this post was submitted on 20 Nov 2023
37 points (93.0% liked)

Privacy

32207 readers
228 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm shopping for a VPN providers, and really struggling to find a detailed and non-biased breakdown of the various options. A number of years ago, I recall finding an extremely detailed VPN comparison spreadsheet that had 30+ columns, which were contained criteria by which the VPNs were judged both quantitatively and qualitatively. I can no longer find that table, so I suspect it has been removed, but I did find the less-comprehensive table, below:

https://docs.google.com/spreadsheets/d/1ijfqfLrJWLUVBfJZ_YalVpstWsjw-JGzkvMd6u2jqEk/edit?usp=sharing

In the thread posted by the owner of this sheet, a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading. I too am suspicious that this table can't be trusted, however I really am not knowledgeable about VPNs, so before passing judgement, I figured I should consult those who know more about it. I also recognize that a strong marketing team and an excellent product aren't mutually exclusive, however I think that generally applies more in markets where economies of scale play a significant role, as does mass-adoption, which fuels loads of well-informed, independent research (ex: the car market and phone market.) That obviously isn't the case with the VPN markets... but I'm still sorta holding out hope.

If I end up excluding this table, I'm not sure where to turn at that point. Shilling is extremely pervasive in the VPN market, so it's tough to trust any one person or any one thread. It's also well established that a few of the large VPNs actually own a number of review blogs, so I can't really trust blogs either.

I guess I'm here hoping to be told that my suspicions about this table are unfounded, and / or that another excellent, unbiased resource for comparative VPN info exists. Any help would be appreciated!

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 27 points 1 year ago* (last edited 1 year ago) (2 children)

a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading

Exactly. This is unfortunately common practice, so this breakdown can be dismissed as they're obviously biased due to monetary motivations.

Consider to read Privacy Guides' take on the matter instead.

(Perhaps personal) TL;DR would be that Mullvad VPN in combination with Mullvad Browser offers the most private internet browsing experience for people who don't desire to connect to the Tor Network. Furthermore, Proton offers a suite of privacy-friendly services for mail, drive, password manager etc. Therefore, for the sake of trusting the least amount of parties for these services (at the cost of putting all eggs in one basket), one might consider Proton VPN instead; additionally it includes a free tier and some support to port forwarding (read: allows the use of torrent applications).

[–] JDubbleu 6 points 1 year ago

I did a lot of research a few years ago and settled on ProtonVPN. I won't say anything authoritative regarding privacy as I haven't done any recent research, but I've been very happy with the service so far.

I run a seedbox with all the traffic from qBittorrent tunneled through ProtonVPN and I've gotten up to 200 Mbps down through a few very healthy torrents before, and on dedicated speed tests I can pull down ~250 Mbps on my gigabit service. I've also never had it go down despite using the exact same server 24/7.

Their documentation is also amazing and they generate connection configs for Wireguard and OpenVPN on their website using provided parameters making it dead simple to get started.

[–] [email protected] 1 points 1 year ago (1 children)

I'm curious to hear your thoughts on this comment: https://lemmy.ml/comment/5989977

It seems that he's recommending against Privacy Guides (I assume it's the same one you're recommending?)

[–] [email protected] 3 points 1 year ago

Not much to say regarding their first paragraph.

As for their second paragraph, perhaps they are rightfully sceptical regarding Privacy Guides. The body of topics they try to cover is substantial, though. And if TheAnonymouseJoker or whosoever disagrees with them, then they're free to challenge their views.

Privacy Guides isn't any kind of Gospel or whatsoever that you'd have to agree with in its entirety. I do believe, however, that they've done a tremendous job at offering a one-stop shop for those that are conscious regarding their security and privacy. Everyone is free to choose and pick whatever they like from there or not.

I would love to hear about other resources that do a similarly great job at providing at least decent information when it comes to security and privacy; FWIW thenewoil.org exists, however I don't recall any VPN overview/guide/recommendations from them.

[–] [email protected] 14 points 1 year ago (1 children)

I wish there were some descriptions per provider with the ratings. Mullvad gets constant tests by third party against their network and has proven many times they have a no log policy that's working, yet they got a 4 out of 5...

With only numbers and generic descriptions that don't quite match the truth, feels like this sheet is a little misleading. Also, I find it ironic that it's on Google sheets.

[–] [email protected] 2 points 1 year ago

General consensus seems to be that it should be ignored. Your point is well received too. Thank you!

[–] [email protected] 11 points 1 year ago (1 children)

You're taking something simple and making it complicated. Go with known trusted VPNs that have a history of proving themselves. Mullvad, iVPN, Proton (most of their history is with the email, but that means something) they're all priced pretty close, no need for insane scrutiny.

Unless you're buying kilos of fentanyl and automatic weapons off the dark web, don't overthink it. Absent that, if your goal is simply hiding your IP and appearing in a different city somewhere, just grab a trusted one.

[–] [email protected] 2 points 1 year ago

Thanks for the recommendations. Regarding it being easy and me making it difficult, I respectfully disagree, and would like to provide a bit perspective. If you're here replying I suspect you're at least a minor hobbyist, and I'm sure that privacy and security solution selections seems quite simple to you. I assure you, it isn't easy for everyone.

This particular market is literally overrun with intentionally deceptive and often very outdated information, which make it an absolute minefield for the uninitiated. I'm thankful I dove deep enough that I realized I needed to ask a question, because I may have ended up with one of the many much worse choices had I not asked.

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago) (2 children)

Is this the r/VPN spreadsheet? They love affiliates. They once asked to partner with my r/privatelife subreddit, I pointed out some unreviewed VPNs and inconsistencies and they went silent.

Go to r/VPNTorrents, the only legit source of VPN info on reddit. Datahoarders and piracy people follow their advice. Ignore Techlore, PrivacyGuides and all those copypasta bloggers. They know nothing and are just quick enough to pick up on what's trending among pirates and serious privacy advocates.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Link to r/VPNTorrents' recommendations.

TL;DR: Only AirVPN and ProtonVPN are recommended. While, IVPN and Mullvad used to be until they discontinued port-forwarding; which makes them unviable for torrenting.

Link that provides Privacy Guides' opinion on AirVPN. It's basically rejected because there have been no audits.

[–] [email protected] 3 points 1 year ago (1 children)

Is the privacy guides link you posted a different site than the one which TheAnonymousJoker is recommending against?

[–] [email protected] 4 points 1 year ago

It's the same folk, basically. TheAnonymouseJoker or whosoever is free to have their own opinions. Fact is that Privacy Guides is an open community that allows the discussion of these topics. If anyone doesn't like their takes, they can either head to their Github page or to their own platform for a dialogue on the matter.

[–] [email protected] 4 points 1 year ago (1 children)

Thanks, that is very helpful. For the record though, which PrivacyGuides are you saying I should avoid? Is it the site this comment mentions? https://lemmy.ml/comment/5985755

I also see that the person who replied to your comment linked a didn't Privacy Guides site.

load more comments (1 replies)
[–] [email protected] 5 points 1 year ago (1 children)

There seems to be a lot of discount codes and affiliate links which usually means payment from the providers to the person running the list. When money is involved, truth is often the first casualty, so I would take it with a grain of salt.

https://www.techlore.tech/vpn.html has a pretty good list, its open source so anyone can create an issue/contribute on github https://github.com/techlore/website/tree/master/assets/vpn. They're open about any affiliate links https://discuss.techlore.tech/pub/sponsors-affiliates and are pretty well regarded for an intro in to online privacy

https://www.privacyguides.org/en/vpn/ is also a great resource with a much smaller and stricter list with regards to privacy and tends to be my go to when I'm looking for a new privacy respecting service. I think they have a community here but I don't think its very active and they also have a subreddit which was pretty active the last time I was on it a few months ago

[–] [email protected] 2 points 1 year ago

Thank you! This is extremely helpful!

[–] [email protected] 3 points 1 year ago (4 children)

I host my own on a vps where I pay $15 per year

[–] [email protected] 10 points 1 year ago (3 children)

So what if the vps hands your data to the feds and the feds are like hey, why was your vps torrenting Paul blart mall cop 2?

What do you say to that?

That’s my only concern with hosting my own vps.

[–] [email protected] 3 points 1 year ago

That 100% correct, literally no different than just using your ISP at that point, zero control over the hardware and no ability to control the IP.

[–] [email protected] 2 points 1 year ago (1 children)

you think they cant issue a warrant against any VPN hosts?

[–] [email protected] 2 points 1 year ago

Sure they could, but you are a a bit more anonymous and don’t keeps logs, then there may be nothing to hand over.

Hosting your own vps directly ties internet traffic to you. They can see your ip is part of a swarm and see who owns it. If it’s owned by some guy, they can press you. If it’s owned by a company with a legal team, it’s much more difficult.

[–] [email protected] 2 points 1 year ago (2 children)

NGL doing something like that is WAY above my pay grade anyway, but I still am interested in the answer to this question, because I've seen the advice to take the 'self-operated' approach before.

[–] [email protected] 3 points 1 year ago (1 children)

It’s not too difficult to setup, but I think people don’t realize that even if your not breaking the law, you may still have to deal with charges and going to court for years before your found innocent. All while dealing with the stress of a jury possibly finding you guilty.

Then you have prosecutors offering plea deals, so then you think do I stand my ground and risk X years in jail? Or do I plead guilty and just go to jail for 2 years?

load more comments (1 replies)
[–] stifle867 1 points 1 year ago

With using a VPN for the common user use case (excluding business/work VPNs) you generally don't want to self-host. Part of the reason is that you want your traffic that comes out the other side to be mixed with a bunch of other users. If it's a 1 to 1 mapping i.e., you -> vpn -> web traffic then that can be reversed and traced back to you. If there's many users connected to the same VPN then the "you" and the "web traffic" parts are multiplied by hundreds or thousands of other users with no way to connect the dots. That web traffic might be coming from you or it might be coming from any one of the thousands of other users.

I hope I've explained that clearly.

[–] [email protected] 1 points 1 year ago (14 children)

And in doing so you have a never ending list of logs that you can't control. Fine if you only want to hide location, but useless other than that. 1 LE request and every log will be in there hands in 5mins.

load more comments (14 replies)
[–] [email protected] 1 points 1 year ago (1 children)

Where tf did you find a vps for 1.25$/month???

[–] [email protected] 1 points 1 year ago

I cant find the website right now, but you can some similarly priced vps here: https://lowendbox.com/

[–] [email protected] 1 points 1 year ago (6 children)

@authed @grubbylarry I also used to host my own openvpn and wireshark servers on a vps. But later I shut them down. The thing is, vps will definitely trade your data if Gov pressure is high. Remember, data protecting is not their first priority being a VPS provider, their main priority is giving infrastructure to customers. But with vpn providers, their core business model is based on protecting users privacy (I am not saying all really do that, but many are bound to follow swiss laws or such)

[–] [email protected] 1 points 1 year ago

@authed @grubbylarry Proton VPN free plan is even better than hosting vpn on a vps, because they atleast can claim of being protected by the Swiss law, so atleast they can protect your data by that. Whereas you can't even sue your vps if they share your data with anybody, because nobody knows if they really did it. Additionally the problem of dedicated ip is there always.

load more comments (5 replies)
[–] [email protected] 2 points 1 year ago
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

https://thatoneprivacysite.xyz/

Happy hunting

Edit: (Data last updated on 20/07/19)

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Is that July 20th, 2019, or July 19th, 2020? Regardless, I'm under the impression that the VPN world (or really the tech world in general) evolves waaay too quickly to rely on information that's either 3 or 4 years old. Also, as I'm typing this, I also think I saw info that That One Privacy was acquired by a company that sells multiple VPN services, a few of which are included in that sheet if I'm remembering correctly.

EDIT: Confirmed.

[–] stifle867 1 points 1 year ago* (last edited 1 year ago)

The community around here generally lands on Mullvad or Proton.

My vote (and money) goes with Proton and I'll briefly explain why. It ticks all the boxes regarding being independently audited, state of the art crypto, port forwarding, etc. However, the thing that I find extremely important is jurisdiction.

Switzerland has some of the strongest privacy laws in the world, is outside the EU, and isn't a member of any mass surveillance alliances. Proton VPN keeps no logs that can compromise your privacy and under Swiss law we can't be obligated to start logging.

In my assessment Swiss law seems to have the strongest legal guarantees which are just as important as technical ones. There are a lot of jurisdictions that require government cooperation under gag orders. Even without cooperation, the spy agencies can go and tamper with the hardware anyway. Switzerland isn't part of the global surveillance machinery.

Mullvad is based in Sweden which Snowden revealed cooperates with the 5 eyes nations (e.g., NSA, GCHQ, etc). I completely trust Mullvad from a technical perspective, but there is nothing stopping spy agencies from infiltrating them against their knowledge.

Also with Proton you get a suite of services included which is very nice.

[–] [email protected] 1 points 1 year ago (2 children)

I have been using NprdVPN for 5 years. Speed is pretty good, and their zero-log policy have been proved by 3th party. They also use RAM only servers which is better.

It may be a bit expensive though.

[–] [email protected] 3 points 1 year ago (1 children)

I do like that thirth party reassurance

[–] [email protected] 2 points 1 year ago

NordVPN undertook three independent audits to prove their no-logs policy. You can check that with a quick search online.

load more comments
view more: next ›