they were all owned by the same company and sold to Kape, which has ties to the Israeli intelligence service, a few years back.

The issue is who he sold it to – the notorious creator of some pernicious data-huffing ad-ware, Crossrider. The UK-based company was cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading who was later named in the Panama Papers. It produced software which previously allowed third-party developers to hijack users’ browsers via malware injection, redirect traffic to advertisers and slurp up private data.

I personally use perfect-privacy, which didn’t turn up any red flags when I did research a few years ago. it’s a little lacking in features but openvpn isn’t that hard to set up on linux & android. no clue how well their desktop app works.

  • OrionsMask [he/him,any]@hexbear.net
    link
    fedilink
    English
    arrow-up
    3
    ·
    8 months ago

    Sorry for messaging on a month-old thread but you seem like you know what you’re talking about. Choosing a solid VPN seems like a minefield between paid sponsorships and reviews, location of headquarters, potential ties to intelligence agencies, privacy features, prices, etc. etc. etc.

    I wanted to get your thoughts on Windscribe as a potential all round good VPN. They talk a real solid game in their blog posts and seem to be very ideologically driven, and they tick all the right boxes… except that they are headquartered in Canada. Do you have any thoughts about them? Would you recommend steering clear or do you think they’re solid?

    Many thanks!

    • farting_weedman [none/use name]@hexbear.net
      link
      fedilink
      English
      arrow-up
      4
      ·
      8 months ago

      The ideology and commitment of a service provider is irrelevant. Companies doing business in a nation are compelled by force to follow those nations laws.

      I would advise against looking for an “all round” vpn. Think about it more like a tool. No one would recommend you replace a socket wrench set with a gerber multitool because the gerber has a lifetime warranty and a screwdriver and wire cutter built in. Those are great things to have and gerber really will honor that warranty when you break the pliers fucking around with barb wire but the multi tool isn’t a socket wrench.

      I use a few vpns. Mullvad, air, proton and a few classic style lil servers that just handle traffic. Air and proton are both very good for torrenting and running services. Mullvad is nice for getting/being serious about privacy from states.

      To use another metaphor, think about a vpn like a gun. They’re not all the same and if you try to use one to do something it’s not suited for you’ll by unsuccessful.

      If you feel comfortable talking about it, what are you planning on using a vpn for?

      • OrionsMask [he/him,any]@hexbear.net
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        8 months ago

        Thanks for the reply. That’s a fair point, but when the time comes to be forced, they may have nothing to provide because of that ideological commitment, no? Windscribe in particular boasts a no logging policy, so what do they have to offer really when push comes to shove? It’s been tested as well, one of their servers in Ukraine was seized by local authorities and not only did they self-report the seizure a week later, apparently nothing came of the seizure apart from a few leaked usernames. Am I being naive in thinking this is a demonstration of their claims?

        I don’t want to get too specific about my use cases for obvious reasons, but I live in the UK and I’m sure you’ve heard that our privacy is slowly being completely hollowed out by legislation. Plus the government has been steadily criminalising several forms of protest, to the point that I worry that even having history on a site like this may one day be an issue. Basically I’m trying to take greater steps to protect my privacy (and services like port forwarding are useful too).

        • farting_weedman [none/use name]@hexbear.net
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          8 months ago

          When the police have a wiretap warrant they’ll install their own logging facilities.

          If you’re really worried id setup and be prepared to use two different vpns, with multihop when the time comes. Not at the same time, but be prepared with a backup.

          One of the ways that effective vpns are targeted is with websites and services blocking their servers. Mullvad had that happen last year when interpol wanted to push csam people off of it. The csam people were using port forwarding to host file sharing with the security that mullvad provided and in order to get mullvad to stop offering port forwarding they leaned on every major website to block their server ips. Whole fens wouldn’t respond to you if you were using mullvad. Eventually they stopped offering the service and the csam people had to go elsewhere.

          So even an effective vpn can be targeted and it’s worth it to have a backup.

          E: also those servers seized in ukrane were unencrypted, which is a huge incredibly stupid unforced error and it means they better have done a big fucker key rotation afterwards. I don’t use windscribe so I don’t know if they did.

          • OrionsMask [he/him,any]@hexbear.net
            link
            fedilink
            English
            arrow-up
            1
            ·
            8 months ago

            I didn’t realise that port forwarding was so intertwined with CSAM. :/ I just know it’s required for torrenting. I actually used to use Mullvad and PIA but moved away from both because they did things that made them look sketchy/cooperated with authorities.

            I’d like to think I’d never be in a position to be on the receiving end of a wiretap, but noted, you never know. I do think that two VPNs might be a bit overkill to assuage my own paranoia though… You’ve sufficiently put me off Windscribe at the very least lmao. I’ll look for a VPN not in a 14 eyes country and since you evidently trust Mullvad, I’ll look into it again too and see if I can make do. Thanks for your insight!

            • farting_weedman [none/use name]@hexbear.net
              link
              fedilink
              English
              arrow-up
              4
              ·
              8 months ago

              What made you raise your eyebrows at mullvad? I know they had a search executed on em but it ended up being a big nothing burger iirc.

              I wouldn’t worry about the eyes-ness of a providers operations based on your concerns. What’s most important is having a fallback for when your main vpn isn’t available and making sure you’re using the fallback when that happens.

              The thing you’re worried about isn’t a particular agency targeting you in particular, but being swept up in police action and mass surveillance. To that end it doesn’t really matter as much that your vpn have the lack of interpol cooperation or even the obfuscating effect of using the same exit node as a bunch of other people but instead that you be always using one, understand what it does and who or what your devices are communicating with and practice the best possible security you can when dealing with the cops.

              Look into securing your devices against intrusion (and keeping secure backups) and how to deal with the police when they take you in. For example: an iPhone is put in a special state when it’s powered on that requires strict authentication before any kind of peripheral will be recognized. If you can’t turn the phone off then just grabbing the two buttons that put it in the “slide to power off” screen drops all peripheral connections and needs an authentication before it’ll let anyone use it.

              Drill that interaction so that no matter how gassed, beaten and dazzled you are, you can put your devices in some kind of secure-ish state.