doesn't make them wrong, but it makes their position unproven in practice.
By having cipher agility, both clients and servers are incentivised to support the widest possible set of ciphers (because nobody can agree on what cipher to use). This means that it's hard for a known-bad cipher to stop being used (see: the entire history of RC4 usage in TLS) and any downgrade attacks become catastrophic (see: the entire history of SSL/TLS). It also ends up adding complexity to the protocol -- which is always a good thing to have in cryptographic protocols (see again: SSL/TLS)!
Most importantly, if all currently-known ciphers are broken tomorrow, then all servers and clients will have to be upgraded in order to be secure. So cipher agility doesn't help you with the doomsday scenario (everyone needs to upgrade anyway) instead it just ensures that older (completely insecure) clients will still be able to communicate with servers. Why is that seen as a feature? If you really want an insecure fallback mechanism you can implement it with non-agile systems by supporting the two most recent versions of the protocol (I expect this is what WireGuard will do once it's upstreamed). But not everyone wants the "feature" that some clients will silently become insecure.
I don't understand what you're saying with this point:
> The "agility is bad" crew have a decade or two to wait before they can show anything at all meaningful beyond "my new thing is newer than your old thing".
How can the "agility is bad crew" prove their point in a few decades if you're arguing that we shouldn't use such protocols? If they followed your advice, there wouldn't be any zero-agility protocols to compare against in a few decades...
I'm arguing that the case for them is weaker than is often put, but that's not the same as nobody should use them. If a flag day is fine for your use case there's very little reason not to choose this design approach, it is simpler and simpler is good. But you'll notice that the example cited (including by you) for why agility is bad is almost invariably TLS and clearly a flag day isn't practical for TLS because it's far too broadly used.
TLS illustrates my other main thrust of concern on "agility is bad". You describe RC4 as "known bad" and the downgrade attacks as "catastrophic" and this sort of apocalyptic thinking is very popular in the "agility is bad" crowd, but it doesn't truly reflect the ground reality for actual users which is that things went from "It's definitely fine" to "It's probably fine but to be sure we should upgrade". Grey areas are a real thing.
There were protocols that didn't exhibit any cipher agility before by the way. Lots of them. What happened was that they broke, and so agility was added to them retrospectively in new versions that fixed the brokenness. The arguably new thing in the latest round of "no agility" protocols is a supposed determination never to do this. To see how that works out, as I said, you'll have to wait a decade or two.
For those of you who are thinking "eh, I like my `ssh -D8080 firstname.lastname@example.org` solution", sshuttle has the following two advantages:
1. no need to configure your SOCKS proxy in your applications
2. it works even when dynamic forwarding is disabled on the host you're connecting to
There's a reason VPN providers have exploded in popularity: mobile internet devices have been mainstream for 5-10 years and they are system-locked but you can install apps.
If you are using ssh keys you can at least use a bash while loop without incurring any password prompts:
while ! sshuttle -r email@example.com 0/0; do sleep; done
Any server you have a login to, right? So in some respects wouldn't a commercial VPN be simpler?
It's almost as simple, faster, and importantly, far more obscure... vs consumer VPNs which are almost honey pots.
It's also more powerful, you can selectively route things through different servers simultaneously.
I suppose that negates my point about it's obscurity, since you only care about that if you are evading prying eyes of some sort.
I've updated my original comment to include your point.
Note that sshuttle deconstructs the TCP packets before sending them over SSH which already uses TCP, it also performs differently to `ssh -D` and manages the buffer to prevent blocking behaviour over bandwidth limited connections:
Sacrifice latency to improve bandwidth benchmarks. ssh uses re‐
ally big socket buffers, which can overload the connection if
you start doing large file transfers, thus making all your other
sessions inside the same tunnel go slowly. Normally, sshuttle
tries to avoid this problem using a “fullness check” that allows
only a certain amount of outstanding data to be buffered at a
time. But on high-bandwidth links, this can leave a lot of your
bandwidth underutilized. It also makes sshuttle seem slow in
bandwidth benchmarks (benchmarks rarely test ping latency, which
is what sshuttle is trying to control). This option disables
the latency control feature, maximizing bandwidth usage. Use at
your own risk.
Edit: I must stress I'm not an expert, and would love to hear if the above is wrong.
But of course, if you aren't using TLS then your traffic is not encrypted as it leaves the pipe. So obviously you should use TLS over Tor.
Incredibly difficult to pinpoint you as the responsible party - but that information could certainly be outputting virtually anywhere, depending on the exit node.
If you read the original paper the researchers spell out the weaknesses, many of which were made in the name of performance over security.
Also, when I said doesn't work, I only meant that it's not an acceptable alternative to VPNs.
* Geoblockers - Much media content is blocked based on geolocation, specifically geolocation based on your IP. (Netflix, Youtube, etc.)
* IP blacklist - I know a few people that have inherited a blacklisted IP simply through unlucky ISP IP allocation.
* ISP logging - So not a hostile ISP, but one that actively tries to log your data. (If you live in Europe, this is almost definitely happening. Apparently in the US ISPs even sell this data.)
* Speed - A few people report being able to get a faster network connection. (I'm not entirely sure why this is the case, but I can imagine there being edge cases where this is possible.)
Setting up your own VPN is NOT solution to every problem mentioned here, especially if you want to switch server location on a whim or are not technically minded.
This also happens in Oz, the government scrapes all ISP browsing metadata. I can't wait to see what happens if/when that data leaks. I'll keep using a VPN thanks.
We can guess: denial, distancing, some weak laws and then nothing. Nobody _ever_ goes to jail. I imagine the five eyes are all sharing this data too.
It's only a matter of time that all data is eventually leaked, in the same way that all things eventually die. Sure, some good eating and exercise slows the process in the same way good security practices does, but eventually a mistake will be made.
This is again why the web needs to get itself decentralized, it'll be faster and securer. We'll get there eventually.
That's a bit unfair. Surely there will be a statement about how seriously they take our privacy, too?
Home - US, dynamic IP but unchanged in a year: nothing.
Colo - US, static IP for 5 years: 7 things I haven't downloaded and can't find any history of on my disks or backup software.
Seedbox - EU, static IP for 3 years: nothing.
Home probably has <12 downloads, the other two should have thousands from various sources.
Sure, you're always trusting a VPN at their word that they don't log, the above gives a detailed analysis of which ones you probably shouldn't trust. You can always host your own: https://github.com/n1trux/awesome-sysadmin#vpn
You can also VPN chain (l2iptables), tunnel over TLS, etc. That gist post is pretty dumb imo
Certainly most readers of github are technical, but that doesn't necessarily make it less suitable for non-technical people.
Well, I had Apache misconfigured just long enough to get picked up by one of these apps. For years afterward, my server logs were chock full of attempts at logging into various accounts via HTTP. I seriously had thousands of Yahoo! username/password pairs just sitting in plaintext inside my server logs.
Hmmm? If you don't have record of it, the courts don't do much, at least in the US. If they subpoena you, and you don't have logs, nothing ever comes out of it. Outside of fines and things of that nature.
> The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over.
How do you think insurance works, or why airlines habitually overbook?
A trivial word problem if you will:
If you had 10,000 users, you were subpoena'd and only 100 users did anything worth prosecution, that's what. For one lawyer, drinking a $10 coffee (or two $5 dollar) every week day for a month. that's 20 days, $200 a month. $2,400 annually. Assuming in this example only 1% of your users need defending, that's 99% of your coffee budget you don't have to worry about! For 10,000 users, a yearly subscription pulls in about $1,200,000 (we aren't doing any adjustment for taxes and all that garbage). If 99% of your users are behaving themselves.. or at least not doing something bad enough for the courts to take notice (which in the digital age, things like piracy are white noise) that means you still have $1,188,000 to help you in those, typically blanket cases (i.e. a court case in which 20 of your users were downloading illegal movies, and MGM got really upset). Since if you aren't logging, these infractions are dealt with in aggregate usually, since it can't be quantified. So number of lawsuits < bad users.
That's not bad, if all your lawyers needed was coffee monthly, then you could support, with 99% of your users cash, 495 lawyers coffee for a year! more than enough coffee to defend your business. Don't forget you can still use the "blood money" you got to buy them coffee!
The basic principle behind my oversimplified, and somewhat tongue-in-cheek example was to remind you that insurance is a lucrative business. I wonder how they survive if your monthly cost for liability (up to $500,000) isn't $500,000 per month!?!
> Your IP address is a largely irrelevant metric in modern tracking systems.
I don't believe this for one second.
Your IP address on its own is not sufficient to identify you. That doesn't mean your IP address is not helpful in identifying you.
On top of that, if you're targeting me and do a geo-location of my IP address, it will get you within 5 miles of my house. That's close enough that you'll know which county I'm in, which with a few other easily-obtained pieces of information will let you pull up my voter registration, which will give you my exact street address.
Of course, you could mitigate this by setting up your own VPN on something like Linode, but unless you're regularly rotating IP addresses, you've just traded a pseudo-identifier that multiple people/devices share for a persistent identifier.
This argument comes up all the time, and I have never heard anyone explain it in a way that passes my sniff test. If you want me to stop using a VPN, you need to do a lot better than just claiming that IP addresses don't matter -- you need to show some kind of evidence to back that up.
Broadcasting your IP address to every website you've ever visited is a completely valid concern that gets hand-waved out the wazoo whenever this subject comes up.
I've sent bug reports to sites that publicly tied IP addresses to comments/accounts so anyone could track your movement patterns over time. Yes, that info can be useful to an attacker trying to deanonomyze you. Yes, that info can be used to link users together. Yes, that info can be used to narrow the pool of potential visitors so other fingerprinting techniques are more powerful.
It is blanketly ridiculous to claim that an approximate county-level geolocation isn't a useful data-point to attackers. If IP addresses weren't useful, the Tor project wouldn't be going to such lengths to hide them.
This actually happened to me. I'm using a persistent VPN (50% to access my private infrastructure and 50% because I have a hostile ISP).
I mostly don't use any Google services (maybe one google search a month and the occasional google map search but I avoid when I can) and I was very surprised when once I did a google search and saw my postal code at the end of the page. The IP address was for a VPS (in the same city but with a different post code). I found it unusual but didn't pay too much attention. A few months later I moved places (different post code) and after a while google had my new post code at the end of their search page. That's when I found it troubling and assumed that a family member's iPhone was using Google Maps and based on the 'directions' usage they figured out that that IP address has a home address for those GPS coordinates.
(The iPhone in question is reasonably 'hardened' with background updates off and location services only 'when app opened' and disabled for most system services).
That was the only plausible correlation between IP address and location google could have done automatically - neither I nor the said family member no longer login to old google accounts we had many years back.
That's when I started rotating IP daily (which is trivial in my case as I use lightsail, I issue a shutdown from a different server and then a power on, AWS rotates the IP automatically out of a very large pool - so far I haven't gotten the same IP twice).
The only problem I have with lightsail is that I often get a 'dirty' IP so I rotate 4-5 times before getting a good one (I test this by going a curl on a website that sends google captcha on dirty IPs but lets the 'good' ones straight in).
The article lists several reasons to use VPNs but isn’t the biggest one these days simply to circumvent geographical content limitations for online services such as video streaming? Nearly everyone I know has used a VPN service at some point, and if you asked any of the non-technical ones what it is they might say ”a think that lets me watch the game broadcast when I’m in another country”.
People want proxies and the VPN providers provide VPNs that work like proxies. I can’t really see the downside to using the VPN as a proxy?
There's no point in privacy without access.
On-prem VPN deployments with solutions like AlgoVPN from TrailOfBits is still very useful. Let alone mass majority of the the corporate IT's internal VPNs that is required for some workforces to perform their jobs remotely on public Internet.
That's the exactly the misnomer that the title didn't do justice. Of course you MUST trust VPN in order to make sense of using it. The differentiation is whether that VPN is some 3rd party manage it or you manage it on your own. With 3rd Party VPNs you have no idea how they setup it and no transparency how they secure the VPN node. If you manage your VPN node on your own, you have full control what algorithms and configuration you are using and you pick the right node in an "secure" environment, all are risks factored into the big picture.
No, it's the exact same situation. Or do you happen to know exactly how whatever hosting provider manages the server you're using? They can be trusted exactly as much as VPN providers. There is no real security once you're using systems that you don't own, but there are benefits to using a VPN that can't be realized if your name is on the box.
It's not exactly the same. In the case of cloud providers, you know what you are getting into and mostly having the freedom to setup your own VPC, your VM image, your firewall, even secure boot/TPM stuff, etc.
As far as the data security goes, many Cloud vendor provide data encryption at rest with your own keys (Of course data security in transit for a VPN, that goes without saying). This is even MORE true for Corporate ITs since they own and operate their own data centers and hardwares too (even with popular trend cloud computing migration).
Just think about it, if public cloud vendors can get government contracts (DoD/CIA/NSA), then they can ensure security at a high bar. But keep in mind that security is NEVER an absolute term, so your argument to me are moot.
This is demonstrably false; look at any VPN provider that was subpoenaed and unable to produce documentation.
This is a tautology. If you use it as a proxy, then its a proxy. VPNs arent for this, and so are bad at it.
VPN use case is either to securely leave a network (hotel Wi-Fi, airport wifi) or to securely get to a network (home resources, corporate resources). If you want a proxy, find a proxy.
I side with the author on this one, a virtual private network is meant to mean multiple private devices on a single network segment virtualized over some transport. Using it as the place you connect to to shove your internet traffic through a relay definitely fits the secure proxy use case/definition way better.
I think you mean that you shouldn’t think of a VPN as an anonymous traffic tool like they advertise.
It's doesn't take a logical leap to infer that a company whose entire purpose and business model is to provide anonymization as a service is less likely to sell out its own customers than the ISP's.
Yes VPN's can log despite claiming they don't. But the well known ones are highly incentivized to do as they claim because lying would destroy trust and would ultimately destroy their business. Governments are also more likely to target giant national ISP's than some VPN provider whose servers are in some very liberal and consumer leaning countries outside the US. Also securing your own VPS on the internet and managing it without getting pwned is well outside the expertise of most people and is probably not recommended.
Second, your VPN provider could be in a different country, and that would make data mining your traffic slightly less interesting to them. It'd also make data acquisition via subpoena of some sort from your country slightly more bureaucratic.
Third, if you have reservations about your VPN provider, you can just cancel your account and go to a different one. Changing VPN providers takes 5 minutes, while changing internet service provider can take months, or in some cases might not even be possible.
Most people use VPNs to get out region restrictions.
These are getting more and more common due to local governments making laws that affect the whole internet - think GDPR - that individual site owners do not want to abide by so they block IPs. VPNs solve this very real problem for those still wanting access to the content.
They're also used for subverting content region licensing. For example, with Netflix.
But the connection is not very stable to say at least, it sometimes drops to zero (but recovers quickly).
So when should I use a VPN?
3. To watch US Netflix in <insert non-US country>.
I need to ssh back to my laptop frequently because of some annoying restrictions with a service provider I use (heroku). I _can_ do shenanigans with ssh tunneling on a publicly accessible server I control - but it’s actually pretty annoying to work that way in my scenarios.
I’ve tried a few vpn services that offer “static ips” but the services I’ve tried filter inbound connections to that ip ... does anyone know a good vpn service that can effectively gives me a public IP address so I can make inbound connections to my developer machine while I’m random shitty coffee shop WiFi ...?
Disagree. It is always easier for the legal team to say, “sorry we don’t store the logs” as a way to absolve themselves.
* Remote Access VPN: Connect to resources on your corporate network. An example of this is you're in a coffee shop on holiday and need to access a corporate resource.
* Site-to-Site VPN: Connect networks on two sites together. An example of this is you're in a branch office and need to connect to a resource in HQ.
Note that VPN providers give you a limited Remote Access VPN to their network, which they control. They can do whatever they want to your now-decrypted traffic before they send it out to the internet. If you want to obfuscate your traffic, Tor is a better candidate.
The article does say it's OK to use VPNs for accessing internal networks, but that wouldn't be a VPN "service".
I really value not having to constantly leave my phone on, blasting my location to anyone who cares to ask.
(I self host my VPN, so I'm fairly confident the provider isn't going to jeopardize their entire business model to add extra analytics. Sites I visit get the IP of the VPN, and conversely my ISP sees my traffic going to a random server in Denver. It's win-win.)
I use Tor if I want anonymity.
If the VPN provider has been ordered by a US court to produce log information, and they have appeared in court responding that it is not possible for them to do so as such logs do not exist, and the court has accepted this as true, that is adequate 'proof' in my eyes. It is something which puts them in the position of being extremely legally liable for in a way that advertising 'no logs' does not, since prosecution for false advertising is a joke.
He ran a series of tests comparing latency and throughput of directly visiting sites on his home Comcast connection, vs. the VPN. Generally, the VPN was significantly faster.
I wasn't entirely surprised by this. Our facility had multiple high quality connections (Level-3, InterNAP), and one of those traffic optimizers that would add intelligence beyond just BGP.
It is sometimes as much as 26ms to the first hop after my router, though, which is pretty amazing. That's enough time for light to travel 5000 miles.
I've also had edge-cases where I need to obscure my country of origin. For instance, I couldn't stream Game of Thrones via Hulu/HBO Go this Summer while in Mexico. For some reason, Mexico is blocked. My VPN solved that.
For security? It's unlikely to help unless I am on an unsecured wireless network or something like that. Good read nonetheless.
Today, if you change you DNS to another resolver, your IPS won't bother because majority will not change and you can pass under their radar.
With DoH, IPSs will be forced to log filtered/mapped IP requests so they can keep doing whatever they're doing today with DNS queries.
So, when DoH matures, IPS won't see your DNS queries but it won't matter for them any more as they will be seeing all other requests
I know this is not a popular stance on HN, but ipv4 has built in casual anonymization, whereas ipv6 had built in casual identification. Both systems are defeatable, but what bothers me about ipv6 is that the invasion of privacy is the default.
Coincidentally, Google, Facebook, et all are pushing ipv6 very hard.
Just try to use a very random username and password, payment can set to pay as a VCC or one time method.
One of these markets involves competing on security and privacy. One of them involves colluding on influencing FCC policy.
So even if a particular VPN provider is inept or corrupt, my expected return on the investment is higher than trusting TWC.
one of the points raised in the article is that it's difficult to evaluate whether the VPN actually follows its logging policy. if they say they don't log, you pretty much have to take their word for it until information to the contrary somehow goes public. it's entirely possible that LE could be using a VPN as a honeypot and forcing everyone they catch to stay quiet through a plea deal. you'd never know until someone broke ranks. the VPN company could just as easily log your traffic and sell your usage data. unless they're sloppy about it, how would you find out?
Figure it out.
That is an extremely US-centric view.
Aside from that, physical ISPs have something to lose, as they have a very real infrastructural investment; whereas becoming a "VPN provider" literally does not entail more than "rent a few servers, run OpenVPN, buy a billing system license, hire a marketing guy".
It's entirely viable for a VPN provider to just disappear overnight and set up shop under a different unrelated name at virtually no cost to them, if their old brand gets burned. That significantly changes the trust equation, and not in favour of VPN providers.
Unless they're a (natural or artificial) monopoly, like... pretty much every ISP in North America is. Comcast has the reputation of, well, Comcast, and they're doing just fine.
> Becoming a "VPN provider" literally does not entail more than "rent a few servers, run OpenVPN, buy a billing system license, hire a marketing guy".
Yes, that's a good thing: it means that VPN providers, unlike telcos, are under selection pressure. Which means that for VPN providers, unlike telcos, reputation actually means something; the top VPN provider is striving much harder for your dollar than the top telco is.
Certainly, don't pick a VPN provider at random, but you wouldn't anyway.
Once again, that is an extremely US-centric view.
> Yes, that's a good thing: it means that VPN providers, unlike telcos, are under selection pressure. Which means that for VPN providers, unlike telcos, reputation actually means something; the top VPN provider is striving much harder for your dollar than the top telco is.
Except that isn't how the industry works, at all. Virtually all "reputation" that VPN providers have originates from paid product placements (see: the myriad "VPN reviews" that are chock full of affiliate links, YouTube ads, etc.), and providers are assumed legitimate unless shown otherwise by default.
This means that said "reputation" is 100% reproducible under a new brand without ever having a single long-term customer vouching for you. There's no competition on quality; the competition is on marketing only.
Exactly why the industry has turned out that way and doesn't follow the "competition breeds quality" narrative that people on here love to put forward, is left as an exercise to the reader.
It's a Canada-centric view, for me. :)
But seriously, does anyone care about VPNs outside of North America? Why would you, if your ISPs aren't awful? Do most VPN services even bother to advertise outside of the North American market?
> This means that said "reputation" is 100% reproducible under a new brand without ever having a single long-term customer vouching for you.
Why pay attention to word-of-mouth reputation, when survival under competitive pressure is a much more objective signal of reputation of its own?
If the bad actors need to restart with a new brand every few years, then why not just look for the oldest brands around (who must therefore have done this the least), and then sort those by the number of negative news articles you can find about them (which should exist, given that they haven't laundered their brand-identity much)?
It's the same thing you do to figure out who to order from on AliExpress: look at who's put themselves out there the longest while doing active business, without accruing negative ratings in the process.
Or, as well, it's the same thing you do when deciding whether it's worth it to try out a new restaurant in your neighbourhood: you give it a few months, and if it's still around, then it's probably good.
I can think of a few prominent counter-examples, those being sold by security vendors. I run Freedome because I trust the people behind F-Secure to be doing approximately the right thing.
I'm an Australian citizen living in NYC. If you think Telstra behaves any better than the lot over here you may be in error.
So I guess that makes my view Pacific-centric.
Would there be any benefit in using a number of VPS round robin style? I've got access to a handful...
Not that it matters - fortunately my traffic isn't all that exciting
I also feel sharing an IP with many other users adds to the level of anonymity.
You could set up a local resolver to NXDOMAIN specific IP address replies. Dnsmasq has an option for this. Regarding Squid, what makes you sure your VPN services doesn't do the same?
> I also feel sharing an IP with many other users adds to the level of anonymity.
Can you explain how you feel this adds anonymity? There is still potentially a record of you using that shared IP at a certain time to do a certain thing, so what is your threat model in which the VPN helps anonymity?
Anonymity is actually pretty hard...
And also what exactly would be their incentive in building up their infrastructure to facilitate this logging, do you have any idea how much storage space each VPN node in their network would need just to log everything?
And even if they were to log everything you are still sharing a IP with hundreds of other people making you less identifiable to at least the websites you are visiting.
Mozilla tests Firefox VPN service to help protect your privacy https://www.cnet.com/news/mozilla-tests-firefox-vpn-service-...
You certainly shouldn't be running your own VPN either, because that would be much easier to track, seeing as your traffic isn't mixed in with that of others.
Those of us in free democracies have little need for VPN providers. For those who do not, I'm not sure that I'd trust a VPN provider how targets gamers via YouTube ads.