this post was submitted on 14 Apr 2024
-132 points (6.0% liked)

Privacy

32003 readers
661 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] LWD@lemm.ee 59 points 7 months ago (19 children)

Why I just hand my browsing data over to my ISP (and so should you)

Why I let random websites have my unique location-specific identifier (and so should you)

Don't think so

load more comments (19 replies)
[–] leraje@lemmy.blahaj.zone 32 points 7 months ago (1 children)

Do ISP's monitor or sell or pass on your data? Yes.

Do VPN's? Depends on the VPN. Find one that doesn't and can back that up with 3rd party audits and legal encounters.

So can a good VPN protect your privacy? No, not by themselves. A VPN is part of an overall toolkit to be as private as you personally would like to be. It can help protect your privacy, that's all.

It's really that simple.

[–] refalo@programming.dev 2 points 7 months ago (1 children)

3rd party audits and legal encounters

The problem I have with this is that audits or court cases do not prove that the server is only using that same exact code at the instant you are using it... changes to software are constantly made all the time, and they could all invalidate previous audits or presumptions of privacy or security.

[–] leraje@lemmy.blahaj.zone 1 points 7 months ago

That's true, there's always going to have to be some trust, but a provider that takes the time and expense to invest in a privacy audit or defend their clients by not logging and establishing that in court certainly indicates they're worth having that trust in.

[–] jet@hackertalks.com 29 points 7 months ago* (last edited 7 months ago)

Clickbait YouTuber is clickbait...

https://www.privacyguides.org/en/basics/vpn-overview/

Should I use a VPN?

Yes, almost certainly. A VPN has many advantages, including:

  1. Hiding your traffic from only your Internet Service Provider.
  1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
  1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
  1. Allowing you to bypass geo-restrictions on certain content.

VPNs can provide some of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.

VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.

On a personal note, the common argument is VPN providers could be recording your traffic. But if you know for certain your ISP is recording your traffic and selling your data, which is most commercial ISPs in the West, then a VPN provider is a strict improvement. They may not be, but they're not guaranteed to be. And your ISP is guaranteed to be.

[–] Vendetta9076@sh.itjust.works 28 points 7 months ago (1 children)

A) as others have pointed out this is a rather shit video

B) I fucking hate the "and nor should you" trend. Fuck off with what I should or shouldn't do, just give me the facts and I'll decide for myself.

[–] LWD@lemm.ee 2 points 7 months ago

I don't like the way it sounds, but I appreciate the honesty. Videos like this are always prescriptive, even if they present themselves as if they are a personal, "just for my needs" thing.

By the way, do you remember a video and Medium article posted by someone who was trying to convince us that big companies like Google aren't really privacy invasive?

[–] Ilandar@aussie.zone 18 points 7 months ago (1 children)

I would encourage people to watch the video and form a conclusion based on that. The title is quite clickbaity (which you would expect from YouTube) and at least half of the video is solely a critique of NordVPN, often followed up with "but Mullvad is better". He does make some worthwhile points but they are not universally applicable. Every country has different governments and laws; do not blindly trust the word of Americans because they likely do not know shit about your specific situation. For example, nothing in his video addressed Australia's mandatory data collection and retention laws, or the multiple high profile data breaches that have occurred here in recent years.

[–] ExtremeDullard@lemmy.sdf.org 20 points 7 months ago* (last edited 7 months ago) (1 children)

half of the video is solely a critique of NordVPN

I don't know how good or bad NordVPN is. I have never used it. But I never will. EVER.

You know why?

Because they paid so many interesting Youtubers to shill their stupid VPN service, ruined so many otherwise interesting Youtube videos and wasted so much of my time that I swore I would never give them a single dollar of my money.

I can't stand advertisement and advertisers, and NordVPN has been truly heavy-handed. They're not the only ones: Brilliant comes to mind too. They can all fuck off. They've achieved the exact opposite of what their ads was supposed to achieve with me: I'll never patronize them.

[–] Ilandar@aussie.zone 14 points 7 months ago (1 children)

uBlock Origin + SponsorBlock + third party mobile client is the solution.

[–] ExtremeDullard@lemmy.sdf.org 5 points 7 months ago (1 children)

Actually I use Freetube with sponsorblock on the desktop and Newpipe with sponsorblock on Android. So I mostly don't see shitty sponsors anymore.

But my Formuler TV box - which runs Android - has some weird crashing problem with the default Newpipe player, so I have to use an external player (MX Player) which doesn't have sponsorblock, sadly.

So whenever I want to watch Youtube videos on my TV, I have to eat some NordVPN shilling - at least a little bit, just time for me to grab the remote and skip it - and I'm too cheap to replace the TV box.

[–] Galaxy@lemm.ee 6 points 7 months ago (2 children)

You could try Smart Tube which has built in adblock and sponsorblock and see if that works better on your android tv box

[–] ExtremeDullard@lemmy.sdf.org 2 points 7 months ago (1 children)

SmartTube works very well. The problem is, it requires a Youtube account to have subscriptions, playlists and the like. That's a hard no for me.

[–] Galaxy@lemm.ee 3 points 7 months ago

Fair enough, completely understandable

[–] potemkinhr@lemmy.ml 1 points 7 months ago

Shout out for Smart Tube, the best YT app on smart boxes/android TVs, never had any issues

[–] minnix@lemux.minnix.dev 16 points 7 months ago (10 children)
load more comments (10 replies)
[–] noodlejetski@lemm.ee 15 points 7 months ago* (last edited 7 months ago) (5 children)

many ISPs over here offer a ~5-10% discount on monthly bills if you agree to have your traffic analysed for marketing purposes. the last time I signed a contract I had to explicitly opt out of that. the ISP providing internet to all of my landlord's flats offers a similar deal when signing a contract, and 1. I'm willing to bet that my landlord has opted in, and 2. I have no way of opting out of that for my flat. I think I'll stick with a VPN for the foreseeable future.

load more comments (5 replies)
[–] hellfire103@lemmy.ca 9 points 7 months ago

(The NSA think they're slick)

[–] Scolding0513@sh.itjust.works 7 points 7 months ago

, said the glowing figure confidently, while blinking hard and rubbing his nose

[–] TechNerdWizard42@lemmy.world 6 points 7 months ago

Nice try NSA

[–] ExtremeDullard@lemmy.sdf.org 4 points 7 months ago* (last edited 7 months ago) (1 children)

Firstly, using a VPN ultimately consists in trusting the company providing the VPN service that it won't be fucking around with your privacy. Considering that all your traffic goes through it, that's a lot of trust to place in one company. And I generally don't trust any tech company to resist the lure of selling your data for profit for very long in 2024 - even those that profess to be privacy-friendly.

Secondly, modern corporate surveillance doesn't rely on IP addresses anymore. So if you think a VPN protects your privacy, it really doesn't. All it does is tell Google et al. which VPN provider you're a customer of - i.e. you're giving them even more data that they don't need to have.

That's why I don't even bother with a VPN. I only use one to evade geo-blocking every once in a while.

[–] sbv@sh.itjust.works 9 points 7 months ago (1 children)

using a VPN ultimately consists in trusting the company providing the VPN service that it won't be fucking around with your privacy. Considering that all your traffic goes through it, that's a lot of trust to place in one company.

Is that any different than the trust we place in our ISPs?

I agree with you. I fully expect my ISP/VPN provider to sell my traffic data, but I don't see the value in paying a VPN do to it.

[–] ExtremeDullard@lemmy.sdf.org 1 points 7 months ago* (last edited 7 months ago) (1 children)

Is that any different than the trust we place in our ISPs?

It's not. Your ISP is probably selling your data, and your VPN may or may not do that too. Just assume everybody sells your data.

The difference is, when you leave home and you connect to a wifi, you start using another ISP. If you then lose the wifi and connect using 4G, you're using yet another ISP. If you use a VPN, you funnel all your traffic to a single provider all the time. In other words, instead of distributing the risk over several potentially bad actors, you concentrate it on a single one.

Like I said, that's a lot more trust that I'm willing to place in a single company that only essentially pinky-swears won't put me under surveillance.

[–] 1984@lemmy.today 10 points 7 months ago* (last edited 7 months ago) (1 children)

I trust my vpn provider, but I don't trust my isp to not give out my ip. So using a VPN is obvious and I havent had any issues doing that for decades.

If your mindset is that you can't trust anyone, then yes, doesn't matter. But you can trust some of them. You need to know which ones have a history of caring about privacy and which ones are just advertised heavily.

[–] ExtremeDullard@lemmy.sdf.org 1 points 7 months ago* (last edited 7 months ago) (1 children)

But you can trust some of them. You need to know which ones have a history of caring about privacy

All I see in the tech world is the companies that have been caught red-handed doing shady stuff and those that haven't yet.

You say you can trust some of them based on their history of caring: can you? What's their history of caring other than how long they've sworn to do the right thing and haven't been caught doing otherwise yet?

Like I said, tech companies don't resist the lure of big data money for very long these days. If you think any VPN provider isn't at least seriously considering monetizing the traffic you send them to make more money on you than the few dollars you throw their way every month for the VPN service, you're deluded. I would never trust a VPN with all my internet traffic. That's just too much of a risk.

[–] 1984@lemmy.today 7 points 7 months ago (1 children)

Ok and if you don't trust anyone, you don't have any protection at all.

Personally I don't trust any big tech companies, naturally. But there are smaller vpn providers like Mullvad that are trustworthy. They are never American.

[–] ExtremeDullard@lemmy.sdf.org 1 points 7 months ago

Ok and if you don’t trust anyone, you don’t have any protection at all.

Correct. I assume I don't, so I'm always super-careful not to give away any information I don't need to give to begin with. Or I give fake information whenever possible, to pollute the well. For the rest, as the old saying goes, if it's on the internet, it's as good as public.

They are never American.

Agreed. If you have to trust a company with your privacy in any way, don't use an American company. It's not even their fault: they operate in a country that's fundamentally dangerous for your privacy.

My email provider is in Norway. for instance.

load more comments
view more: next ›