this post was submitted on 10 Nov 2024
37 points (100.0% liked)
Privacy
32159 readers
606 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Generally, it’s best to go by capability, not by policy.
Any company has to do what the government of its country says. This goes both for the VPN company, AND any exit node country. So you have to always assume that whatever country your exit node is in has full access to the data exiting the VPN there.
Then there’s the technology being used, the expertise with which it is configured, and finally the policies in place for handling and storing your PII.
Mullvad has a strong record on all accounts, even as far as just giving a year’s notice that it will stop supporting OpenVPN.
AirVPN has virtually no track record, fewer details on hardware, configuration, expertise and PII handling, and it’s in the EU, so has to comply with EU laws as well as Italian laws.
Being in the EU means it has to comply with the GDPR, which does have its benefits. But it also means an EU member state could put a gag order on your account and be monitoring all your data without you ever knowing.
So it all comes down to who you want your data to be private from and why.
Personally, I avoid all public VPN services as much as possible, and assume that the only thing they’re really doing is tricking the next service in the hop as to what country I’m connecting from.
Wow, I didn't know that, thanks! Also, if you don't use a VPN, then what methods so you use to hide your traffic?
I keep all my traffic encrypted, use my own DNS, and run a VPN so that anytime I’m away from my place, my traffic is tunnelled through my home setup, which includes a piHole.
If I need more than that to obscure the traffic source, it goes through TOR.
I also run a few public web services off the same IP, so the traffic coming out of my address has plausible deniability.
Plus, I use tracker and ad blockers in all my browsers/devices, of course, as well as block JavaScript by default.
How about torrenting?
Torrenting means you’re sending copies of the files to anyone with a magnet link. Great for quickly sharing legitimate software with a wide group. If you’re trying to download stuff you don’t have a license for, torrenting is a bad solution. Better to find a small community where you can just share files directly, peer to peer or on a private server.
Torrenting has a very obvious digital fingerprint, so even if you’re using a VPN, your ISP knows you’re torrenting. And if your VPN provider gets served with a notice and their country is a member of any international trade agreement, they know who you are and have a responsibility to take action against you.
even through vpn? how? there are many other useful (and legal) things you can use that practically always makes traffic
It’s about the traffic shape and size; the packets are all encrypted, but unless you’re filling the gaps with random noise, there’s a pattern to the randomness, in terms of packet size and density, and to the shape of the traffic volume over time.
If you’re streaming video AND torrenting at the same time, that will cover up some of the torrent fingerprints, but not all.
And if someone has the fingerprint of a torrent from a non-VPN source, they can pretty reliably figure out exactly which torrent you’re connected to. Pretty much nobody goes to that level of analysis for a random person though; they’d have to already have some reason to be watching your network traffic AND find it worthwhile.
I'd take what you're reading here with a grain of salt.
I thought AirVPN was based in Canada.