I found this to be an interesting watch in layering security/ privacy rather than throwing the hail mary at a VPN and expecting it to keep you anonymous.
My VPN doesn’t share my data with their 9000 advertising partners like my ISP does.
Over confidence in VPNs
Sure, I’ll buy that. I mean, all the VPN power in the world is useless if your DNS leaks. As you are probably well aware of, there is no magic bullet. It is a series of layers.
I assume they know who you are and what you are doing if it is online. VPN is a good security measure, but one screw up and they’ve got you. At least for your current connection.
Most people are still going to be logged into sites. Your cookies will give you away if you have any common tracking ones. Browser fingerprinting and other techniques can also be used to figure out who you are, even in incognito.
Then there is chat control, which is how they really want to get you, but that’s another topic.
VPNs primarily give you privacy from your local ISP, not necessarily anonymity. And the VPN provider then takes on the role of ISP and has the technical ability to inspect your traffic as it goes by. They may agree not to do that in the one-sided non-negotiable unilaterally-updatable ToS they offer you, but you have no means of knowing if they stick to it, and they almost certainly have carve outs in the terms to comply with local (to them) law enforcement demands.
I’m somewhat trusting of Mullvad, since they’ve actually been raided by police who walked away empty-handed which IMO demonstrates that they’re not bullshitting about not logging anything. But yeah as you say, that could always change in the future.
As a wise person once said, “No company is going to break the law for you.”
It’s fine to have some trust in your services, but it should never be without exception. The responsibility for privacy is always ours to ensure.
I have a reasonable amount of trust in my VPN. They’ve been audited as early as 2024 by several indepentent agencies. They have proved their ‘no logs’ boast in court for quite a few instances. Even when servers were confiscated, there was no usable data found. So I feel reasonably confident in their service. However, that doesn’t mean I completely trust them.
What independent agencies? Are they not-for-profits or are they paid by the VPN provider?
I appologize for my poor word choice. These are third party auditors. Didn’t mean to mislead. Auditors like PwC (PricewaterhouseCoopers), Deloitte, KPMG, Cure53, Altius IT, VerSprite, Leviathan Security Group, MDSec.
Well privacy doesn’t necessarily mean anonymity. They are different things and have different solutions. A VPN gives you privacy but doesn’t automatically make you anonymous. I think the other comment has a good point that VPNs are overselling their products. And it’s true, defense-in-depth is the proper way to go about it, and not to rely on one thing to solve all your problems.
Well privacy doesn’t necessarily mean anonymity.
Privacy is knowing who i am but not what I’m doing.
Anonymity is knowing what I’m doing but not who I am.
The issue with me lately is more and more sites actively blocking connections from VPNs. I’m not sure what to do about that.
actively blocking connections from VPNs. I’m not sure what to do about that.
There are a small minority of sites I encounter that do that. Usually I will try a couple different VPN locations. If that doesn’t work, I just search for the data somewhere else. I know that doesn’t work for everyone. I also encounter a lot of ‘Verification’ checks. They are kind of anoying but I figure, I’d rather that than just having my data hanging out in the ether unprotected.
Use the tor browser in conjunction with your VPN. The tor exit nodes aren’t flagged.
Depends on the site. Sadly, I see “Forbidden” all too often via Tor as well.
I’m not discouraging Tor use of course; just pointing out many sites block the Tor network as well.
Maybe masking VPNs ? Is that even a possibility? Like how people can mask something as Chrome already.
Mullvad has a few obfuscation techniques with a new one that just came out. I’m curious if they’ll help in this application
AFAIK it’s the IPs of the VPN server that gets flagged in these cases. Not sure how that could be masked, it would probably basically just be using a different VPN server
There is a big over confidence in VpNs and I think it’s because the VPN providers oversell their product.
VPN providers oversell their product.
Sure. Because the average joe schmoe really doesn’t grasp the complexities of networking. I admit fully, I do not know all there is. But the average joe schmoe could almost be forgiven for their ignorance. As I mentioned, shit’s complicated. You have an individual who works 5 days or more a week. They come home tired and exhausted, try to have a few moments of family time. On the weekends, time is spent catching up on chores and involvement with their family.
So, they really don’t have the time to read the unix manual, much less understand it because…shit’s complicated. So they place trust in companies that may or may not have their best interests at heart. We have the secret knowledge because we’re geeks and nerds. LOL I tell everyone I come in contact with, I am an expert at nothing. However, I am more than happy to freely share any knowledge I’ve gained along the way. It is my desire that all my friends and acquaintances use their technology in the most private, secure, and anonymous way possible.
