General PIA..trust..and paranoia question..

jttraversejttraverse
in General Privacy Discussion
I'm planning to renew my subscription with PIA, though I've read a lot of the recent posts complaining about sites blocking PIA connections, etc. I personally think it's all part of the nature of VPN's and doing business that way, and all VPN's are susceptible to similar issues, but I am concerned about privacy and the trust placed in the hands of a VPN provider. So...

It would be foolish not to realize that any government so motivated could simply set up several cheap and fast VPN services, and then let everyone sign up and believe they're communication is safe. It's much easier than having to demand a 3rd party provider hand over the keys, so to speak, and things like that have been done too often to have any doubts that they would do it if they can get away with it.

So, that said, what trust can we have that any service...PIA or any other...is who they say they are? If Apple and/or Facebook is willing to bend over when pressured, how can we (and should we?) have any real confidence that we're paying for a VPN--and the anonymity--we think we're getting?

PIA? Anyone??


Comments

  • moshbeastmoshbeast
    edited August 2016
    Dude ( or dudette )...did you miss the FBI subpoena that was posted all over the internet a few months ago where they were investigating a bomb threat suspect and the only information they could get out of PIA was the region of the IP he was using ( east coast )...PIA could provide them no other info cause they don't log...if that doesn't tell you everything you wanna know, I guess nothing will.. they're also helping fight rule 41 in congress and are involved in privacy forums throughout the world...their privacy chief is Pirate Party creator Rick Falkvinge...if they're a honeypot, they're putting on a heck of a front lol
  • jttraversejttraverse
    I appreciate the response, and would only point out that I've stayed with PIA, even though I try to stay up on the options, because of news like this. I have no complaints myself, and what complaints I've read about don't strike me as anything that couldn't apply to every VPN provider at one point or another. And yet...

    As the saying goes, "Trust everybody...but cut the cards.". Maybe everything is perfect and there are no 'honeypots' out there. But in a post-Snowden world...eh, cutting the cards isn't even a guarantee.
  • TimeBombTimeBomb
    If I was managing a VPN front for a government agency, I would be sure to get the VPN provider in the news here and there, posed as a defender of privacy, just as outlined above. In the end, it's pretty impossible to be certain that a VPN provider is not a front. I am not hurling accusations; I am stating a fact as I see it.
  • jttraversejttraverse
    Administrator said:
    If I was managing a VPN front for a government agency, I would be sure to get the VPN provider in the news here and there, posed as a defender of privacy, just as outlined above. In the end, it's pretty impossible to be certain that a VPN provider is not a front. I am not hurling accusations; I am stating a fact as I see it.
    There's the frightening truth that gnaws at us all..
  • bgxsecbgxsec
    edited April 2017
    then; never use a VPN you do not trust 100% or have even the slightest doubt about.

    they are coming to get you ... Muhahahahahah ;)
  • scorchscorch
    I can vouch that PIA does not log. If you wanna see my court documents, just ask.
  • bgxsecbgxsec
    edited April 2017
    scorch said:
    I can vouch that PIA does not log. If you wanna see my court documents, just ask.
    ok then, can we see those court documents please.

  • chuwichuwi
    a VPN called Private Internet Access recently made a few waves by standing up to an FBI subpoena to some degree. In a case surrounding a possible bomb threat hoax (PDF), Private Internet Access appears to have made good on its no logging claims. According to the criminal complaint, "a subpoena was sent to London Trust Media and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States."

    Does this mean everyone can trust VPNs in general? Of course not. And as for Private Internet Access specifically, one public success doesn't necessarily remove all doubt—prosecutors in the case didn't push any further given they had plenty of other evidence to support their argument. So if you can't trust your ISP and you can't trust a VPN provider either, what's the plan then? Well, you're left with an option possibly not suitable for your average Internet user: roll your own VPN at an inexpensive cloud hosting provider like Linode or Digital Ocean.

    There are no absolute guarantees with this avenue, either, But while you probably can't avoid your local ISP (few of us have more than two choices, if that), the Internet is full of hosting providers. It's a much bigger deal if one of them generates a lot of customer anger for messing around with customer data. These companies are also less likely to roll over quickly for improperly tendered law enforcement requests than a typical ISP. (Although, again, there are no guarantees, and it remains to be seen how effective the "interception capability" of the UK's Investigatory Powers Act will be.)

    Getting your data safely away from a predatory ISP is one thing; getting it away from a nation-state adversary or APT that truly wants it is something else entirely and probably beyond our scope.


    https://arstechnica.co.uk/gadgets/2017/05/how-to-build-your-own-vpn/


    good reading


Sign In or Register to comment.