Current state of online privacy in the UK

Maounique

@CraigWatson said:
If encrypted traffic throttling is a pain, you could always try obfuscating the traffic by running the VPN on a high/non-standard port - just make sure you don't pick a port associated with P2P traffic.

Eh, port 443 should do in most cases. A HTTPS tunnel is possible, at least a simulated one.

KwiceroLTD

CraigWatson said: OpenVPN isn't, and can't.

You can't say OpenVPN can't be cracked just because it hasn't been yet.

CraigWatson

@Maounique said:
Eh, port 443 should do in most cases. A HTTPS tunnel is possible, at least a simulated one.

I was suggesting an alternate in case the OP's ISP is doing some kind of crude port-based QoS instead of content-based QoS - I've seen both on residential setups - you can sometimes get a marked speed increase just by changing the port

@KwiceroLTD said:
You can't say OpenVPN can't be cracked just because it hasn't been yet.

OpenVPN is HTTPS TLS-based. See this link for more. I would seriously suggest you research the tech before you denounce it. Of course, nothing is truly "uncrackable", but OpenVPN is inherently more secure than PPTP platforms.

At least in enterprise applications, PPTP is actively discouraged - if you're behind a PPTP VPN, you may as well be on the public internet.

Edit: Here is a post detailing PPTP's vulnerabilities.

tehdan

CraigWatson said: OpenVPN is HTTPS-based - that's why it's called an SSL VPN.

No it isn't. It is SSL (actually no it isn't - its TLS) based, but it uses its own protocol and usually UDP rather than TCP. It has nothing at all to do with HTTP unless you are forced to use it in HTTP Proxy mode, which again is best avoided.

Better than PPTP though .

CraigWatson

@tehdan said:
Better than PPTP though .

Stand corrected, thanks

adamluk

@jhadley said:
I know someone who did some interesting investigation into VPN services and also know that most make completely false claims about security, logging, handing over data etc. I finally found one that seems to be trustworthy, fast, secure, doesn't ask for my name, paid with BTC, open sources most of their stuff etc.

That's an interesting research paper, thanks for that

Willing to share your VPN choice, on here or via PM?

apidevlab

@jhadley said:
I know someone who did some interesting investigation into VPN services and also know that most make completely false claims about security, logging, handing over data etc.

I finally found one that seems to be trustworthy, fast, secure, doesn't ask for my name, paid with BTC, open sources most of their stuff etc.

An excellent read that link. It is DEF worth setting up your own VPN even if you look at some of the Lowend Spirit stuff eg a few geolocated VPS (IP4 Nat) for about £20 a year (or less)...

Bonuses with this approach is you can have hands on control of the node and you'll learn much more.

Table 1.VPN services subject of our study in the link above will make most peeps gulp

Another project is SoftEther VPN Project which develops and distributes SoftEther VPN, anOpen-Source & Free ​cross-platform Multi-protocol VPN program (server & client apps) as an academic project from University of Tsukuba. With a small amount of reading it's fairly easy to setup a server and you can configure and manage it from Windows via a GUI or command line.

In terms of Gov (UK) spying don't believe a word they say... and thats not paranoia that's common sense. GCHQ are very, very clever and have been for many, many years.