dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
553

aefstoggaflm
Open Source Fan
Premium Member
join:2002-03-04
Bethlehem, PA
Linksys E4200
ARRIS SB6141

2 recommendations

aefstoggaflm

Premium Member

Surveillance& Tor/VPN piracy doesn't end just because they say so

Reading here : »restoreprivacy.com/5-eye ··· 14-eyes/

This just confirms the fact since just because VPN is "offshore" doesn't always mean its safer, less safer perhaps, but services can only tell customers what they do not do,, They have no gateway to higher ups.

Therefore, we can think privacy all we like, but all we'll REALLY doing is no looking at the big picture...

We think PIA is secure based on what they say, or ExpressVPN, ProXPN (both located in Netherlands and Virgin Islands respectively)

For one, mentioned in the article, how can U.S possible be any "safer" than off shore, with protection tools..

As you don't control what happens when it emerges onto public internet, and it always will.

(long like of providers, and ever Tor in there as well), basically wipes out half the planet in who fell swoop. Encryption is better than noting, but its only a tactic to make us "feel" safer.

It goes to some effort but only between you and end point, or website (SSL connection) but after that no the know what goes on, because only the service themselves know what THEY do. They have no idea what others do.

This is why basic instinct is always continues to be best. I don't even trust 100% in anything, not even VPN's. I trust myself a whole lot more.

SysOp
join:2001-04-18
Atlanta, GA

4 edits

2 recommendations

SysOp

Member

Re: Surveillance& Tor/VPN privacy doesn't end just because they say so

Let's not confuse VPN tunnels with VPN2Proxy service providers; they are not one in the same. VPN is the tunnel, not the proxy.

Sure, you can use a VPN, to tunnel to a proxy connecting you to the world wide web, but that's not the same as using a VPN to tunnel from one secure private network to another secure private network.

Those concerned with privacy while traversing the WWW may be surprised by what they read in each website TOS governing consenting parties. Or how tracking isn't specifically IP based. (Protecting one's privacy takes more than just simply using Tor or a VPN2Proxy.)

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

6 recommendations

trparky to aefstoggaflm

Premium Member

to aefstoggaflm

Re: Surveillance& Tor/VPN piracy doesn't end just because they say so

VPNs have become a sort of magic pill that will cure all your privacy issues, unfortunately that's not the case and will never be the case.

Just being on the Internet itself has become a threat to your privacy. Can you minimize that threat? Yes, but that threat will always be there no matter what you do. You can be as careful as you want to be but that threat will always be there, you can only minimize that threat; you cannot wipe it out completely.

You are after all connected to a global network, by virtue of being connected to that global network you have opened yourself up.

Protecting your privacy is like getting a vaccine, for instance, the flu vaccine. OK, you got it but does that mean you're never going to get the flu that season? Nope, it just means that you've minimized the chances of getting the flu and if you do get the flu the symptoms are going to be less dramatic and you'll more than likely bounce back from it quicker than if you had not received the flu vaccine.
trparky

5 recommendations

trparky

Premium Member

If there is one thing that I have learned in this life that is that there is no quick answer, no quick solution, no 100% anything. You cannot escape everything, you can only minimize the chances of having said whatever happen to you. There's no certainties in life, the only thing that's guaranteed to any of us in life is death and taxes.

Astyanax
Premium Member
join:2002-11-14
Melbourne, FL
·AT&T FTTP

7 recommendations

Astyanax to trparky

Premium Member

to trparky
said by trparky:

VPNs have become a sort of magic pill that will cure all your privacy issues, unfortunately that's not the case and will never be the case.

People will spend all this money on a VPN service for "privacy" and then turn around and post everything on Facebook.
HELLFIRE
MVM
join:2009-11-25

4 recommendations

HELLFIRE to aefstoggaflm

MVM

to aefstoggaflm
Anyone who sells you [insert here] as an Au / Ag bullet for anything, SERIOUSLY question their rationale for that.
AKA "If it sounds too good to be true, it usually is."

Regards

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

6 recommendations

Blackbird to aefstoggaflm

Premium Member

to aefstoggaflm
At the end of the day, Ben Franklin was right: "Three may keep a secret, if two of them are dead." That includes sharing secrets with electrons exported from computers...
tech_addict
join:2018-10-21
Boise, ID

1 recommendation

tech_addict

Member

True story
sestrada
Premium Member
join:2012-11-05
U.S.A.
·Charter

2 recommendations

sestrada to aefstoggaflm

Premium Member

to aefstoggaflm
vpns are ok to get passed geo restrictions or get into you home or work network

other than that you got another place that can log all your comings and goings in the internet, and do whatever they want with that information, while charging you for the privilege

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

3 recommendations

trparky

Premium Member

said by sestrada:

other than that you got another place that can log all your comings and goings in the internet, and do whatever they want with that information, while charging you for the privilege

Exactly. They try and market themselves as providing "privacy" as if it's something that can be bought. It doesn't work like that.

Uncle Paul
join:2003-02-04
USA

1 recommendation

Uncle Paul

Member

It's all about the logs. The question becomes trust and in our industry there's typically not a lot to go around. Personally I've come to like »cryptostorm.is/ but it's not an easy answer for those that don't like to tinker some.

EGeezer
Premium Member
join:2002-08-04
Midwest

3 recommendations

EGeezer to Blackbird

Premium Member

to Blackbird
And as Bruce Schneier once wrote waaaaaay back in 2000, "security is a process, not a product".
said by »www.schneier.com/essays/ ··· cur.html :

... Security processes are not a replacement for products. Rather, they're a way of using security products effectively. They're a way to mitigate the risks. Network security products will have flaws; processes are necessary to catch attackers exploiting those flaws, and to fix the flaws once they become public. Insider attacks will occur; processes are necessary to detect the attacks, repair the damages and prosecute the attackers. Large systemwide flaws will compromise entire products and services ...


Even after 18 years, it's still a good read.

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

3 recommendations

trparky

Premium Member

Note... "mitigate the risks", you cannot eliminate the risks. There's always going to be risks, there's a risk that if you walk out your front door a car will run you over. Is that going to stop you from going out your front door? Nope.

Security, like privacy, is not going to be a 100% kind of thing. No matter what you do, there's always going to be a threat. All you can do is help mitigate it and hope for the best.
sestrada
Premium Member
join:2012-11-05
U.S.A.
·Charter

1 recommendation

sestrada

Premium Member

Just about everybody I know not a techie thinks VPNs are worth the money, and they feel strongly that their data is safe and secure

but
VPNs can shield you from your big bad cable company, but they are also in a position to potentially do all the same things you were worried about in the first place—they can access and track all of your activities and movements online.

What the VPN world really needs are standardized independent audits.

»www.wired.com/2017/03/wa ··· y-start/
I like TOR for browsing

but
Why did the US government develop Tor?

»www.whoishostingthis.com ··· ded-tor/

Cybersecurity experts have noted for years that while Tor may be technically anonymous in theory - the 'exit nodes' where traffic leaves the secure "onion" protocol and is decrypted can be established by anyone - including government agencies.

Anyone running an exit node can read the traffic passing through it.

»www.zerohedge.com/news/2 ··· t-report
What did Fox Mulder say? Trust no one.

Its a terrible way to live, but that's the way it is.

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

1 recommendation

trparky

Premium Member

Correct about Tor, but if you don't know where the traffic entered the Tor network there's not much you can do. OK, so you can decrypt it since you're the exit node. Big deal! You still don't know where it entered the Tor network except for the previous node and that node doesn't (at least in theory) tell the next node in the chain where it got the data from.
sestrada
Premium Member
join:2012-11-05
U.S.A.
·Charter

2 recommendations

sestrada

Premium Member

Imagine if one can figure out whose doing what on tor just by looking at traffic patterns or timestamps
A circuit starts with an entry point called a "guard," before going back into the regular internet via what are called "exit nodes." The guard sees your IP address, and the exit node sees where the traffic's going.

"circuit fingerprinting attack," since the traffic going through a circuit displays unique patterns that can be used to deanonymize a client or server.
»motherboard.vice.com/en_ ··· y-in-tor

»people.csail.mit.edu/dev ··· nger.pdf
Correlation attacks observe the traffic entering and leaving Tor, and then attempt to pair up incoming and outgoing streams
»nakedsecurity.sophos.com ··· ith-dns/

»daserste.ndr.de/panorama ··· e-1.html