I'm shopping for a VPN providers, and really struggling to find a detailed and non-biased breakdown of the various options. A number of years ago, I recall finding an extremely detailed VPN comparison spreadsheet that had 30+ columns, which were contained criteria by which the VPNs were judged both quantitatively and qualitatively. I can no longer find that table, so I suspect it has been removed, but I did find the less-comprehensive table, below:
https://docs.google.com/spreadsheets/d/1ijfqfLrJWLUVBfJZ_YalVpstWsjw-JGzkvMd6u2jqEk/edit?usp=sharing
In the thread posted by the owner of this sheet, a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading. I too am suspicious that this table can't be trusted, however I really am not knowledgeable about VPNs, so before passing judgement, I figured I should consult those who know more about it. I also recognize that a strong marketing team and an excellent product aren't mutually exclusive, however I think that generally applies more in markets where economies of scale play a significant role, as does mass-adoption, which fuels loads of well-informed, independent research (ex: the car market and phone market.) That obviously isn't the case with the VPN markets... but I'm still sorta holding out hope.
If I end up excluding this table, I'm not sure where to turn at that point. Shilling is extremely pervasive in the VPN market, so it's tough to trust any one person or any one thread. It's also well established that a few of the large VPNs actually own a number of review blogs, so I can't really trust blogs either.
I guess I'm here hoping to be told that my suspicions about this table are unfounded, and / or that another excellent, unbiased resource for comparative VPN info exists. Any help would be appreciated!
I host my own on a vps where I pay $15 per year
So what if the vps hands your data to the feds and the feds are like hey, why was your vps torrenting Paul blart mall cop 2?
What do you say to that?
That’s my only concern with hosting my own vps.
That 100% correct, literally no different than just using your ISP at that point, zero control over the hardware and no ability to control the IP.
you think they cant issue a warrant against any VPN hosts?
Sure they could, but you are a a bit more anonymous and don’t keeps logs, then there may be nothing to hand over.
Hosting your own vps directly ties internet traffic to you. They can see your ip is part of a swarm and see who owns it. If it’s owned by some guy, they can press you. If it’s owned by a company with a legal team, it’s much more difficult.
NGL doing something like that is WAY above my pay grade anyway, but I still am interested in the answer to this question, because I've seen the advice to take the 'self-operated' approach before.
It’s not too difficult to setup, but I think people don’t realize that even if your not breaking the law, you may still have to deal with charges and going to court for years before your found innocent. All while dealing with the stress of a jury possibly finding you guilty.
Then you have prosecutors offering plea deals, so then you think do I stand my ground and risk X years in jail? Or do I plead guilty and just go to jail for 2 years?
Good point. This sounds like a vote against going the vps route, am I correct?
With using a VPN for the common user use case (excluding business/work VPNs) you generally don't want to self-host. Part of the reason is that you want your traffic that comes out the other side to be mixed with a bunch of other users. If it's a 1 to 1 mapping i.e., you -> vpn -> web traffic then that can be reversed and traced back to you. If there's many users connected to the same VPN then the "you" and the "web traffic" parts are multiplied by hundreds or thousands of other users with no way to connect the dots. That web traffic might be coming from you or it might be coming from any one of the thousands of other users.
I hope I've explained that clearly.
And in doing so you have a never ending list of logs that you can't control. Fine if you only want to hide location, but useless other than that. 1 LE request and every log will be in there hands in 5mins.
I host the server, I dont have to keep any logs and I can pay with moneros
Gotcha, your own server makes it better clearly, but you originally said it was on a VPS.
To be clear though just because I'm anal, you mean YOUR server? Not a VPS you pay somebody else to use? As in you can physically touch it if you want?
whats the difference in trusting a remote vpn provider or remote vps provider? from a privacy standpoint... btw my vps is hosted in russia and I cant touch it... can you touch the server that host your vpn???
I'd argue that deanonimation would be easier.
In a VPN you have hundreds of clients and also hundreds of outbound connections, tho not impossible is way harder to find out which connection is being piped to which client. On you own hosted VPS, if you have a dedicated ip is easier, all the traffic will be redirected to only one address, then one of your client.
Even with a vps with a shared ip the number of clients mantaning open connections is probably way lower on average.
I don't know what size my vps provider is compared to your VPN provider but I'm pretty sure they would tell the US government to fuck off if they asked for data... They are from Russia
You are missing the point, in this case the vector would not be someone requesting data but someone surveiling the VPS or VPN server's traffic and drawing conclutions out of it
the NSA sees all traffic.... how is your VPN traffic not traceable?
It is about the ability to trace back, not to be traced.
Ws1------|----++++++++---| Ws2------| | ----Client 1 Ws3------|. VPN |----Client 2 Ws4------| |----Client 3 ... | | ... Wsn------| |----Client m
Since there are multimple outside conections (wb1..n), the traffic to the VPN clnent is encripted and each client can have multiople connections (thats why i used Client m and not Client n) you can not in a reliable fashion tell which connection will be sent to which client.
Now your case:
Ws1------|----++++++++---| Ws2------| | ----Client 1 Ws3------|. VPS. | Ws4------| | ... | | Wsn------| |
You can in that case reliable say that all the traffic is being piped to Client 1, because ks the only client.
From there a motivated party can trace back you traffic to you ISP, if you got a fixed IP you can be trace back to.
If you are behind a CGNAT that party will need help from your ISP, to see where the fraffic went. Which tbf I neglected to mention before, but still changes the trust from you VPS to you ISP.
To be REALLY fair this tho no wholly easy is also not incredibly hard given you have the right hardware in the right place, I just wanted to explain why mixing your traffic with others has an advantage over a single person VPN
"you can not in a reliable fashion tell which connection will be sent to which client."
You easily can if you can see all internet traffic like the NSA can
Not if going first through a MIMO ofuscator. Which is what the VPN is.
Or could you explain how would you be able to tell which connection goes to which client?
if you can see a server is sending 167 packets of X size and you can see a client is receiving the same, it doesnt matter that it goes through a VPN? You probably also could time the packets... or decrypt them if they are encrypted using a CA
It's a transfer of trust either way, point being you don't have physical control over it, and therefore have no idea what's actually happening on the other end, you're not hosting it, they are, you're just administering it.Russia is NO fan of privacy, arguably worse than the US, and now talking about banning all VPN use.
My server is in my house physically. I'd never host my own VPN because I could never compete with what commercial ones in privacy respecting countries can do, let alone needing more outsourced servers for changing my location all over the place, which I do regularly.
Russia may be worst, but I doubt that they will share data with the USA and I will never visit Russia.
If you don't host your own VPN, what's the difference
@authed @grubbylarry I also used to host my own openvpn and wireshark servers on a vps. But later I shut them down. The thing is, vps will definitely trade your data if Gov pressure is high. Remember, data protecting is not their first priority being a VPS provider, their main priority is giving infrastructure to customers. But with vpn providers, their core business model is based on protecting users privacy (I am not saying all really do that, but many are bound to follow swiss laws or such)
@authed @grubbylarry Proton VPN free plan is even better than hosting vpn on a vps, because they atleast can claim of being protected by the Swiss law, so atleast they can protect your data by that. Whereas you can't even sue your vps if they share your data with anybody, because nobody knows if they really did it. Additionally the problem of dedicated ip is there always.
Do you really think that a VPN provider would resist requests from the US gov?
@authed I think they will resist more than a VPS would
thats your opinion... I think they will honor a warrant any day... I.E.: Plz enable logs and let me look at them
@authed All I wanna say is, you are free to use anything, it's your life, have fun.
Honoring a warrant doesn't mean much, when there's nothing to turn over than a connection IP and some timestamps, vs all the traffic that could be there otherwise. That's been proven multiple times with zero knowledge VPN providers.
They can't make them starting doing things there system isn't made to do just because they want them to, not how warrants work. Again, been proven many times over at this point. Knowing that you connected at a time, exited from a shared IP, with a bunch of nonsense in the middle keeps you pretty safe. That ignoring that's even harder when that zero knowledge provider is ina country like Switzerland where it takes VERY direct reasons to have a judge approve a warrant in the first place, dragnets aren't allowed there, and even then, nothing useful comes back.
A country like Russia wouldn't kick back info, but their spying is at China level, so you've already lost there.
Where tf did you find a vps for 1.25$/month???
I cant find the website right now, but you can some similarly priced vps here: https://lowendbox.com/