Slashdot Mirror

Can we use this VPN service on our desktops too? Currently I use PIA as my VPN so if this is better, I'll switch.

to trying to freak the user out about 'this totally static site that doesn't use HTTPS must be insecure even though you can't submit info to it because it's totally static'

The sentiment that Chrome is trying to get across in that case is "Chrome cannot guarantee that your Internet service provider has refrained from injecting malicious JavaScript code into the static site that you are viewing." Xfinity by Comcast, for example, has been caught doing this. What would be a better way to express this in a manner short enough to fit in the location bar?

I would be more inclined to share your outlook, were it not for the way Windows 10 was shoved onto people's computers, and the way Windows 10 spies on its users.

Google Chrome is said to have made it easy for an extension to do total snooping on the user's browsing, and many of them do so. Chrome includes a module that activates microphones and transmits audio to its servers, and Chrome contains a key logger that sends Google every URL typed in, one key at a time. Google Chrome does a good job securing access to a user's data without telling the user what's really going on or giving the user a chance to stop the behavior they likely don't agree with.

Google Chrome is proprietary software. Nobody but Google has permission to study what Chrome does, alter Chrome, or distribute a modified Chrome. This is also how Google can get away with malware, hardly surprising behavior for a known international spy. As the GNU Project rightly points out:

Power corrupts; the proprietary program's developer is tempted to design the program to mistreat its users. (Software whose functioning mistreats the user is called malware.) Of course, the developer usually does not do this out of malice, but rather to profit more at the users' expense. That does not make it any less nasty or more legitimate.

Yielding to that temptation has become ever more frequent; nowadays it is standard practice. Modern proprietary software is typically a way to be had.

The New York Times called Google Chrome "secure" but didn't explain how they arrived at that conclusion. Regardless of what they meant by that claim, it's hard to see how any of the above behavior or whatever else Google can get away with via proprietary malware could reasonably be called 'secure'. Any feature Chrome offers has to be considered in the context of being implemented in proprietary software which by its nature imposes a power over its users.

Firefox was never proprietary; users could always inspect Firefox, edit out the portions of Firefox they didn't want to run or redistribute, edit any other part they wished, and distribute the rest (even if under another name with another logo), and Firefox derivatives have done just that many times. There's good reason Tor Browser, for instance, derives from Firefox. Free software (software that respect's a user's rights and community by allowing users to run, inspect, share, and modify the program) provides verifiable security; one need not guess or blindly trust a proprietor to do right by them. Firefox's technical achievements or detriments are thus a matter of spending time developing Firefox. This is a practical example of how you're better off with less technically capable free software than more technically capable proprietary software; we can make Firefox better in a technical sense but we can't make proprietary software free.

I use Private Internet Access and have zero complaints. Easy to use, plenty fast, and about $40/yr. Well worth it.

PIA has also does not keep logs of its user activities, as confirmed in their response to a subpoena:

https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/

I use Private Internet Access and have zero complaints. Easy to use, plenty fast, and about $40/yr. Well worth it.

I concur with everything you wrote. Being using it for 2 years now and would enthusiastically recommend it.

I use Private Internet Access and have zero complaints. Easy to use, plenty fast, and about $40/yr. Well worth it.

As of last August, Facebook could recognise you with 83% accuracy when your face was not visible in photos. Covering your face won't matter. https://www.privateinternetacc...

What VPN would you suggest, and how do you know they actually do what they say they do ... in writing?

PIA. They've also been tested in court as keeping no logs at all.

Seriously, how is this even an issue? You can get free certs and there's so countless walkthroughs on how to setup TLS for almost any server (with Mozilla's being the best imo). With ISP's consistently showing they have no respect for your content or anyone else's it's hard to justify NOT running TLS on a web server.

Even if you never signed up. Even if you block their IP ranges. You cannot escape. People wave phones around, take photos, immediately upload them to Facebook. Facebook performs biometric analysis on everyone in the photo, even non-Facebook users, for "shadow profiles".

What's that? You think you turned away in time? Oh, sorry:

Since then, Facebook has continued to deepen and enrich its facial recognition technologies. An algorithm from the company’s artificial intelligence research group managed the seemingly impossible task of recognizing people 83% of the time even when their faces were not visible.

Unless you are a hermit who never leaves his cave and has no friends, you ARE in Facebook's database, whether you signed up or not. Your image has been recorded, your face has been associated with your identity and your home address and thus forth. Unless you are among the few who block FB IP ranges, also associated with your internet usage when not on FB itself.

You cannot escape this monster. You can try, but your friends and family are agents of it now too.

It's lucky you don't know what I'm currently doing with your information because if you did find out you would immediately shit yourself and then die of shock.

So maybe you should stop winding yourself up so much, unless you really want tagged photos of your poopy panted corpse all over Facebook.

Even if you never signed up. Even if you block their IP ranges. You cannot escape. People wave phones around, take photos, immediately upload them to Facebook. Facebook performs biometric analysis on everyone in the photo, even non-Facebook users, for "shadow profiles".

What's that? You think you turned away in time? Oh, sorry:

Since then, Facebook has continued to deepen and enrich its facial recognition technologies. An algorithm from the company’s artificial intelligence research group managed the seemingly impossible task of recognizing people 83% of the time even when their faces were not visible.

Unless you are a hermit who never leaves his cave and has no friends, you ARE in Facebook's database, whether you signed up or not. Your image has been recorded, your face has been associated with your identity and your home address and thus forth. Unless you are among the few who block FB IP ranges, also associated with your internet usage when not on FB itself.

You cannot escape this monster. You can try, but your friends and family are agents of it now too.

https://www.privateinternetacc...

Only one party voted against outsourcing it outside Sweden, the Sweden democrats. Another party decided to not vote at all, the Left party, possibly they were against it but refused to vote like the Sweden democrats with that result. The rest voted for it. .. and well.. that was good?

I'm from Australia and faced a similar decision a couple of years back when similar laws were passed.

My criteria included a lack of logging of user activity. It's not enough (I believe), to find a provider in what is nominally a neutral country. Nor to find a provider that claims that they will keep your data private. If the data exists, it _will_ be available.

Private Internet Access doesn't keep user activity logs. They do keep some records, such as payment information. This has, reportedly, been tested with respect to enquiries by the FBI for example. They have a decent number of end points. They've pulled out of countries where they would have been compelled to keep records.

Caveat - no association with PIA, just a satisfied customer for the last ~2 years

I went with https://www.privateinternetacc... for $40/mo unlimited. It also has UK endpoints.

Whoa, I didn't even know they had that high-end a service!

My $40/year account works just fine for me...

I went with https://www.privateinternetacc... for $40/mo unlimited. It also has UK endpoints.

PIA doesn't log IIRC, and they have good deals.

Here is an email guide to start with (there are no ideally private email providers, but many are better than gmail). Riseup and ProtonMail look interesting.

A note about using PGP email: This still leaves a trail that is rich in metadata (the who/when/where parts of the messages). Only the what is concealed, leaving much to be desired.

More interesting are new messaging apps which the EFF has rated. I think Signal, Ostel+Jitsi and RetroShare look the most promising. Ring is a newcomer that uses OpenDHT and promises to be what Skype might have been.

For just increasing privacy a couple notches while browsing, add the following extensions (Firefox): Privacy Badger, HTTPS Everywhere, Adblock Edge (not sure if AE is really needed with PB). Using a Firefox derivative like IceWeasel or PaleMoon won't likely include ad-based features that might compromise privacy (though Mozilla is said to have removed ads anyway).

As for browsing with Tor, you cannot beat Qubes OS with the Whonix package. This will help you blend in more and prevent exploits over Tor from accessing any personal data. A system with IOMMU hardware and BIOS is recommended.

After all these years, I2P is still progressing and growing. It marries technologies like onion routing and DHT and its 'I2P Bote' messenger may be the best in class, IMO. Of course, I2P is meant to route all kinds of traffic and even has bittorrent built-in. I'd also recommend running I2P in a Qubes domain, although it comes with TAILS if you're more comfortable booting with that.

Private Internet Access, I get great speeds and use this vpn for torrenting, location shifting, streaming video, etc. https://www.privateinternetacc... (referal link, help a brother out...)

I'll just leave this here, buy a VPN that supports torrents, doesn't log anything, and accepts several forms of anonymous payment.

The Importance Of Privacy Defense In Depth. “Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to ‘we can do that.’”

Not really sure that any extensions that I install are particularly "useful". However, here's a list of tools that I find especially useful that have to do with web browsing.

• Fiddler (now Fiddler4). Still a solid debugging proxy.
• PrivateInternetAccess or any other system-level VPN. Running it as a browser extension seems risky, even given the WebRTC issue with VPNs.
• On Chrome, the browser extension "Cookies", which enables reasonable cookie management when debugging.
• WGET and cURL

OK, I snuck an actual browser extension in there. But it really only enables what should be core functionality.

hmmm... $30 a month for a "private" connections, which in the fine prints, isn't that private. Or, $40 / year for a vpn. Which should I choose?

You can get a VPN with a gift card.
https://www.privateinternetacc...

On April 8, 2004, the European Court of Justice – the highest court in the world’s largest economy – declared Data Retention to be an excusable violation of fundamental human rights. The court invalidated the entire directive (“EU federal law”) retroactively, making it have never existed. (courtesy Ricvk Falkvinge, https://www.privateinternetacc...

The EU and Canadian constitutions are sort of vaguely similar, so one can likely make the point that, even if the telcos are free to disclose, they're not allowed to keep much of the data the security services would want them to.

And where are they?

We are located in the US. Being in the US is optimal for VPN Privacy services since the US is one of the few countries that does not have a mandatory data retention policy. Countries in the EU are forced to log, even though some claim they do not.

I think it's important to protect my privacy despite not having much they are interested in. I encrypt my harddrives, have my own domain with e-mail that I've set up with GnuPG on my workstation and laptop, I sometimes use the TOR bundle as well as a USB with Tails on it. The simplest thing is that I subscribe to https://www.privateinternetaccess.com/ to get proxy/VPN access to the net. Also, setting Firefox up with HTTPS everywhere, DNTPlus, NoScript etc. is important.

It doesn't take much to make their jobs harder. I use these things also for everyday items, it's not like I fire up PIA to "go dark and do evil stuff". I've plenty of friends that don't see the point of doing what I do when what I use it for isn't illegal, but privacy means privacy from prying eyes, I decide what I share with others.

https://www.privateinternetaccess.com/ - pay with PayPal, Bitcoin, whatever, $40/yr, fast.

I've been using Private Internet Access for a few months and have been very impressed - they are cheap at $7, have plenty of locations around Europe and North America, and they don't keep logs. The TorrentFreak article I linked also lists several other decent sounding VPN providers which might be worth a look.

Apparently Private Internet Access (VPN) is quite a popular way of getting around the great firewall of China...

It costs money, but it's pretty cheap, and apparently quite a reliable way to work around the firewall.

My only recommendation is to set it up before you get there since it requires OpenVPN, and http://openvpn.net/ is blocked within China. (The website, not the service)

I use Private Internet Access. They are the sponsors of Freenode.net. https://www.privateinternetaccess.com/

Or you could pay for a VPN service (like Private Internet Access VPN Service for instance). They are also handy if you want content restricted to certain countries--like if you want to watch stuff on hulu.com and you live in Europe, just use a VPN service in the US and you can watch it just fine...

Ok, I'm going to give you my complete and honest suggestion. I haven't really posted even a comment on slashdot in years, but I felt that I should provide my in-depth knowledge on this topic. I am an Android enthusiast and have been well versed in other smart phone backends including the Maemo (which is an amazing device. Great choice!)

To begin, on iOS, Android and Maemo you can access a PPTP VPN with no additional effort.

Additionally, on Android and Maemo you can also connect to an OpenVPN based VPN gateway in the event you need stronger encryption. It is often recommended by security experts to avoid encryption such as those implemented within the PPTP protocol like MPPE (mschapv32). On the other hand, however, OpenVPN uses SSL based security which is very much praised throughout the technical company as being secure.

However, on both Android and Maemo there will be some setup time which will have to take place to get OpenVPN working. On the Maemo, it is as simple as installing the OpenVPN application. On Android, however, you will need to ensure that your phone is rooted and that your kernel either has built in TUN support or you may compile your own custom kernel from sources.

If your security is of utmost importance, then go ahead and take the steps to setup OpenVPN on your device. However, if you are just worried about your privacy and nobody is trying to break your encryptions, then PPTP may be enough for your purpose. Personally, I use PPTP when OpenVPN is unavailable.

Now, I would strongly recommend using a provider such as Private Internet Access ( URL: https://www.privateinternetaccess.com/ ) for a VPN service provider since they do in fact offer both PPTP and OpenVPN and also have gateways in both the US and Sweden. Another option would be to setup your own VPN gateway on one of your servers. Personally, I opted for a managed VPN account to avoid the headache. ;)

Hope this helps you timothy!