Sadly, they just have a stock response to everyone emailing which is grating.
> Thank you for contacting PIA Customer Support.
> I would like to start off by stating that there are no changes to the service, policies or principles you have always loved, this includes our very strict no-logging policy.
> The decision to join forces with Kape Technologies was not one that was taken lightly, and it was a decision that came on the back of extensive dialogue and due diligence by both the parties in the transaction, and I’d like to touch on some of that.
> Private Internet Access always has, and always will, put privacy first. Privacy is a fundamental human right as enshrined in the United Nations Declaration of Human Rights, and one that our entire business has been built around. Our commitment to the privacy of our users, and the global population at large, is one thing we would never compromise on. Privacy is bigger than you and I, privacy is bigger than PIA and Kape. Privacy is an absolute necessity to protect and safeguard life for a substantial proportion of the world population.
> At Private Internet Access, we want to continue fighting for privacy, against censorship and oppression and for human rights in general. We want to protect the next three billion people connected to the internet. We want to see world economies improve in line with people receiving unfettered access to information. We want to contribute to ensuring that people can engage, become empowered and educate those in their communities for a better global society for all. We believe in the power of people and we have hope, hope for the future. A global future in which we all have the same access, the same rights and the same opportunities.
> And, in partnering with Kape Technologies, we believe that we will be better equipped to continue fighting for the digital liberties of today and tomorrow. Through lengthy conversation and mutual commitment, Kape Technologies and Private Internet Access have agreed to codify some guiding principles going forward.
> These guiding principles can be found at http://investors.kape.com/about-us and I also include an excerpt here:
> 1. Zero Secrecy – openness as a guiding force – we believe that an organization cannot ensure privacy for others without being open and transparent itself.
> 2. Zero Reliance – we remove the need for you to trust anyone with your personal data by ensuring no one has it, including ourselves.
> 3. Zero Data – sanctity of personal data – we believe each individual owns his own data therefore we will never store or attempt to sell what does not belong to us.
> 4. 100% Customer first – we believe that all decisions should be made with the end user in mind, while maintaining profit as well as building a sustainable balance between social, environmental and economic profit.
> 5. Zero Theater – what you see is what you get, we tell it as it is and deliver on what we promise to achieve.
> 6. Zero Tier – net neutrality – we believe that all connections and data should be treated equally and without manipulation.
> 7. 100% Honesty – we will say it as we see it, straightforward and direct.
> 8. Zero Sidelining – life purpose – this is not a passing phase, this is our mission and we are determined to stick to it and overcome any obstacles which comes our way.
> Going forward, Private Internet Access and Kape Technologies will be bound by these eight guiding principles in absolutely everything that we do. We are not selling out, we have not come to a crossroads and decided to take an entirely different direction. We are growing. We are becoming stronger, and together we will continue fighting for a just world for you and I, and for those who come after us.
> What we will do is use this opportunity to further our work to develop and promote better privacy and security tools, and further our commitment to and involvement in human rights and digital liberties as we continue to empower each other and those around us.
> Our founder, Andrew Lee, has written a blog post explaining his decision to sell the company and how it impacts our mission going forward:
> Give us the time to prove to you that we remain as serious and committed to the cause now as we were before, and join us as we break down barriers and unite across borders. We have your back today as we have for every day since our inception and are confident that We will not let you down!!
I'd also like to point out that in PIA's TOS they have no obligation to attempt to tell users of changes to the TOS or privacy. They expect us to watch for changes.
... they're often lying. In particular, servers in exotic locations are almost always the result of "creative" routing, and are physically located in a more standard country.
Due to IPv4 shortage, we're actually seeing a lot of chinese and european companies buying IP addresses in AFRINIC space, from african ISPs, and using them in their own countries.
If your threat model is such that you're concerned about TLAs or state-level actors targeting you, you're already in a world of hurt.
If you are under the mistaken belief that the VPN provider is anywhere near as conscious of your security as you are, you're already living a bit of a fantasy.
So the answer to your question is that it's not really possible to think that they're ultra-secure, but that ultra-security was never what they were selling.
A big part of security is your relationship with the people providing you hosting.
The compromises to nordvpn and others came from a rogue hosting company, for instance.
It’s relatively easy, not to mention cheap (less than $10 per month) to spin up a streisand (0) instance and protect myself that way. As long as I keep my traffic encrypted, I can keep most / all of the vultures away that I’m concerned about.
Happy to walk anyone through it. Takes less than 30 minutes and it just works.
Edited to add link. Second edit to change reference # typo.
1. Encapsulate traffic on the way from your machine through the first few hops of your Internet connection.
2. Shield your identity from third parties trying to discover it, through technical or legal means.
3. Provide a bottomless pit for disposal of DMCA complaints and other nastygrams.
Your solution covers only purpose 1, which is becoming increasingly irrelevant as almost everything uses HTTPS, and DNS-over-HTTPS and Encrypted SNI is coming.
First of all, you missed one thing that is really one of my primary concerns. I hate the idea of my ISP working with other ad surveillance companies to track and sell MY data about mine and my family’s and friends’ online activities.
Having a VPN stops that part of the surveillance machinery from working as intended. Combining that with pihole and other tools allows me to disrupt (at least a little bit) the business of the internet that I hate so much.
Also, Tor and other tools (all part of the same solution above) address #2 to the degree I need it addressed. And I am currently not worried about #3, but with the decentralization of streaming services, it won’t be long now.
I think your most common reason for using a VPN would be very different based on living in Russia, Sweden, USA and China.
It was recommended by privacytools.io in an article a few weeks ago as being one of the few sites that don't take money from vpn providers to list them.
It you want real anonymity, use tor. If you want to change your internet access location, lease a VPS, and set up OpenVPN/Wireguard on it.
The investors of Proton Technologies AG are also public information, and they include FONGIT (a Swiss non-profit foundation supported by the Swiss government), CRV (private investment firm best known for their investments in Twitter, Zendesk, etc) and the European Union, who collectively have a minority interest. Actually, the European Commission doesn't have a financial stake as their funding is non-dilutive. Whether or not these entities are shady is a matter of opinion of course, but these are all well-known public entities.
ProtonVPN was also extensively checked by Mozilla before they partnered with us last year, and they also checked into this, details here: https://blog.mozilla.org/futurereleases/2018/10/22/testing-n...
Is the current and recent government of Israel known for highly funded hacking operations (stuxnet), misinformation (palastine), or general shadyness (Bibi)?
(Previous comment generalized to all isralis, presumably due to their military service requirement, but that does not honestly reflect on the individual citizen or resident. )
And many people have a similar mindset, so it's understandable to report this information, and make consumer choices based on it.
That said, Israel should probably consider solutions like other countries with mandatory military service have, e.g. in Germany (until it stopped being mandatory) it was possible to avoid military service by spending the exact same time instead working in social services, e.g. hospitals, daycares, retirement homes, etc.
Of course using SELinux or TOR, or Intel products is something that’s hard to avoid, but one shouldn’t trust blindly.
I guess it depends on your definition of "much better", but for roughly the same definition you'd need to use to make that statement, you could also make it about Google and Facebook. And note that we're not talking about Israeli intelligence; we're talking about people who, when they were in their late teens and early twenties served, like a big portion of tech workers in Israel, did their mandatory service in a military intelligence unit. I know it's hard for people not familiar with it to understand, but most of these people don't have contacts in intelligence, as the personnel circulation in those units is very high -- almost everyone is just serving a few years for their mandatory service.
Would you trust Google or Facebook to run a VPN? No, I don't trust them at all. I only use them in the most limited amount necessary, and only entrust them with data which is already public.
I self-host everything else, because I don't trust them at all.
The same applies here, it doesn't matter if you call the people spy or not, VPNs should not have any association with intelligence services.
About half of my coworkers in Israeli game development companies have served there. Some wrote custom linux kernel modules, most did very low-level QA work, and in general had more or less the same skillset and level as any other coworker. Of course, they probably worked close to Stuxnet developers, but calling a typical kid, just out of his mandatory military service, a "spy" paints this in a completely different light.
Edit: Sorry, I meant prequel thread as they're related but not the same.
This article centres around the details pertaining to the company's operations in and around 2016 when it launched the Crossrider malware as well as the founder's former employment with Unit 8200 (Israel's IDF Signal Intelligence operations unit).
For piracy it's cheaper to setup seedbox.
A close counterexample: the Japanese guitar manufacturer ESP was forced to stop selling worldwide and producing MX-250/MX-2 models which exactly copied the shape of Gibson's Explorers (court decision and an agreement IIRC), but anyone can still order one in their Custom Shop with the restrictions of making an order by sending a letter with order form and paying from inside of Japan as well as picking it up from the factory (no delivery services). All of that because they can still sell them in Japan and by client's specification.
Now I have to spend the next week researching VPN providers.
They did not.
They have not.
They cannot be trusted.
please donate if you use it
Ha! After discovering that PIA runs a background process I posted that they were one evil change of ownership transaction away from fucking everyone.
Looks like they were way ahead of me.
When I google CrossRider I virtually only get hits from various anti-malware companies, including Microsoft.
Our product (TipRanks) brought financial accountability to the market and it was a paid product. Our business model was just plain SaaS. While I am no longer there I think it's a decent and mostly honest company
They fixed it pretty soon. It was also a motivation to drop IE support (and crossrider) but we were mostly happy with them.