Wasn't TunnelBear acquired by McAfee? This makes me really question its integrity, and the article only takes a cursory glance at this relationship, which makes me distrust it. And although their...
Wasn't TunnelBear acquired by McAfee? This makes me really question its integrity, and the article only takes a cursory glance at this relationship, which makes me distrust it.
And although their transparency report is nice and all, the fact that TunnelBear is US-based means it's under the five eyes jurisdiction, which could be a privacy concern.
I'm asking this with genuine curiosity, please don't take this comment as me attacking TunnelBear, I just don't understand how it's supposedly the best choice when there's two very glaring issues that other VPNs avoid.
I wrote about the privacy issues with the TunnelBear acquisition here: https://sourcecontribute.com/2018/03/09/tunnelbear-sells-out-to-mcafee-violating-user-privacy/comment-page-1/ The other issue...
The other issue I pointed out was that TunnelBear actually received Canadian government grants for R&D and that was in 2017, just a half year to a year before being acquired.
So Canadian taxpayers paid for a US company to grow bigger and reduce the competition in the VPN space and the user data belongs to McAfee so who knows wtf they will do with it.
The credibility of The Wire Cutter is taking a hit here, at least for VPN service reviews.
How do you know those other VPNs avoid it? If the threat model is a well funded government agency like GCHQ then it would be dumb to trust a commercial service.
there's two very glaring issues that other VPNs avoid.
How do you know those other VPNs avoid it?
If the threat model is a well funded government agency like GCHQ then it would be dumb to trust a commercial service.
I have used Mullvad over the last three months with 0 complaints. They are big supporters of open source, recently they sponsored a corebooted server. As a few people mentioned mobile was bad, I...
I have used Mullvad over the last three months with 0 complaints. They are big supporters of open source, recently they sponsored a corebooted server. As a few people mentioned mobile was bad, I would recommend trying their wireguard servers. The protocol is still in late beta, but it is still objectively better than openvpn. There are some concerns with proper anynomity with wireguard, but there are plans to mitigate that issue. Wireguard is one of the few protocols that is so much better than previous protocols.
Nice, I'll have to consider mullvad as I am like the simplicity of wireguard, and it seems to me like wireguard's cryptography is very sound and simple. Simplicity leads to less bugs.
Nice, I'll have to consider mullvad as I am like the simplicity of wireguard, and it seems to me like wireguard's cryptography is very sound and simple. Simplicity leads to less bugs.
Oh snap. I kinda trust Wirecutter and have not regretted a single purchase I've made through their recommendations when deciding on what specific version of X (monitor, earbuds, etc.) to buy. I'm...
Oh snap.
I kinda trust Wirecutter and have not regretted a single purchase I've made through their recommendations when deciding on what specific version of X (monitor, earbuds, etc.) to buy.
I'm a Nord user after comparing them through That One Privacy Site a couple years ago, so I was curious why it didn't make the cut.
We dismissed three VPNs—NordVPN, ExpressVPN, and Surfshark—for not being public about their ownership or leadership. “Would you put your money in a bank where you don’t know what laws govern it or who owns it or who manages it?” asked security researcher Kenn White. “Would you go to a financial adviser using a fake identity?”
...I suppose that's a good point.
...also, just now re-visiting That One Privacy Site and it seems Nord's earned a red for ethics, so I wanted to check into that.
Final thoughts: As many other services do, NordVPN relies too heavily on affiliate marketing (native advertising/paid reviews, etc). Their resellers appear to refuse to provide full and prominent disclosure of their financial relationship with NordVPN (as most affiliates do unfortunately) and I couldn’t find evidence that they expect anything more from them. This is encouraging unethical behavior and is not in the best interest of their customers. Most commercial services do this – and it’s not okay.
That seems pretty small, but I suppose it's something to consider. sigh maybe time to look into switching my VPN.
I've been really happy with Mullvad, but like the article says, it's quite bad on mobile. I almost never need a VPN on my phone so it hasn't been a problem for me, but I probably wouldn't...
I've been really happy with Mullvad, but like the article says, it's quite bad on mobile. I almost never need a VPN on my phone so it hasn't been a problem for me, but I probably wouldn't recommend it if you do want to use it on your phone. It's a fairly annoying process to set it up and use it on mobile including (I think) needing to download a separate configuration file for each individual location/server you want to use. Hopefully they'll get a dedicated app for it eventually.
Naive question as I'm admittedly typically taking other people's word for things in regards to this type of stuff, but the sole reason I got a VPN was essentially to discourage my ISP from selling...
Naive question as I'm admittedly typically taking other people's word for things in regards to this type of stuff, but the sole reason I got a VPN was essentially to discourage my ISP from selling my data/spying on me/have the ability to pirate if I wanted to, and for a little additional security when I'm browsing at a public wifi spot.
I'm on my phone a lot using public wifi (coffee shops, train stations, etc.) and use my VPN in these times just to feel a little more secure... and you're saying you don't really use it on mobile... me do bad? Me do thing that make no difference? Me silly for thinking me secure?
No, he's just talking about the user experience. But, to go into public wifi, on any local connection, remember that all clients connected can see all packets sent by anyone. However, in the...
No, he's just talking about the user experience.
But, to go into public wifi, on any local connection, remember that all clients connected can see all packets sent by anyone. However, in the modern day, that doesn't really matter; almost every website uses SSL, so people can just see your encrypted blobs. However, they can still see where the packets are going.
When you use a VPN, now that is obfuscated in the sense that now the dest ip and port on your TCP packets all point just towards your VPN. So everyone knows that you're talking to a VPN, but that's it.
In the sense that someone sitting next to you can't go on wireshark and see where/what you're doing yes.
But there's plenty of nefarious things someone could do (if they really wanted), like DNS poisoning, ARP forging, etc. if they're local.
The chance of that is pretty low, though, unless you angered a nation state or something.
Gotcha, the encrypted blobs is what I thought was happening, I just suddenly had a seed of doubt after seeing that someone didn't care about using a VPN on mobile. Thank you!
Gotcha, the encrypted blobs is what I thought was happening, I just suddenly had a seed of doubt after seeing that someone didn't care about using a VPN on mobile.
Oh, no, it's good for you to be using it. I just don't use my phone for much significant when I'm out anywhere, so I almost never connect to public wifi. I usually only want a VPN on it if I'm...
Oh, no, it's good for you to be using it. I just don't use my phone for much significant when I'm out anywhere, so I almost never connect to public wifi. I usually only want a VPN on it if I'm traveling, but that's not very often.
In what way? Don’t you think a VPN provider who steals their customers‘ money would disappear quickly just because others call them out? And i think many of them can’t deal with the legal problems...
In what way? Don’t you think a VPN provider who steals their customers‘ money would disappear quickly just because others call them out?
And i think many of them can’t deal with the legal problems of providing a VPN that can be used to access all kinds of illegal content. Therefore they need to stay anonymous to be able to provide their service.
I think it’s telling that PIA is indicated as a “staff favorite”. In another article on which I can’t lay my hands atm, the author even says it’s the vpn they use.
I think it’s telling that PIA is indicated as a “staff favorite”. In another article on which I can’t lay my hands atm, the author even says it’s the vpn they use.
As someone who has got ProtonVPN as my VPN provider, that was kinda disappointing to read, although I sort of suspected they weren't that great. I'm not really a fan of their mail service either,...
As someone who has got ProtonVPN as my VPN provider, that was kinda disappointing to read, although I sort of suspected they weren't that great. I'm not really a fan of their mail service either, if I'm being 100% honest.
When/if our internet becomes censored (we were meant to have a porn block go live in June but with Theresa May's resignation those plans were put on hold) I'm going to switch to either NordVPN or...
When/if our internet becomes censored (we were meant to have a porn block go live in June but with Theresa May's resignation those plans were put on hold) I'm going to switch to either NordVPN or Private Internet Access.
The most important thing to look at with VPN providers is how much activity they log on their users. A few years ago, HideMyAss betrayed the trust of their users when they handed usage logs to the authorities which led to the arrest of several Lulzsec hackers.
I disagree with this attitude. As someone who wants to use my personal mobile phone on my works’ WiFi network without them seeing my traffic, or who simply wants to hide all my traffic from my...
I disagree with this attitude. As someone who wants to use my personal mobile phone on my works’ WiFi network without them seeing my traffic, or who simply wants to hide all my traffic from my ISP, I do want to use a VPN. I just want to hide my traffic, nothing more, and I have no interest in maintaining my own VPS, so I’m willing to pay for the service that a VPN provider asks.
Kind of a silly post, both solutions requires you trusting the provider not to look at your business. But people can choose who they want to trust and despite this guys cynicism there's no reason...
Kind of a silly post, both solutions requires you trusting the provider not to look at your business. But people can choose who they want to trust and despite this guys cynicism there's no reason to think Mullvad or other well thought of VPNs aren't doing exactly what they say they're doing.
Use a VPN if you: *Want to use public WiFi safely *Don't want your isp to see your online activity on principal (selling your information) *Don't want your isp to alter your traffic (net...
Use a VPN if you:
*Want to use public WiFi safely
*Don't want your isp to see your online activity on principal (selling your information)
*Don't want your isp to alter your traffic (net neutrality concerns)
Don't use a paid VPN if you:
*Want 100% anonymity
*Are doing something that is illegal in a country that the VPN provider will cooperate with.
Wasn't TunnelBear acquired by McAfee? This makes me really question its integrity, and the article only takes a cursory glance at this relationship, which makes me distrust it.
And although their transparency report is nice and all, the fact that TunnelBear is US-based means it's under the five eyes jurisdiction, which could be a privacy concern.
I'm asking this with genuine curiosity, please don't take this comment as me attacking TunnelBear, I just don't understand how it's supposedly the best choice when there's two very glaring issues that other VPNs avoid.
I wrote about the privacy issues with the TunnelBear acquisition here: https://sourcecontribute.com/2018/03/09/tunnelbear-sells-out-to-mcafee-violating-user-privacy/comment-page-1/
The other issue I pointed out was that TunnelBear actually received Canadian government grants for R&D and that was in 2017, just a half year to a year before being acquired.
So Canadian taxpayers paid for a US company to grow bigger and reduce the competition in the VPN space and the user data belongs to McAfee so who knows wtf they will do with it.
The credibility of The Wire Cutter is taking a hit here, at least for VPN service reviews.
How do you know those other VPNs avoid it?
If the threat model is a well funded government agency like GCHQ then it would be dumb to trust a commercial service.
I have used Mullvad over the last three months with 0 complaints. They are big supporters of open source, recently they sponsored a corebooted server. As a few people mentioned mobile was bad, I would recommend trying their wireguard servers. The protocol is still in late beta, but it is still objectively better than openvpn. There are some concerns with proper anynomity with wireguard, but there are plans to mitigate that issue. Wireguard is one of the few protocols that is so much better than previous protocols.
Android App
ios app
Wireguard guides for Mullvad
Nice, I'll have to consider mullvad as I am like the simplicity of wireguard, and it seems to me like wireguard's cryptography is very sound and simple. Simplicity leads to less bugs.
Oh snap.
I kinda trust Wirecutter and have not regretted a single purchase I've made through their recommendations when deciding on what specific version of X (monitor, earbuds, etc.) to buy.
I'm a Nord user after comparing them through That One Privacy Site a couple years ago, so I was curious why it didn't make the cut.
...I suppose that's a good point.
...also, just now re-visiting That One Privacy Site and it seems Nord's earned a red for ethics, so I wanted to check into that.
That seems pretty small, but I suppose it's something to consider. sigh maybe time to look into switching my VPN.
I've been really happy with Mullvad, but like the article says, it's quite bad on mobile. I almost never need a VPN on my phone so it hasn't been a problem for me, but I probably wouldn't recommend it if you do want to use it on your phone. It's a fairly annoying process to set it up and use it on mobile including (I think) needing to download a separate configuration file for each individual location/server you want to use. Hopefully they'll get a dedicated app for it eventually.
Naive question as I'm admittedly typically taking other people's word for things in regards to this type of stuff, but the sole reason I got a VPN was essentially to discourage my ISP from selling my data/spying on me/have the ability to pirate if I wanted to, and for a little additional security when I'm browsing at a public wifi spot.
I'm on my phone a lot using public wifi (coffee shops, train stations, etc.) and use my VPN in these times just to feel a little more secure... and you're saying you don't really use it on mobile... me do bad? Me do thing that make no difference? Me silly for thinking me secure?
No, he's just talking about the user experience.
But, to go into public wifi, on any local connection, remember that all clients connected can see all packets sent by anyone. However, in the modern day, that doesn't really matter; almost every website uses SSL, so people can just see your encrypted blobs. However, they can still see where the packets are going.
When you use a VPN, now that is obfuscated in the sense that now the dest ip and port on your TCP packets all point just towards your VPN. So everyone knows that you're talking to a VPN, but that's it.
In the sense that someone sitting next to you can't go on wireshark and see where/what you're doing yes.
But there's plenty of nefarious things someone could do (if they really wanted), like DNS poisoning, ARP forging, etc. if they're local.
The chance of that is pretty low, though, unless you angered a nation state or something.
Gotcha, the encrypted blobs is what I thought was happening, I just suddenly had a seed of doubt after seeing that someone didn't care about using a VPN on mobile.
Thank you!
Oh, no, it's good for you to be using it. I just don't use my phone for much significant when I'm out anywhere, so I almost never connect to public wifi. I usually only want a VPN on it if I'm traveling, but that's not very often.
Chiming in for Mullvad too. Very good service.
You might want to check out Wireguard on Android, it's super easy to do with Mullvad.
Counter argument: why do you trust people more who disclose their identity? Usually the identity doesn’t tell you more about those people.
In what way? Don’t you think a VPN provider who steals their customers‘ money would disappear quickly just because others call them out?
And i think many of them can’t deal with the legal problems of providing a VPN that can be used to access all kinds of illegal content. Therefore they need to stay anonymous to be able to provide their service.
I think it’s telling that PIA is indicated as a “staff favorite”. In another article on which I can’t lay my hands atm, the author even says it’s the vpn they use.
As someone who has got ProtonVPN as my VPN provider, that was kinda disappointing to read, although I sort of suspected they weren't that great. I'm not really a fan of their mail service either, if I'm being 100% honest.
When/if our internet becomes censored (we were meant to have a porn block go live in June but with Theresa May's resignation those plans were put on hold) I'm going to switch to either NordVPN or Private Internet Access.
The most important thing to look at with VPN providers is how much activity they log on their users. A few years ago, HideMyAss betrayed the trust of their users when they handed usage logs to the authorities which led to the arrest of several Lulzsec hackers.
Don't use VPN services.
https://gist.github.com/joepie91/5a9909939e6ce7d09e29
I disagree with this attitude. As someone who wants to use my personal mobile phone on my works’ WiFi network without them seeing my traffic, or who simply wants to hide all my traffic from my ISP, I do want to use a VPN. I just want to hide my traffic, nothing more, and I have no interest in maintaining my own VPS, so I’m willing to pay for the service that a VPN provider asks.
Kind of a silly post, both solutions requires you trusting the provider not to look at your business. But people can choose who they want to trust and despite this guys cynicism there's no reason to think Mullvad or other well thought of VPNs aren't doing exactly what they say they're doing.
Use a VPN if you:
*Want to use public WiFi safely
*Don't want your isp to see your online activity on principal (selling your information)
*Don't want your isp to alter your traffic (net neutrality concerns)
Don't use a paid VPN if you:
*Want 100% anonymity
*Are doing something that is illegal in a country that the VPN provider will cooperate with.
Interesting, you would have thought there's a paper trail for that though, right?