- Credit only Word of mouth, but it depends what type of VPN you're looking for. So again, word of mouth these days.

> I never understood why people working in tech would ever trust a VPN service?

-I do, quite a bit actually, I need to connect to another network but region specific.. They are a tool for as you say 'in tech' to work.

> A VPN is seeing all your traffic, and you have to take their word that they do not log any of it?

- At least in Europe that doesn't fly. It does depend on your provider though. Thats why you shop around.

- On this point, I will argue that running your own VPN is better, but so is running your own web hosting. It depends on your priorities.

  > I use free tier AWS servers across the globe with wireguard. It might not be perfect, but I still prefer that than using a VPN service.
 
 - Good for you. Enjoy.

perhaps I am missing something, but it seems like having physical control over the machine breaks several important use cases for VPNs.

if I understand correctly, the privacy that you get from a VPN comes from encrypting the traffic itself, hiding your actual IP, and mixing your traffic with other clients using the same exit point. although it is a matter of record that you are a subscriber, no intercepted traffic can actually be traced back to the IP you own (assuming your provider doesn't keep logs, of course).

I don't really see how these qualities could be retained by operating your own VPN server. unless you are doing some black ops shit, your identity would have to be connected to the VPN server itself, so the fact that it masks your computers IP doesn't matter. plus you probably don't have many other people using your server, so you lose that plausible deniability.

I would be quite glad to be corrected, as I certainly don't love trusting my provider when they say they don't keep logs.

This. However the critical point is that VPN providers are virtual, so there is in theory infinite competition; ISPs are an oligopoly in every country, so there is no real competition - If you don't like something about your ISP, like selling your metadata, it's usually tough shit because the other few will follow knowing there is no real competition and seeing a way to extract more money.

Then you are placing your trust in your VPS provider (unless you are running the VPN on your home network, and then you are trusting your ISP).

At the end of the day you have to trust someone right? (ignoring the can of worms that is TOR). I know my ISP is untrustworthy and salivating over my data. I am unable to easily translate the privacy policies of a VPS provider, but VPN providers are at least explicitly claiming that they don't sell your data.

Surely it's because it is their business model.

ISP's have been proven to snoop and inject into traffic. They sell your data to those that have money. This is a breach of your privacy.

On the other hand if a VPN provider were caught doing that, it would be abandoned by it's customers overnight. It is the primary risk to the business.

With VPN services I have a choice, but with an ISP they hold most of the cards (I can leave them once my contract is up). ISP's take your trust and abuse it, VPN's have to earn it.

Money

>Why would you assume that the majority of VPN providers lie to customers?

Money. There's no way to confirm their claims, and if logging+selling data= more money, there's a reasonable assumption that is indeed the case.

>Why do you think people who want to stay anonymous don't know how to throw off browser fingerprinting?

Even if they do, it's difficult, ever changing, and easy to slip up.

No, you don't ever use VPN for privacy. 99% of the VPN providers log every single activity on their servers.

I am using Mullvad and they seem take privacy very seriously and I kind of trust them, certainly more than all the other providers. Do I trust them 100%? Definitely not.

In my country, the UK, ISPs are legally required to retain logs of customer activity for 12 months. A VPN has no such legal requirement.

So while I can't be 100% sure that my VPN is monitoring me, I can be 100% sure my ISP is. Additionally, my VPN has a financial incentive not to log customer data, or at the very least, not to be caught doing it.

(I'm currently using IVPN (https://www.ivpn.net/). It's on the more expensive side, though that isn't necessarily a bad thing, and it supports multihop over OpenVPN, and the experimental Wireguard protocol.)

The problem is that it doesn’t actually change anything while giving a false sense of security.

Your VPN’s ‘improved’ privacy is just as worthless as the privacy you get with just your ISP. If something requires privacy, neither can be used, and if it doesn’t then why should it matter which one you use ?

Privacy is an on/off thing. Either you have it or you don’t. There is no in-between.

Well not really. There was a great (german) interview with the perfect privacy founders recently [1]. They seem to be decent guys with close ties to the Chaos Computer Club and I strongly suspect they wouldn't want to work like that.

[1] https://www.youtube.com/watch?v=VMr0gJvI-6I

> But if you need to hide your traffic from anybody but your peer on the internet and you need to hide the fact that you talked to that peer, then, I'm afraid, your out of luck.

Nah, that one is easy just use an anonymous sim card or an open wifi and your good to go.

Honestly these discussions often feel pretty asinine to me. I personally use paid VPNs to pirate to my hearts content, work around my ISPs terrible networking and a little bit of geo-unblocking. Of course you can't use these services to protect yourself from three letter agency type surveillance or equally powerful threat actors but if they are "private" enough to block the music industry and their lawyers from suing you that's a pretty high standard of privacy, certainly more than any ISP alone gives you!

A lot of people really do distrust their ISP enough that even with knowledge that you're shifting the responsibility to the VPN provider they still trust a random VPN more than their ISP.

Would I trust some random unknown VPN provider more than Comcast? Maybe.

You're lucky in this regard. Having no choice but Comcast, the number one threat to my privacy is my ISP. So that makes tunneling to an outside VPN very useful. I trust DigitalOcean far more. Although in a different situation I think you're absolutely right.

you can't. but, you could use 2 nested vpn services, which would help if you can know that the 2 aren't affiliated with each other ... which you can't know.

i mean, it's hilarious that VPN services suggest privacy as one of their selling features. lol.

While I agree that, as a user, knowing who's behind a service, and in particular a VPN, can help build trust, there are several good reasons why you would want to remain anonymous when running a VPN or any privacy service like secure email and encryption tools. You will be targeted by multiple parties. The technical side of this challenge (both that of operating services like these and that of being a target) is complicated enough. Operator anonymity can mitigate some threats, from social engineering to physical threats, pressure, legal and otherwise, from a range of parties. Anyone with experience in these matters knows what I'm referring to, and don't think for a second operating outside of the US makes that much of a difference. The world is small. Many parties do not play by any rules besides their own.

Learn to do it yourself. If privacy is your top priority, you can't trust any available VPN providers out there.

You just shift the trust around. Now I have to trust the hoster, e.g. OVH instead of my local ISP. Really the best thing you can do is end-to-end encryption, don't send plaintext over the internet.

> Your isp knows you visited a certain domain with https. That's a concern.

How about DNS over HTTPS?

ISPs often have captive markets and have enough political sway to grant them said captive markets. VPN companies live or die based on their reputation, so they arguably have more of an incentive to behave well. Meanwhile some ISPs have even admitted to selling your traffic for marketing purposes or are forced by the government to keep records. There's plenty of shady VPN companies out there, and not all ISPs are scummy and sell your info, but there's quite a bit of range between the scummiest ISP and the best VPN, and for a subset of people using VPNs definitely makes sense.

Court orders. They might be lying to customers, but they're unlikely to lie to a court. So if a court approaches them and they respond with "we have no data", they have no data.

Okay it's never gonna be no data, they'll still supply email address, payment method, registration date and similar things, but that's not my concern.

Bit more nuanced than that, but it's certainly a field full of liars and scams.

> and that if you really get security, you self-host

Really depends on what your goal is; self-hosting can, for instance, pin you personally to a single static IP. But for some things, yeah it can be better.

> or go VPN-less (what is the alternative, exactly?)

TOR, I expect.

> Isn't the major benefit of a VPN the added hoop websites have to jump through in order to build visitor profiles?

That can be one benefit, yes. It doesn't have to be a silver bullet, but you do want to be clear on what benefits you expect to get from your particular solution.