this post was submitted on 20 Nov 2023
36 points (92.9% liked)

Privacy

31833 readers
112 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm shopping for a VPN providers, and really struggling to find a detailed and non-biased breakdown of the various options. A number of years ago, I recall finding an extremely detailed VPN comparison spreadsheet that had 30+ columns, which were contained criteria by which the VPNs were judged both quantitatively and qualitatively. I can no longer find that table, so I suspect it has been removed, but I did find the less-comprehensive table, below:

https://docs.google.com/spreadsheets/d/1ijfqfLrJWLUVBfJZ_YalVpstWsjw-JGzkvMd6u2jqEk/edit?usp=sharing

In the thread posted by the owner of this sheet, a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading. I too am suspicious that this table can't be trusted, however I really am not knowledgeable about VPNs, so before passing judgement, I figured I should consult those who know more about it. I also recognize that a strong marketing team and an excellent product aren't mutually exclusive, however I think that generally applies more in markets where economies of scale play a significant role, as does mass-adoption, which fuels loads of well-informed, independent research (ex: the car market and phone market.) That obviously isn't the case with the VPN markets... but I'm still sorta holding out hope.

If I end up excluding this table, I'm not sure where to turn at that point. Shilling is extremely pervasive in the VPN market, so it's tough to trust any one person or any one thread. It's also well established that a few of the large VPNs actually own a number of review blogs, so I can't really trust blogs either.

I guess I'm here hoping to be told that my suspicions about this table are unfounded, and / or that another excellent, unbiased resource for comparative VPN info exists. Any help would be appreciated!

top 50 comments
sorted by: hot top controversial new old
[–] alt@lemmy.ml 26 points 11 months ago* (last edited 11 months ago) (2 children)

a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading

Exactly. This is unfortunately common practice, so this breakdown can be dismissed as they're obviously biased due to monetary motivations.

Consider to read Privacy Guides' take on the matter instead.

(Perhaps personal) TL;DR would be that Mullvad VPN in combination with Mullvad Browser offers the most private internet browsing experience for people who don't desire to connect to the Tor Network. Furthermore, Proton offers a suite of privacy-friendly services for mail, drive, password manager etc. Therefore, for the sake of trusting the least amount of parties for these services (at the cost of putting all eggs in one basket), one might consider Proton VPN instead; additionally it includes a free tier and some support to port forwarding (read: allows the use of torrent applications).

[–] JDubbleu@programming.dev 5 points 11 months ago

I did a lot of research a few years ago and settled on ProtonVPN. I won't say anything authoritative regarding privacy as I haven't done any recent research, but I've been very happy with the service so far.

I run a seedbox with all the traffic from qBittorrent tunneled through ProtonVPN and I've gotten up to 200 Mbps down through a few very healthy torrents before, and on dedicated speed tests I can pull down ~250 Mbps on my gigabit service. I've also never had it go down despite using the exact same server 24/7.

Their documentation is also amazing and they generate connection configs for Wireguard and OpenVPN on their website using provided parameters making it dead simple to get started.

[–] grubbylarry@lemmy.ml 1 points 11 months ago (1 children)

I'm curious to hear your thoughts on this comment: https://lemmy.ml/comment/5989977

It seems that he's recommending against Privacy Guides (I assume it's the same one you're recommending?)

[–] alt@lemmy.ml 3 points 11 months ago

Not much to say regarding their first paragraph.

As for their second paragraph, perhaps they are rightfully sceptical regarding Privacy Guides. The body of topics they try to cover is substantial, though. And if TheAnonymouseJoker or whosoever disagrees with them, then they're free to challenge their views.

Privacy Guides isn't any kind of Gospel or whatsoever that you'd have to agree with in its entirety. I do believe, however, that they've done a tremendous job at offering a one-stop shop for those that are conscious regarding their security and privacy. Everyone is free to choose and pick whatever they like from there or not.

I would love to hear about other resources that do a similarly great job at providing at least decent information when it comes to security and privacy; FWIW thenewoil.org exists, however I don't recall any VPN overview/guide/recommendations from them.

[–] Mikelius@lemmy.ml 13 points 11 months ago (1 children)

I wish there were some descriptions per provider with the ratings. Mullvad gets constant tests by third party against their network and has proven many times they have a no log policy that's working, yet they got a 4 out of 5...

With only numbers and generic descriptions that don't quite match the truth, feels like this sheet is a little misleading. Also, I find it ironic that it's on Google sheets.

[–] grubbylarry@lemmy.ml 2 points 11 months ago

General consensus seems to be that it should be ignored. Your point is well received too. Thank you!

[–] random65837@lemmy.world 11 points 11 months ago (1 children)

You're taking something simple and making it complicated. Go with known trusted VPNs that have a history of proving themselves. Mullvad, iVPN, Proton (most of their history is with the email, but that means something) they're all priced pretty close, no need for insane scrutiny.

Unless you're buying kilos of fentanyl and automatic weapons off the dark web, don't overthink it. Absent that, if your goal is simply hiding your IP and appearing in a different city somewhere, just grab a trusted one.

[–] grubbylarry@lemmy.ml 2 points 11 months ago

Thanks for the recommendations. Regarding it being easy and me making it difficult, I respectfully disagree, and would like to provide a bit perspective. If you're here replying I suspect you're at least a minor hobbyist, and I'm sure that privacy and security solution selections seems quite simple to you. I assure you, it isn't easy for everyone.

This particular market is literally overrun with intentionally deceptive and often very outdated information, which make it an absolute minefield for the uninitiated. I'm thankful I dove deep enough that I realized I needed to ask a question, because I may have ended up with one of the many much worse choices had I not asked.

[–] AnEilifintChorcra@sopuli.xyz 5 points 11 months ago (1 children)

There seems to be a lot of discount codes and affiliate links which usually means payment from the providers to the person running the list. When money is involved, truth is often the first casualty, so I would take it with a grain of salt.

https://www.techlore.tech/vpn.html has a pretty good list, its open source so anyone can create an issue/contribute on github https://github.com/techlore/website/tree/master/assets/vpn. They're open about any affiliate links https://discuss.techlore.tech/pub/sponsors-affiliates and are pretty well regarded for an intro in to online privacy

https://www.privacyguides.org/en/vpn/ is also a great resource with a much smaller and stricter list with regards to privacy and tends to be my go to when I'm looking for a new privacy respecting service. I think they have a community here but I don't think its very active and they also have a subreddit which was pretty active the last time I was on it a few months ago

[–] grubbylarry@lemmy.ml 2 points 11 months ago

Thank you! This is extremely helpful!

[–] authed@lemmy.ml 4 points 11 months ago (4 children)

I host my own on a vps where I pay $15 per year

[–] M500@lemmy.ml 9 points 11 months ago (3 children)

So what if the vps hands your data to the feds and the feds are like hey, why was your vps torrenting Paul blart mall cop 2?

What do you say to that?

That’s my only concern with hosting my own vps.

[–] random65837@lemmy.world 4 points 11 months ago

That 100% correct, literally no different than just using your ISP at that point, zero control over the hardware and no ability to control the IP.

[–] authed@lemmy.ml 2 points 11 months ago (1 children)

you think they cant issue a warrant against any VPN hosts?

[–] M500@lemmy.ml 2 points 11 months ago

Sure they could, but you are a a bit more anonymous and don’t keeps logs, then there may be nothing to hand over.

Hosting your own vps directly ties internet traffic to you. They can see your ip is part of a swarm and see who owns it. If it’s owned by some guy, they can press you. If it’s owned by a company with a legal team, it’s much more difficult.

[–] grubbylarry@lemmy.ml 2 points 11 months ago (1 children)

NGL doing something like that is WAY above my pay grade anyway, but I still am interested in the answer to this question, because I've seen the advice to take the 'self-operated' approach before.

[–] M500@lemmy.ml 2 points 11 months ago (1 children)

It’s not too difficult to setup, but I think people don’t realize that even if your not breaking the law, you may still have to deal with charges and going to court for years before your found innocent. All while dealing with the stress of a jury possibly finding you guilty.

Then you have prosecutors offering plea deals, so then you think do I stand my ground and risk X years in jail? Or do I plead guilty and just go to jail for 2 years?

load more comments (1 replies)
[–] random65837@lemmy.world 2 points 11 months ago (1 children)

And in doing so you have a never ending list of logs that you can't control. Fine if you only want to hide location, but useless other than that. 1 LE request and every log will be in there hands in 5mins.

[–] authed@lemmy.ml 0 points 11 months ago (13 children)

I host the server, I dont have to keep any logs and I can pay with moneros

load more comments (13 replies)
[–] Asudox@lemmy.world 1 points 11 months ago (1 children)

Where tf did you find a vps for 1.25$/month???

[–] authed@lemmy.ml 1 points 11 months ago

I cant find the website right now, but you can some similarly priced vps here: https://lowendbox.com/

[–] psychhim@mastodon.social 1 points 11 months ago (2 children)

@authed @grubbylarry I also used to host my own openvpn and wireshark servers on a vps. But later I shut them down. The thing is, vps will definitely trade your data if Gov pressure is high. Remember, data protecting is not their first priority being a VPS provider, their main priority is giving infrastructure to customers. But with vpn providers, their core business model is based on protecting users privacy (I am not saying all really do that, but many are bound to follow swiss laws or such)

[–] psychhim@mastodon.social 1 points 11 months ago

@authed @grubbylarry Proton VPN free plan is even better than hosting vpn on a vps, because they atleast can claim of being protected by the Swiss law, so atleast they can protect your data by that. Whereas you can't even sue your vps if they share your data with anybody, because nobody knows if they really did it. Additionally the problem of dedicated ip is there always.

[–] authed@lemmy.ml 0 points 11 months ago (1 children)

Do you really think that a VPN provider would resist requests from the US gov?

[–] psychhim@mastodon.social 1 points 11 months ago (1 children)

@authed I think they will resist more than a VPS would

[–] authed@lemmy.ml 0 points 11 months ago* (last edited 11 months ago) (2 children)

thats your opinion... I think they will honor a warrant any day... I.E.: Plz enable logs and let me look at them

[–] psychhim@mastodon.social 1 points 11 months ago

@authed All I wanna say is, you are free to use anything, it's your life, have fun.

[–] random65837@lemmy.world 0 points 11 months ago

Honoring a warrant doesn't mean much, when there's nothing to turn over than a connection IP and some timestamps, vs all the traffic that could be there otherwise. That's been proven multiple times with zero knowledge VPN providers.

They can't make them starting doing things there system isn't made to do just because they want them to, not how warrants work. Again, been proven many times over at this point. Knowing that you connected at a time, exited from a shared IP, with a bunch of nonsense in the middle keeps you pretty safe. That ignoring that's even harder when that zero knowledge provider is ina country like Switzerland where it takes VERY direct reasons to have a judge approve a warrant in the first place, dragnets aren't allowed there, and even then, nothing useful comes back.

A country like Russia wouldn't kick back info, but their spying is at China level, so you've already lost there.

[–] mraniki@lemmy.world 2 points 11 months ago
[–] kowanatsi@lemmy.world 1 points 11 months ago* (last edited 11 months ago) (1 children)

https://thatoneprivacysite.xyz/

Happy hunting

Edit: (Data last updated on 20/07/19)

[–] grubbylarry@lemmy.ml 3 points 11 months ago* (last edited 11 months ago)

Is that July 20th, 2019, or July 19th, 2020? Regardless, I'm under the impression that the VPN world (or really the tech world in general) evolves waaay too quickly to rely on information that's either 3 or 4 years old. Also, as I'm typing this, I also think I saw info that That One Privacy was acquired by a company that sells multiple VPN services, a few of which are included in that sheet if I'm remembering correctly.

EDIT: Confirmed.

[–] Sterben@lemmy.ml 1 points 11 months ago (2 children)

I have been using NprdVPN for 5 years. Speed is pretty good, and their zero-log policy have been proved by 3th party. They also use RAM only servers which is better.

It may be a bit expensive though.

[–] otp@sh.itjust.works 3 points 11 months ago (1 children)

I do like that thirth party reassurance

[–] Sterben@lemmy.ml 2 points 11 months ago

NordVPN undertook three independent audits to prove their no-logs policy. You can check that with a quick search online.

[–] BurningRiver@beehaw.org 0 points 11 months ago

I use PIA, it was recommended to me by a cybersec friend of mine. It’s dirt cheap as well. $79usd for like 3 years I think?

load more comments
view more: next ›