Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Sorry to sidetrack here -- but any good recommendations for paid VPNs?


Pay for a digital ocean/aws/whatever minimally sized instance and run algo: https://github.com/trailofbits/algo


Why would you trust a VPN provider more than your ISP?


To be honest all a VPN does is add another layer of protection. It's not that secure because they can be subpoenaed or NSL'ed into giving data over, which is why a VPN's log policy is important to pay attention to. So in reality, you are mostly just trying to not reveal traffic to your ISP which the various LEA's can get access to far too easily (read: without a warrant).

For those really serious about privacy that's why I think actually owning a colo space where you own and control the hardware can be a preferable solution. For those who don't like that try setting up your own VPN on a VPS, etc.

One of the key things most people miss is DNS. I personally also suggest running your own DNS server, even if just a local dnsmasq that's outgoing to opendns or internic or something.

One more thing most people don't think about is attackers pivoting from other compromised devices on the internal network. If you think that Amazon/Apple/Microsoft etc device isn't sending checks out on the local network and then reporting back stuff like internal IP topology and MAC addresses you got another thing comin. Check your iptables or nftables (bpf?) and block internal hosts you know don't need access.


Why use paid privacy-by-policy systems when you can use free privacy-by-design systems like Tor and i2p?


Latency and throughput


> Latency and throughput

It's not as bad as you're making it seem.


This is a choice you don't make to get. Each one might take different choices on the latency-throughput/privacy trade-off.

Given the current usage, I would say that most people value the latency and throughput a lot.


I'm in UK where the law requires all ISPs to store everyone's browsing history for a year - I browse the web exclusively over VPN and yes, I trust my VPN provider 100x more than I trust the British Government.


Your ISP is a near-monopoly with vast wealth and political connections, and no trust to lose. A VPN is used by a much smaller group of people who will ditch them en masse if any hanky panky comes to light. There is a ton of competition in the VPN space, and they’re mostly selling the same product, so if they lose trust, they’re done.

TL;DR Very different incentives


> Your ISP is a near-monopoly with vast wealth and political connections

That's not true for many parts of the world, especially Central/Eastern Europe.

$ whois AS204880


I can run a Streisand server for about $3-4 / month on a EC2 / Azure instance. I take it offline when I don't use it and can get even cheaper.


Private Internet Access is a common one but there are many. Torrent Freak always has the latest and any encroachments as torrent users are usually the most adamant about privacy.

https://torrentfreak.com/vpn-services-keep-anonymous-2018/


Personally I've settled on ExpressVPN, largely because about 50% of their endpoints work with Netflix. They are also very popular, meaning more protection of anonymity, and I have never seen any evidence to counter their claim that they don't keep logs.

As a bonus their software works very well, better than most generic VPN clients.

I previously was using my own private VPN servers set up with Streisand, but those provide no anonymity, only masking of the endpoint.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: