Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Reliable Bitcoin VPS unlimited bandwidth < $7 a month
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Reliable Bitcoin VPS unlimited bandwidth < $7 a month

Hey guys I would like a VPS preferably a reseller with a shared IP address which I can pay for with bitcoin, unlimited bandwidth to use as a proxy and VPN

Comments

  • maxmitch said: VPS preferably a reseller with a shared IP address

    You won't ever get a reseller VPS with a shared IP. You can get reseller hosting with shared IP but you can't use those for proxying (unless you want to get kicked).

    If "shared IP" is a requirement, then rather get a NAT VPS.

    maxmitch said: I can pay for with bitcoin

    Many web hosts accept bitcoin but, judging by your other thread, you're actually looking for full anonymous hosting. Two very different things.

    maxmitch said: unlimited bandwidth

    Anonymous hosting with unlimited bandwidth will be difficult to get for <$7/m. Such providers generally charge more in order offset the added risk that they're accepting by allowing completely anonymous individuals to use their infrastructure.

    Besides @w3space, you could always up your budget and go with https://flokinet.is/

  • DewlanceVPSDewlanceVPS Member, Patron Provider

    People think that hosting company who accept bitcoin can allow any details like home address N/A, etc and they lost their money ;)

  • joepie91joepie91 Member, Patron Provider

    @maxmitch said:
    Hey guys I would like a VPS preferably a reseller with a shared IP address which I can pay for with bitcoin, unlimited bandwidth to use as a proxy and VPN

    If you're trying to do what I think you're trying to do - "mixing traffic" with other people so that you "can't be traced" - that's not going to work.

  • @DewlanceVPS how will they know if it is valid or not?

  • @joepie91 how come?

  • joepie91joepie91 Member, Patron Provider
    edited September 2016

    @maxmitch said:
    @joepie91 how come?

    Consider what happens when a third party wants to know who is responsible for certain traffic:

    • If you have a dedicated IP: The third party has to ask the hosting provider who's behind it. The hosting provider might be keeping IP logs.
    • If you have a shared IP: The third party has to ask the hosting provider who's behind it. The hosting provider might be keeping connection logs.

    To a hosting provider, it's very beneficial to track who their customers are, as that means they can shift blame when they get in trouble - lawyers are expensive. In both cases - shared or dedicated IP - it is both possible and attractive for the provider to log information that ties your traffic to you. In both cases, the third party needs to ask the hosting provider for cooperation.

    There's no difference between the two in practice.

    I get the impression that you're approaching this along the lines of "well, now it looks like one IP has a lot of traffic coming from it, so I can hide in the crowd, so it must be more secure", but that's not how this works. Instead, you should do concrete threat modelling - who are your adversaries, what are their capabilities, whose cooperation do they need to figure out your identity? The idea of a "shared IP" has no merit when you do that.

    Most importantly: don't pick something because it sounds more secure. What sounds secure to you might be laughably insecure to somebody else, because they're operating from different assumptions than you are, with a different background and different capabilities. That's why it's so important to do threat modelling properly.

    Thanked by 1Ole_Juul
  • @joepie91 What a fantastic answer. Really useful. I am really fascinated by online anonymity and seeing how anonymous I can really be online with a cheapo server. :) Do you know why @DewlanceVPS thinks that it is not possible to just bull sh*t ones address?

  • joepie91joepie91 Member, Patron Provider
    edited September 2016

    maxmitch said: What a fantastic answer. Really useful. I am really fascinated by online anonymity and seeing how anonymous I can really be online with a cheapo server. :)

    You might find this article interesting as well. It's targeted towards secure application development, but it has a lot of similarities to how you do threat modelling for personal privacy and/or anonymity.

    (EDIT: Currently the most plausible way to really remain anonymous is Tor, but that's also not necessarily without its flaws. Pretty much anything else - especially things with a single hop - is going to be less likely to get it right. Privacy is a different discussion entirely...)

    maxmitch said: Do you know why @DewlanceVPS thinks that it is not possible to just bull sh*t ones address?

    Most providers use something like MaxMind to "detect fraud" - however, it'll generally trigger on anything that looks "off", including address details not quite matching the internet connection, having fake-looking details, etc. You can register with fake information, but it's non-trivial to do so.

    Generally providers who don't care about your identity will advertise as such. PRQ is one example, though their customer service leaves some to be desired, and they're not exactly cheap. Assume that any cheap provider will be using fraud prevention services, though; with services being so cheap, there's not a lot of margin to deal with the costs of fraud, and so providers often apply "better safe than sorry".

  • @joepie91 said:

    Would the OP not be better off (in single hop instance) using a reliable commercial VPN provider who allows anonymous accounts with just am email address and which has operational separation between billing and network operation companies in different jusrisdictions with the only data shared between the 2 being account activation and no logging of any kind carried out on their servers?

    Of course a tunnel in a tunnel in a tunnel like TOR or both combined will be better, but the above would be much more likely to have the data mixing effect desired?

  • Ole_JuulOle_Juul Member
    edited September 2016

    I have no affiliation but this seems appropriate:

    The Multi-Hop technology will let you connect to any VPN server as entry point, and then it will randomly route you through various VPN nodes across our network up to your selected exit point which will become your public IP.

  • joepie91joepie91 Member, Patron Provider

    Ole_Juul said: I have no affiliation but this seems appropriate:

    Multiple hops doesn't help one iota if they're all controlled by the same company. It's just marketing nonsense. The reason Tor works is that the nodes are not all controlled by the same entity, and no commercial VPN provider will ever be able to claim the same.

    In reality, anonymity just isn't a profitable business when it's done right. There are fundamental conflicts of interest.

    mycosys said: Would the OP not be better off (in single hop instance) using a reliable commercial VPN provider who allows anonymous accounts with just am email address and which has operational separation between billing and network operation companies in different jusrisdictions with the only data shared between the 2 being account activation and no logging of any kind carried out on their servers?

    No, because you can't trust the provider not to log, and it's very unlikely that they really aren't logging - because it'd put their ass on the line if the feds were to come knocking, and - as I've also stated in this post - your measly $10/month doesn't even pay for their lawyer's coffee.

  • mycosysmycosys Member
    edited September 2016

    @joepie91 said:

    mycosys said: Would the OP not be better off (in single hop instance) using a reliable commercial VPN provider who allows anonymous accounts with just am email address and which has operational separation between billing and network operation companies in different jusrisdictions with the only data shared between the 2 being account activation and no logging of any kind carried out on their servers?

    No, because you can't trust the provider not to log, and it's very unlikely that they really aren't logging - because it'd put their ass on the line if the feds were to come knocking, and - as I've also stated in this post - your measly $10/month doesn't even pay for their lawyer's coffee.

    In what possible way is it in the interest of a seychelles based company to log information when their entire business modfel is based on not doing so? There is no possible legal ramification from not doing so, nor is there any law forcing them to do so (in some jurisdictions if they logged they would have to keep it, but they do not). And this is WELL tested - indymedia being among the first to test it - and win. Indymedia has never and will never log, and this is despite several seizures and damands for logging internationally over nearly 20 years and several legal regimes. There has never been sucessful legal action in the west as there is no leg to stand on.

  • joepie91joepie91 Member, Patron Provider
    edited September 2016

    @mycosys said:

    @joepie91 said:

    mycosys said: Would the OP not be better off (in single hop instance) using a reliable commercial VPN provider who allows anonymous accounts with just am email address and which has operational separation between billing and network operation companies in different jusrisdictions with the only data shared between the 2 being account activation and no logging of any kind carried out on their servers?

    No, because you can't trust the provider not to log, and it's very unlikely that they really aren't logging - because it'd put their ass on the line if the feds were to come knocking, and - as I've also stated in this post - your measly $10/month doesn't even pay for their lawyer's coffee.

    In what possible way is it in the interest of a seychelles based company to log information when their entire business modfel is based on not doing so? There is no possible legal ramification from not doing so, nor is there any law forcing them to do so (in some jurisdictions if they logged they would have to keep it, but they do not). And this is WELL tested - indymedia being among the first to test it - and win. Indymedia has never and will never log, and this is despite several seizures and damands for logging internationally over nearly 20 years and several legal regimes. There has never been sucessful legal action in the west as there is no leg to stand on.

    It's not about being legally forced to keep logs. It's about having or not having a way to shift liability - and that's assuming that the provider in question has good intentions to begin with.

    It doesn't matter how legal it is to not keep logs, if the practical end result is that you're going to be held accountable for what happens through your service.

    (Indymedia is also not a commercial VPN service, and has very different incentives. They pretty much exist to challenge such things.)

  • @joepie91 said:

    It's not about being legally forced to keep logs. It's about having or not having a way to shift liability - and that's assuming that the provider in question has good intentions to begin with.

    It doesn't matter how legal it is to not keep logs, if the practical end result is that you're going to be held accountable for what happens through your service.

    (Indymedia is also not a commercial VPN service, and has very different incentives. They pretty much exist to challenge such things.)

    Thats right - we challenged it 15 years ago and proved that you could not be held responsible for the traffic going through your service, and there are specific safe harbour laws that say so. We UTTELRY disproved your point and EVERY person on the net concerned with privacy knows this, including and espescially these service providers. Their entire business is centered around this model - it is better for them to shut down a node than to destroy their business by disclosure - they might as well just shut down

  • joepie91joepie91 Member, Patron Provider

    mycosys said: Thats right - we challenged it 15 years ago and proved that you could not be held responsible for the traffic going through your service, and there are specific safe harbour laws that say so. We UTTELRY disproved your point

    No, you didn't. It doesn't matter whether you're technically in the right or not. The only thing that matters for a commercial provider is what the cheaper solution is. "Fighting an endless case in court with very expensive lawyers" is almost never the cheaper option in the long run, no matter how "right" you are.

    mycosys said: Their entire business is centered around this model - it is better for them to shut down a node than to destroy their business by disclosure - they might as well just shut down

    Unfortunately, that's not how it works in practice.

  • clearly you are not living in a country where madatory data retention is a fact of life. There is no juristdiction, nobody to sue, and honestlyt it is going to be far harder for any agency to get that data than it is to just ask the ISP required by law to keep all connection info. A single tunnel isnt enough - but it is enough to get out ouf your countries and their cronies juristidiction at least to somewhere with less logging legislated, and then connect to something better.

  • joepie91 said: The only thing that matters for a commercial provider is what the cheaper solution is. "Fighting an endless case in court with very expensive lawyers" is almost never the cheaper option in the long run, no matter how "right" you are.

    I can see you have a good understanding of these issues. However, from what I understand, to sue a Seychelles registered company requires the physical presence of a lawyer living and registered there. This is a big hurdle for anything but the most well funded suits and saves them the trouble of having to fight "endless cases in court" as you say. I do agree with you that if one's anonymity is of unusually high importance, the better tool (in addition to other considerations) is Tor.

    Thanked by 1mycosys
  • This is the case used on the page you link to, to justify their claims.
    https://invisibler.com/lulzsec-and-hidemyass/
    The thing is, HideMyAss NEVER claimed not to log, and NEVER claimed they would not comply with requests. Their business model is not based around not logging and anyone with a brain would not not have been using them. They still work just find for aviding filters - what they say they are for.
    They are a UK company - where you can be put in jail for not giving up your password, and where ISPs must log and filter. Nobody in their right mind would be using a UK based company for private ANYTHING, the GCHQ is worse than the NSA. That doesnt mean we didnt win there over logging, we did. But a company based there CAN be compelled to do just about anything re data. Even the US is safer.
    NONE of what happened to HideMyAss applies to companies specifically structured to be immune to these concerns. The billing company has no idea what the users on the network do, the network company has no idea who the users are. The network company is in a jurisdiction where it is near impossible to sue, even if they were doing somethign illegal THERE and is complying with local laws.
    There is NO pressure to keep or supply logs. One for instance says if they recieve an order VALID IN THE SEYCHELLES they will comply with it, by replying they have no information to give, as they just dont. It has never happened, because nobody is ever going to bother to try short of a revolution there.
    What there is, however, is comercial pressure NOT to log or supply logs. They can set up a million dummy companies to hire servers, no problem, even if they are shut down. What they cant do is get over a business model entirely based on not logging and privacy from the ground up if they breach that. That is ALL they are.

Sign In or Register to comment.