1. 15
  1.  

  2. 8

    You should always assume this is the default business of VPN providers unless you’ve personally verified the integrity of their operators. What customers pay is a bonus. :) Then, you should assume hackers of all types are getting the data unless you’ve confirmed they have strong INFOSEC practices. Then, you should assume the local government is officially or unofficially getting some amount of it unless they operate all their servers in a privacy-friendly jurisdiction without secret courts or anything like that.

    Wow, suddenly most of the VPN’s don’t seem so appealing. ;)

    1. 3

      This is my one concern with VPN providers. It’s about trust. Unless I pay a reasonable amount per month, I would expect a business to find other influx of income to offset their costs (and/or, you know, make more money, because that’s essentially what businesses do).

      With that in mind, how do you trust a VPN to protect your traffic? Short of hosting one yourself (preferably on a computer you physically own in a locked box, in a vault, underground, with armed guards, automated face-recognition-enabled turrets, attack parrots…)

      VPN-as-a-business, to me, is shady AF.

      1. 3

        With that in mind, how do you trust a VPN to protect your traffic? Short of hosting one yourself (preferably on a computer you physically own in a locked box, in a vault, underground, with armed guards, automated face-recognition-enabled turrets, attack parrots…)

        Depends what you want your traffic protected from (‘security’ is meaningless unless it’s security against some outcome).

        I trust AWS staff vastly more than I trust my ISP’s staff, but they are still gonna hand over my details to the government if they get a warrant (and perhaps even without one).

        1. 1

          Even if you pay that reasonable amount p/m you still can’t be sure.

          Hosting your own VPN solution is the best approach indeed. Use your monitoring tools to verify that traffic goes as it should and you are probably on a good path.

          It would be nice if you could earn some time and pay for a good VPN service that you could trust but this is far from true.

          1. 3

            Selfhosting a VPN just shunts the issue to a different ISP, right?

            If I host a VPN on AWS, Comcast can no longer see my traffic but Amazon can.

            1. 1

              Self host in Elbonia.