It really depends what you are doing with the VPN. If you're trying to watch TV shows that are only available in certain countries, then any VPN will do that fine. If you are trying to increase your privacy/security online, VPNs are useless for that; use the Tor browser instead. An ordinary web browser leaks tons of information about itself, which makes it easy to track you across websites; VPNs do nothing to fill those holes. But the Tor browser is built to fill those holes.
If you are trying to increase your privacy/security online, VPNs are useless for that
VPNs are not useless. When you use a VPN, your IP address is much harder to associate with your identity, same as Tor. Now, Tor includes a bunch of other protections on top of that to avoid other fingerprinting attacks, and Tor has less risk of a single entity seeing all your traffic due to its onion design. But to say VPNs are useless is ridiculous hyperbole.
Anyway, pick a VPN that's likely to not be keeping logs like Mullvad or IVPN. Mullvad in particular is likely to be trustworthy by the fact that they're actively funding genuine privacy improvements. But don't stress over that: your ISP may be keeping logs too. In some countries they're even forced to by law.
Use a VPN on the host and a VM with different browser and OS as guest that uses the host VPN network, so guest uses NAT. Create a snapshot of the VM and start browsing privately, don't login to any service or if you need to, with a fake identity.
When you're done with browsing, revert to the previous, clean snapshot to remove any track on the virtual disk.
You could even start another VPN on the guest, I use https://lnvpn.net/ to get a temporary VPN for a few sats.
🤔 I know that's absolutely the case with browsers like Chrome et. al., but what would you say about so-called privacy-first browsers like Brave? Same judgement?
Brave is nowhere near the level of privacy/security of the Tor browser. Brave was created to enrich Brendan Eich and co. (cf. Brave includes a shitcoin, BAT, which is heavily pre-mined). Plus, you can get all of the benefits of Brave through Firefox + uBlock Origin.
this. and if your're looking to improve your browsing privacy on clearnet you can use arkenfox on desktop or Mull on Android (deblobbed firefox+arkenfox+torbrowser patches) + uBlock origin on both
Thanks for the info. Thinking about this and maybe I'm not understanding what you are saying but all VPN providers know a few things about you.
Your IP address
If they have accounts they know how many devices you use that account on
Which sites you visit
Any clearnet traffic
Your public key (at a minimum)
I don't think the device limit is a privacy difference. Here's why and if I'm missing something I'm open to be educated. VPN use Wireguard or OpenVPN which work using public private key pairs. VPN apps will generate a keypair. They have to do this for the VPN to work. Mullvad and iVPN have apps that do this in the background for you or you can generate your own key pair and add it to your account (just the public key). Also, if their client isn't open source you have no idea what they are tracking. I don't know if perfect-privacy.com does this, just saying.
You have to trust all VPNs. There is no magic. Its all tradeoffs. When you use a VPN provider you might be hiding / encrypting your traffic so your ISP can't see it or that others on the insecure open wifi network can't snoop but the VPN provider can. Depending on your threat model sometimes this makes sense.
I run a VPN on my home network so that I can access my network from anywhere else. I have also ran VPNs on a virtual private server which is a different approach that makes sense in some situations. The first thing you have to do when thinking about VPNs if figure out why you think you need one. There is no silver bullet.
If a vpn provider claims and advertises a no-log policy, then they can't know how often you are connected because they need to store or log that information somehow. "We do not log, just a little bit to know the number of devices you connect to us".
We also monitor the real-time state of total connections per account as we only allow for five connections simultaneously. As we do not save this information, we cannot, for example, tell you how many connections your account had five minutes ago.
I will say, we are trusting all of these providers unless they have a way to verify it. I've yet to find a trustless VPN provider. I don't think it is possible. I'm fine with the tradeoffs of Mullvad and iVPN but I understand why some may not be. But based on what I saw on perfect-privacy I would not trust them any more. I don't like the email address requirement.
Ah, ok. So they know that an account number has these public keys. Where as other providers don't know the list of public keys on your account? Depending on how you use the service, this difference is not important. IE, if you use your VPNs from home there is no difference. All of these providers will have your public keys and if they come from a single IP its pretty much the same thing. You do have me thinking about this differently though. For my threat model its not important but I'm curious.
When people think of logs they are thinking of keeping records of traffic that can be linked to accounts which can be linked to identities. This stuff is hard to do privately. Thanks for the info
However e.g. Tor only works because some non-natural persons such as associations, clubs, companies are the exit node and are willing to spend continuous lawyer costs out of pure goodness of their hearth to keep it running. VPNs solve this problem by having a financial incentive to do this.
VPN: good incentive but need trust; Tor: no incentives but trustless
If your goal is to separate your identity from your activity, then as a minimum:
Pay anonymously, preferably via LN rather than on-chain BTC.
Do not provide identifying information when signing up (register with a dedicated pseudonymous email account if needed).
Do not use this VPN in a way that leaks identifying information to the VPN provider, such as visiting your personal or employer's website.
What IP addresses you connect from may also let the VPN provider identify and track you. In particular, consider the implications of connecting from both your home/mobile network and e.g. your employer's network.
For better privacy you might access this VPN via another VPN provider. The VPN you connect to directly can track your IP address / physical location but not your online activity, while the remote VPN can track your online activity but is hopefully not able to identify you. Setting up such a system can be complicated, though.
It's likely that every VPN is a honeyPOT for some govt. Except maybe Mullvad. They've been freedom activists from the beginning.
Pretty much every VPN accepts BTC nowadays, and nobody really knows who you should trust so there's no point asking specifically about that. Some will tell you there is safety in numbers, some will only use TOR anyway, most simply aren't even aware that if a VPN is run from within any country, then that country likely is tapping their lines for whatever intel they can get. It's kind of a clusterf*ck these days but the most popular ones should work for normal needs like torrents.
I personally use IVPN over Mullvad, because IVPN accepts lightning and Mullvad doesn't. IVPN even self hosts their LN payment solution, with BTCPay and their own LN node.
Have been using mullvad for a long time. Can vouch for great performance, transparancy and open source clients. You can also pay iwth lightning -> https://vpn.sovereign.engineering
you're just giving your data to a private company who will give it to the government if they ask and sell it to other groups for a buck. They're only useful for fooling geo-restricted content
IMO, VPN's simply add a 3rd party that PURPORTS to be in opposition to government surveillance. In reality, your browser cookies and fingerprint are still blabbing on you and you have NO IDEA whether or not your VPN is doing the same.
Would also add that where you are using is pretty relevant. Some work well in country a but not in b, at least this is the case with subscription based, as opposed to using private (self-configured.)
I think you already have a tonne of good suggestions. Proton is useful here but not where I was last year. Not sure what people have to say about things like Mozilla or Apple relay. Always here good things about MV.
ivpn looks interesting but haven't had time to test
I can recommend perfect-privacy.com , german team I think origins around chaos computer club in Hamburg, use it for years. No device limit, lots of filters you can activate (similar to pihole), track stop and and and. Love it. Of course you can pay in BTC.