New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This is the biggest misconception here. What provider? What makes you think that some Azneem Bilwani (that's just random example) or someone operate VPN service for you, to make a business, and not for his government?
You don't know who's really behind what's the purpose of his (if it's really his at all) company.
Let me give you one example - not from VPN world, but in principle pretty much the same:
https://www.vice.com/en/article/m7e733/anom-fbi-andrew-young-encryption-honeypot
I know Azneem, he's a nice guy.
I agree, really nice guy. He was a waiter before and now he's a CEO of several companies, right?
j/k
I don’t seem to get my point across
@Altes @Mumbly
It’s impossible Mullvad has a habit of giving the police data, the fact that police would have history data on Mullvad used regularely would catch up with the community, maybe not right away, but it would
So them giving away stuff left and right is not realistically possible, it’s just not
Now, the alternative, as said, is ZERO privacy. ZERO, legislated ZERO - by law ZERO
It’s hard to argue logically that you’d be better off definitely having nill privacy compared to maybe, just maybe, be a client of a compromised VPN operation
It makes zero sense, from a logical standpoint it’s just not an argument that can be made
@emgh can you forget about Mullvad? No one talked about one specific company.
btw. I updated post above.
Why would I?
Joe is allowed fo mention specific examples of bad VPNs but I’m not allowed to mention specific examples of good VPNs?
By the way, I just read the article and to really embrace the philosophy I won’t lock my door anymore since someone could have put a key duplication kit in my keyhole.
Because it's completelly irrelevant for the discussion. Ok, you can vouch for your local vpn company (but can you?) that they are clean and don't spy after you, but can you vouch for the other 20 or 30 vpn companies around the globe?
I never said anything like that. Even @joepie91 never said that VPN can't have some use - knowing potential risks with common sense of course.
Fun fact: Joepie91/92 was active in the Lulzsec IRC -- as shown in the Lulzsec leaked chat logs here: https://www.theguardian.com/technology/2011/jun/24/lulzsec-irc-leak-the-full-record.
Jun 01 03:19:41 joepie92 >LulzSec LLC
Jun 01 03:19:42 lol
Jun 01 03:19:47 Topiary what does he sound like?
Jun 01 03:20:02 lol a looser
Jun 01 03:20:04 lol xD
Jun 01 03:20:10 lol just say you are media
Jun 01 03:20:14 lol and you found the domain
Jun 01 03:20:20 lol and you'd like to interview him
Jun 01 03:20:27 lol feed his need for attention
Jun 01 03:20:30 lol
Jun 01 03:20:30 joepie92 big potential for lulz is big
Same one Marshal Webb from Path.net was active in
@emgh @treesmokah
I bet he used a VPN when he was engaging in Lulzsec activities.
No, some are shit
Actually, most are shit
Shitty resellers obviously selling data
It probably takes at least 80 IQ to filter the shit from the good
But uneducated users paying loads for a VPN selling their data isn’t a concern of mine, my concern is protecting my privacy
If anything Joes argument is really contradicting because he brings up how well reported it is that HMA isn’t very private - isn’t that really good?
His point is that they’re still used, and to be frank it’s a shitty point, because why would anyone care?
Investment firms realising that VPNs are a great business and offering shitty services don’t stop Mullvad from offering good services
The biggest web hosts are shitty
HMA is like GoDaddy or HostGator
Since when would we not buy good quality web hosting from here because the big companies suck?
Why would we even care?
We wouldn’t, and we don’t
VPNs are no different
I’ve never said that all VPNs are good, I’m saying there’s ways to pick a good one if you’ve spent 2 hours + online
Ah old, well know stories ... You're a bit too late for show here
Lmao
No, I think because HideMyAss is bad he was resonable enough to understand that zero privacy is king 👑👑👑
@emgh
You only need to understand basic human psychology to know that there are a plethora of ways for Swedish police to get useful intel from miscreants like Mullvad; be it directly or indirectly. No one is squeaky clean, and they are accepting cash (!!!) in 2023, and it either bit them in the ass already, or it will bite them in the ass sometime in the future.
They can't know for sure whether or not they are providing services to pedophiles or terrorists (a legitimate project like Tor is an exemption since it's open source, its intent was clear right from the start and it doesn't provide commercial services whereas Mullvad and the rest profit off of various nefarious activities), but what we know for sure is that they cater to a certain type of customer, and no police worth their salt would do anything to undermine having a piggy like that in their jurisdiction.
But basically, this is all I'm going to say on the subject, as this is akin to me saying that these companies aren't mostly being ran by lonely nerdy men whose guards wouldn't be down as soon as they saw a hot girl giving them attention... not to mention being threatened by the tax man... Put simply, you will devise a plan to ensure that neither you nor the police will have to explain anything since parallel construction isn't much of a feat with technologically illiterate prosecutors.
You would lost the bet. It's @joepie91 after all. He was never hiding who he was and he used his nickname together with the real name after all.
Everyone who knew @joepie91 back then, and most of us at LET did it, knew also that he didn't really need VPN or anything as he was most likely sitting on the pavement in some alley using free wi-fi or something. He was a nomad.
Yeah, I mean he's Sven Slootweg, he was doxed for being a member of Lulzsec and had a couple of articles with him in it where he refuses he's part of it even though multiple things pointed towards him.
A lot of people in that IRC ended up getting raided, especially US residents.
What benefited him was likely that he lives in the NL.
I am not sure if he even had a real home back then. I always got impression like he's crashing with friends or temporarily live in some squat or something.
And to think about "doxing him", again - it's @joepie91 after all. It's not like he was hiding behind fake nicknames. Everyone knew who he was and what websites he operate. What to dox here? People who thought that they were doxing him were just hilarious.
I did not always agreed with him, but it's was good to have him at LET. Because unlike many he had a things to say.
Swedish police recently went to Mullvad, and went away with nothing.
Same exact thing happened at Bahnhof.
If an ISP today says ”sorry we’ve got no data”, they’re admitting to fraud.
This is no thought experiment, this is the present, today. A VPN CAN get away with denying data access, an ISP CAN’T.
You simply can’t argue that a good VPN has a high degree of being safe if you’re not extremely extremely wanted, whereas not using a VPN leaves you with a 0 % degree of having any privacy.
Something carrying risk is no argument for taking all the risk instead.
If the next argument is remotely the same again, that a VPN isn’t 100 % safe, without taking into account that not using one is 100 % not safe, I’m out.
What does this even mean? So it does not keep you safe if you're extremely wanted? How come?
So basically it's keeping you safe from LET mods and it's keeping you safe from your employer, but it does not keep you safe from SÄPO or MUST? If that's what you wanted to say, I think that we both, Joepie91 and I would agree with you.
Yeah, ok... and in what world do you need police to come and seize hardware of a well-known VPN provider who made no-logging claims before, and who was no stranger to Swedish law enforcement to begin with?
What exactly would you achieve by signing off on such an operation, if you already know those people, and know that they are law abiding citizens and have nothing to give to you?
The argument doesn't work here as you wouldn't be sending those types of policemen to them. Instead, it would be done either through phone or email. It's Sweden, it's not Tanzania.
If you sign off on such an operation, then you're basically either trying to create positive press for them so more miscreants use their services and instill a false sense of security, or you had different intentions: you were trying to see if they had anything remotely criminal laying around in the offices that you could use to make them more pliable.
Criminal operations usually have either cash (whose origins they can't quite explain) or weapons laying around, and even a small weapons charge would be a nightmare for company operations if you don't have someone to eat the charge for you.
Adding onto my last post (and replying to yours) Sven for instance mentioned in the post above is based out of the NL.
The NL has a lot of beneficial laws when it comes to foreign politics, but taking that point even further:
Simply the country the company that runs the VPN is located can make a major difference.
What's the most likely to comply in giving information to a legal request?
1) Country A wants data from VPN A in privacy friendly Country B
2) Country A wants data from VPN B in Country A
3) Country A wants data from ISP in Country A
Three by far, followed by two (which is still a deterrent, especially if the server is geolocated outside the US) and in last place, the least likely... definitely one.
Just the mere legal process of having to go to a foreign entity can be extremely beneficial if you were the type of guy that needed a VPN.
He doesn't mention that crucial talking point at all in the article.
To be devils advocate though (for Svens article), a lot of VPN providers are shady as shit and do keep logs despite saying they don't. Especially US companies.
Just do your research.
@SirFoxy
100 % agree
Most are shit
But as I wrote (way above now), I fail to see why using a good VPN for my needs would be any less helpful just because there bad VPNs around
I think that’s the main logical flaw in the article
My VPN dosen’t magically become bad because there’s bad VPNs around
Imagine if we used the same logic when shopping for VPS, ”ah I was paying $30 a month for a slow server at an EIG host so therefore I just won’t host anything anymore”
That’s silly
But when Joepie makes the same exact point but for VPNs it’s for some reason respected
And to add on to your points, I 100 % agree. Also, in Sweden (and I’m not just going on about Sweden because I’m 99 % sure this is based on EU legislation that are basically inplemented ABOUT the same in MOST EU countries), the law is very clear:
So one MAY be unsafe, the other one IS unsafe.
I also agree with that. Most of them as shady as f...
In first post @Arkas said "Don't use Free VPNs!!!" and I would extend that to the "even if you use paid VPNs, use them with some common sense". All we have is their word what the do and don't do.
Goodnight! (past midnight here already, huh...)
By the way, for those who are interested in integrity and legislation, this has been a very successful approach by Bahnhof:
https://5july.org/
After a bunch of court drama, it was concluded; ISPs had to save data; VPNs didn’t
So Bahnhof registered a foundation, that just happens to provide free Wireguard VPNs with no data logging to Bahnhof clients, activated from the Bahnhof dashbord
Bahnhof made big news about the fact that they’ll start logging data, they didn’t hide it at all, quite the opposite, they even announced the exact date, they wanted everyone to have time to activate their free non-logging VPN before they started saving user data
They basically spent time and effort to make sure that their own logging was as ineffective as possible. Big drama between populist politicians and them
Goes to show that when you’re passionste there’s always a solution
Goodnight!
And sorry if I’m grumpy I’ve been on like a 3 day coding spree for a new project. Just quick sleeps, a quick walk, and back at it lol
But I agree that if the post is meant to enlighten the user who otherwise would have used a VPN that basically takes your money and sells your data (which I think is A LOT of them) yeah, it makes sense to spread the word to avoid those
Although the same people to pay for their data to be sold are probably the same people who won’t read the article 🤩
You can still chain proxies and Tor and it would be next to impossible to get caught as each link would have to bend AND keep the data.
What about proton vpn, free but can be trusted.
I have seen a huge increase in VPN commercials in the over-the-air broadcast TV commercials that I watch here in the US. NordVPN is advertising heavily, and I believe I have seen a few commercials from competitors who are trying to keep up.
The VPN providers make many grandiose security claims that deliberately mislead viewers. In my opinion, only a tiny percentage of viewers understand the nuances to avoid being deceived. The few that understand the subtleties ignore the ads and are not the prime targets, in my opinion.
I believe that the targeted market is sports fans who want to bypass regional restrictions. People understand that very well. The VPN ads provide the "security" as a rationalization and to justify the expense in the mind of the consumer, that's all.
The problem, I believe, is when a for-profit company acts like their intentions are of altruistic nature, and that they believe in something greater than profit, when in reality they wouldn't be in the VPN business if they didn't only care about money.
They lie and they deceive that they care about something greater than profit, and they cater to customers who want to torrent for the most part, but you can't really say that outright so you need the whole your ISP is spying on you agenda, even though it's really not the case in most countries, and if it is, there's nothing of interest in 99% of people's browsing histories.
So if you want to do something really important, you would just do it over Tor, and not over a paid VPN, because you don't know the company structure, you don't know the employees -- you quite literally don't know anything about them. If you're not doing anything bad (CSAM, etc) then Tor is 100% the best choice.
One company that I worked for in the past had an outsourced engineering team in Ukraine, and God knows who else had access to quite literally every system.
My point is only that you shouldn't idolize and trust that they are idealists and that they care about the customers. Those who truly care about privacy and anonymity on the Internet won't be involved in for-profit VPN's in any capacity whatsoever.
Using a paid VPN is completely fine, but just don't be so sure that they care about any causes or anything. It's a business.
Like @emg said, most of us use VPN's to bypass geo restrictions and such, and for those purposes, it's basically a God send, just so the wifey never goes without a show or something if it's geo locked.
Say what you want about Tor, but if you don't need Netflix or to select a specific country, Tor is almost always a better option for privacy. Why? Tor doesn't need to know who you are = no way for the Tor Project to get your personal information.