this post was submitted on 03 Apr 2024
218 points (97.4% liked)

Privacy

31974 readers
481 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

It is something to always take into consideration and not forget.

top 50 comments
sorted by: hot top controversial new old
[–] fidodo 117 points 7 months ago (8 children)

A smart VPN will avoid going to jail for you by not storing any of the data law enforcement wants in the first place.

[–] [email protected] 58 points 7 months ago (1 children)

Yeah, Mullvad was searched and they shrugged and said "well, go ahead" and could then proudly publish that the Swedish authorities could take zero info from there: https://mullvad.net/en/blog/update-the-swedish-authorities-answered-our-protocol-request

[–] [email protected] 22 points 7 months ago (1 children)

Just recently signed up for Mullvad... No CC numbers or email addresses, you just get a string of numbers and that's all you need to connect with it anywhere. And you can pay with Monero.

It's like the paranoid person's dream.

[–] [email protected] 16 points 7 months ago

Heck, if you want, you can pay with hard cash by mailing it with your payment token to their office. It's pretty great when it comes to choice of privacy.

load more comments (7 replies)
[–] [email protected] 79 points 7 months ago* (last edited 7 months ago) (3 children)

Considering this is straight from a VPN provider, take this with a boulder-sized grain of salt.

And I say that as someone who believes using a VPN is generally more beneficial than not. And espouses most of that advice regarding the VPN.

Even if a VPN were totally benevolent and gave daily tours of its office, there's still no 100% guarantee their claims can be verified at all times. So there's always an element of trust. (I trust most of the ones outside of the Eyes countries more than my home ISP, though. )

[–] [email protected] 30 points 7 months ago (2 children)

I would put Mullvad and IVPN up there as the two VPNs I'd trust most to do things right, but I still agree with everything you've said.

[–] [email protected] 6 points 7 months ago (1 children)
[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (1 children)

See the last points in the article: run by activists, and would rather shut down than cooperate with law enforcement.

I don't know if proton is run by activists, but I do know they've cooperated with law enforcement by inserting code to log user requests when coming from a specific user. Plenty of articles about the court case, and it's also why they did away with their no-log policy.

Also, are their logins token based or username based and connected to the protonmail account?

load more comments (1 replies)
[–] [email protected] 6 points 7 months ago

The purpose of these corporate white papers is to inform (impress) potential customers of actual issues. It demonstrates knowledge and implies that the company has the ability to leverage their product or service to meet whatever the challenge is.

I wouldn't say boulder-sized because the meat of the article is true, but yes a bit of skepticism is always useful.

[–] [email protected] 6 points 7 months ago* (last edited 7 months ago)

As others have said, Mullvad is pretty close to (if not at) 100% guarantee... No personal info whatsoever is required to be given when you sign up (including email address or payment information; you can use Monero if you want), so there isn't really anything that they could give to authorities even if they wanted.

Even if they did keep logs (which im 99.9% sure they don't), all that would show is an IP address, and from what I understand based on past precedent, that is not enough to identify a person on its own. But IANAL.

[–] [email protected] 28 points 7 months ago (3 children)

In this blog post we explain why competent service operators can avoid having to share sensitive information about you without facing severe legal consequences. The reasons laid out will also highlight why you are better off choosing a VPN service run by privacy activists who will prioritise principles before profits in difficult situations

is it me or does it read like someone used an LLM to write those sentences?

[–] [email protected] 8 points 7 months ago (2 children)

Sounds like the intro paragraph to someone's term paper at uni.

[–] [email protected] 4 points 7 months ago* (last edited 7 months ago)

This is usually how I intro documentation for tech projects. Its good practice for technical docs, doesn't necessarily mean its an LLM

[–] [email protected] 4 points 7 months ago (3 children)

Yeah, that's what I was going to say. Thank god that shit didn't exist when I was in college, or every paper I ever wrote would have been flagged. I guess I write like a robot.

[–] PM_Your_Nudes_Please 3 points 7 months ago

Worth noting that there is a strong correlation between neurodivergence and falsely getting flagged for using AI. Apparently AI sounds autistic, so lots of autistic kids were getting flagged for AI use even when they wrote it themselves.

But if it helps, even ChatGPT has had to admit that AI detection is inaccurate and schools shouldn’t be relying on them.

[–] [email protected] 2 points 7 months ago

the twist is that the LLM writes like this because you trained it to do so with your term papers that it scraped

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago) (1 children)

Haha same! There's a place for us though: if you ever get into research, robotic writing tends to work out fairly well!

[–] [email protected] 2 points 7 months ago

Thing is, I don't even feel like I do write like a robot per-se... Maybe it's more like I write like the average of every person who has ever written anything ever lol.

[–] [email protected] 5 points 7 months ago (1 children)

GPT loves alliteration, so at least there’s something to support your suspicion.

[–] FutileRecipe 1 points 7 months ago (1 children)

So, scrub my papers for alliteration. Thanks for the tip.

[–] [email protected] 1 points 7 months ago

Use it sparingly and with style. More isn’t always better.

[–] [email protected] 1 points 7 months ago

Ha! Author here - no LLM was used. It was an attempt to summarise the content and the key message, but it took some time to jam pack everything into two sentences.

[–] [email protected] 24 points 7 months ago

Meh, just Mullvad. Cops can raid em all they want; they just walk away empty handed

[–] Mango 16 points 7 months ago

And here I thought companies can't go to jail. Apparently that only applies to the companies who aren't run by the lizard people or the kids popular with the priests.

[–] [email protected] 13 points 7 months ago (3 children)

Verifiably no logs without court order (I'm guessing canary pages have gone the way of the dodo now, probably boilerplate in the orders, maybe wrong according to the article, perhaps in some jurisdictions) would be awesome. Verified by external audit is about as good as we can get, so proton, tutanota, I think, others muchly appreciated. I think one of them setup their OS in volatile RAM, which is cool, but probably not legally protective.

No, I don't expect you to go to jail for me, but due diligence minimising knowledge will bump you up my list of providers to choose.

One problem here is those that do verify, usually don't allow torrenting ports, so, no ratios for you. Anyone know what the over/under is on lesser tier VPNs that port share vs a VPS (with all its potential, but which country?) vs Usenet? Looking to have a clue when the time comes, knowledge gratefully accepted :)

[–] [email protected] 14 points 7 months ago (3 children)

I love Mullvad and recommend them for everything other than torrenting. Once they disabled port forwarding I moved to AirVPN who seem to be pretty legit.

I'm not trying to keep my ratios up but I have a few torrents of media that are not available anywhere for sale and have less than 10 seeds, so I feel like I am helping keep the shows and movies of my childhood alive.

[–] [email protected] 10 points 7 months ago (1 children)

They did have a server seized (physically) in 2015: https://lemmy.dbzer0.com/post/6754830
Though apparently there were no logs.

Interestingly though, that forum post was now deleted from AirVPN site. Strange...

[–] [email protected] 5 points 7 months ago

Hmm, TIL, thanks.

[–] [email protected] 8 points 7 months ago

Good person. Much like I would like to do. I'd be happy with a VPN for personal use and another one for torrenting (gluetun compatible preferably) Shall look at AirVPN, thanks.

[–] [email protected] 2 points 7 months ago

Just switched to Mullvad and haven't tried torrenting with it yet... Doesn't work? Or just slow?

load more comments (2 replies)
[–] [email protected] 4 points 7 months ago (3 children)

Soooo how to split the packets up between 3 VPNs to make each providers piece useless?

[–] [email protected] 13 points 7 months ago

You're about 15% of the way to re-inventing Tor.

[–] [email protected] 5 points 7 months ago

check out Nym, they are doing this kind of network

[–] FutileRecipe 5 points 7 months ago

Sounds very similar to Safing Privacy Network. They route different applications across nodes (Tor-esque).

[–] [email protected] 3 points 7 months ago (1 children)

I’ve tried IVPN a number of times but it never works for getting around mlb.tv blackouts which is my biggest use case. ExpressVPN has just been reliable for me in that regard.

[–] [email protected] 13 points 7 months ago* (last edited 7 months ago) (1 children)

IVPN servers are all well-known and catalogued. ExpressVPN partly buys hacked machines to user as proxies for their paid tier user VPNs, so they are much less likely to be blocked. They have a lot more.. troubling history, that would make me never visit their download site.

https://www.zdnet.com/article/trust-but-verify-an-in-depth-analysis-of-expressvpns-terrible-horrible-no-good-very-bad-week/

Kape Technologies has announced plans to acquire ExpressVPN for $986 million. I do have concerns about this because Kape was once considered a malware provider.

Reuters indicating that ExpressVPN CIO Daniel Gericke is among three men fined $1.6 million by the US Department of Justice for hacking and spying on US citizens on behalf of the government of the UAE (United Arab Emirates).

Kape Technologies has had quite a convoluted history. According to a report in Forbes, a company called Crossrider was formed in 2011 by "billionaire Teddy Sagi, a serial entrepreneur and ex-con who was jailed for insider trading in the 1990s. His biggest money maker to date is gambling software developer Playtech," and Koby Menachemi.

Menachemi was a developer for Unit 8200, an Israeli signals intelligence unit responsible for hacking and collecting data (think of it as part CIA, part NSA, and part high school, because the unit hires and trains teenagers in hacking and coding skills).

the newly renamed Kape Technologies set out on an acquisition binge. The company started buying in 2017, acquiring CyberGhost VPN for about $9 million. Next, in 2018, came Mac antivirus company Intego for $16 million. A few months later, Kape gobbled up another VPN provider, ZenMate, for about $5 million. A year later, in 2019, Kape spent $95 million for Private Internet Access, one of the best known VPN providers at the time.

There's more to the story as well, but you can be sure that all your data is ~~belong~~ either being proxied by a botnet, or being used to spy on you. 'I have nothing to hide!' you may say, but I'm sure you have an app or two that still uses insecure HTTP update checks, which can be intercepted to trigger a malware installation.

load more comments (1 replies)
[–] MigratingtoLemmy 3 points 7 months ago (1 children)

The only reason I look at IVPN is because they allow port forwarding

[–] [email protected] 3 points 7 months ago (1 children)

They no longer offer this, right?

[–] MigratingtoLemmy 2 points 7 months ago (1 children)
[–] [email protected] 3 points 7 months ago* (last edited 7 months ago) (1 children)
[–] MigratingtoLemmy 1 points 7 months ago (4 children)

Unfortunate. I like their model

load more comments (4 replies)
load more comments
view more: next ›