Consider using ProtonVPN if you’re not sure about which. Their incentives are at least aligned with you vs shady folks and governments. Just be sure to use the jurisdictions that don’t cooperate a lot with the U.S.. Traffic will be slower but less odds of secret warrants.
Mullvad is very well reviewed on That One Privacy Site, and that review was one of the reasons I decided to use it. I’ve been using it for about a year now without problems and without ever giving them any real information about myself.
I’ve never tested it, though I’d like to – they claim that you can mail them cash and they’ll convert it from whatever currency you send and credit it to the account you specify (which is just a number). Given that almost any service will require an email (they don’t) or a credit card (which prepaid cards can get around) or paypal (…), this is a pretty good sign.
Are the search stats in the article true? What are people using these VPNs for? Only time I ever need to use a VPN is to connect to my work’s network from home.
I have a handful of friends overseas, and they use VPNs to dodge government filters (e.g. Telegram/FB services being blocked by governments).
Personally, I just use it when I’m connecting to dodgy wifi (e.g. free airport hotspots). Additionally, for some reason youtube doesn’t work on AT&T LTE for me, so I use it for that.
There’s also the ‘privacy’/‘security’ theme that these VPN services advertise, maybe many people just install the first VPN app they can find because it says it’ll protect their privacy.
I have a LowEndBox instance running OpenVPN. I use it as an (admittedly feeble) way to reduce the ease with which my ISPs (and hence intelligence agencies) can monitor my internet usage.
Not to pick on you specifically, but a few people have mentioned hiding from their ISP, but that seems specious. Is there reason to believe your ISP wants to monitor your internet usage any more than LowEndBox wants to monitor your usage? Don’t you already trust your ISP with your real life identity, home address, credit card number, and (probably) SSN?
And unless you’ve gone through the trouble of doing offline key exchange or something like that, can’t your ISP MITM your connection to the VPN anyway?
ISPs are the easiest entry-point for your government to perform bulk surveillance, so they are quite likely to pass on traffic flows. LowEndBox are likely to pass on traffic flows to their government, but as long as that’s a different one it’s far less of an issue.
ISPs are also allowed to sell your traffic flow data for advertising in many parts of the world. LowEndBox could, too, but they would have very few users and much less information about who they are, so it wouldn’t be very profitable.
The ISP could also MITM connections, but that’s rather more expensive and much more likely to be discovered (by eg host key verification).
Yes, my ISP has my identity, which is one of the reasons why I’d like them to not know absolutely everything else about me. My ISP is also under the legal influence of my government, whereas my VPS host is not (directly). It’s far from foolproof, but it (should) minimise the amount of data that is passively collected. I have no doubt that if I were actively targeted for monitoring, it’d all come apart without much effort.
I’m not sure about MITM. The key was generated on the VPS and transferred via SSH. How would a MITM attack work? (That’s a genuine question - I’m happy to be educated).
It really depends on the country in which you (currently) reside.
I lived in many countries around the world and, aside from avoiding being tracked (which is a fair point), several countries block a whole range of websites, for instance:
Vietnam: any wordpress website is not available (due to a ban on it after it was used to ‘attack’ the communist party)
Japan: certain porn
Turkey: pretty much all porn
China: pretty much anything popular non-Chinese
India: teamviewer doesn’t work with most ISP I tried
And then you have countries in which they might not advertise that they are blocking certain things but visiting certain websites with certain keywords might make you go on a list.
So, there are real reasons to use a VPN. Btw, being a ‘modern’ developer in China is extremely difficult without a VPN (usually just connecting to HK).
I find this site helpful when looking for a new VPN (though they are not free): https://thatoneprivacysite.net/vpn-section/
Consider using ProtonVPN if you’re not sure about which. Their incentives are at least aligned with you vs shady folks and governments. Just be sure to use the jurisdictions that don’t cooperate a lot with the U.S.. Traffic will be slower but less odds of secret warrants.
Mullvad is very well reviewed on That One Privacy Site, and that review was one of the reasons I decided to use it. I’ve been using it for about a year now without problems and without ever giving them any real information about myself.
I’ve never tested it, though I’d like to – they claim that you can mail them cash and they’ll convert it from whatever currency you send and credit it to the account you specify (which is just a number). Given that almost any service will require an email (they don’t) or a credit card (which prepaid cards can get around) or paypal (…), this is a pretty good sign.
I didn’t try the mail-them-cash option, but rather paid in bitcoin, which was straightforward enough.
Consider reading the original, full report.
I couldn’t but wonder if, like 80% of stats, including this one, the numbers were made up on the spot.
Are the search stats in the article true? What are people using these VPNs for? Only time I ever need to use a VPN is to connect to my work’s network from home.
Am I missing something?
I have a handful of friends overseas, and they use VPNs to dodge government filters (e.g. Telegram/FB services being blocked by governments).
Personally, I just use it when I’m connecting to dodgy wifi (e.g. free airport hotspots). Additionally, for some reason youtube doesn’t work on AT&T LTE for me, so I use it for that.
There’s also the ‘privacy’/‘security’ theme that these VPN services advertise, maybe many people just install the first VPN app they can find because it says it’ll protect their privacy.
They are helpful for hiding traffic/metadata from ISPs and governments which have influence over those ISPs.
A lot of people use VPN’s to stream overseas, pirate software, and of course privacy.
I have a LowEndBox instance running OpenVPN. I use it as an (admittedly feeble) way to reduce the ease with which my ISPs (and hence intelligence agencies) can monitor my internet usage.
Not to pick on you specifically, but a few people have mentioned hiding from their ISP, but that seems specious. Is there reason to believe your ISP wants to monitor your internet usage any more than LowEndBox wants to monitor your usage? Don’t you already trust your ISP with your real life identity, home address, credit card number, and (probably) SSN?
And unless you’ve gone through the trouble of doing offline key exchange or something like that, can’t your ISP MITM your connection to the VPN anyway?
ISPs are the easiest entry-point for your government to perform bulk surveillance, so they are quite likely to pass on traffic flows. LowEndBox are likely to pass on traffic flows to their government, but as long as that’s a different one it’s far less of an issue.
ISPs are also allowed to sell your traffic flow data for advertising in many parts of the world. LowEndBox could, too, but they would have very few users and much less information about who they are, so it wouldn’t be very profitable.
The ISP could also MITM connections, but that’s rather more expensive and much more likely to be discovered (by eg host key verification).
Yes, my ISP has my identity, which is one of the reasons why I’d like them to not know absolutely everything else about me. My ISP is also under the legal influence of my government, whereas my VPS host is not (directly). It’s far from foolproof, but it (should) minimise the amount of data that is passively collected. I have no doubt that if I were actively targeted for monitoring, it’d all come apart without much effort.
I’m not sure about MITM. The key was generated on the VPS and transferred via SSH. How would a MITM attack work? (That’s a genuine question - I’m happy to be educated).
It really depends on the country in which you (currently) reside.
I lived in many countries around the world and, aside from avoiding being tracked (which is a fair point), several countries block a whole range of websites, for instance:
And then you have countries in which they might not advertise that they are blocking certain things but visiting certain websites with certain keywords might make you go on a list.
So, there are real reasons to use a VPN. Btw, being a ‘modern’ developer in China is extremely difficult without a VPN (usually just connecting to HK).
In many countries, porn