Reaffiliating -


I don't get why you would use a VPN unless your using public Wi-Fi. Those VPN companies are just as bad as ISPs lmao. If you really need a VPN I would run one from home or on a VPS. Don't expect a VPN to really hide who you are.
The entire point of a VPN is to hide where home is. When you share a connection from Switzerland that lasts a day and is shared with hundreds of people it also helps protect you from corporate trackers that sell your data.

Apteryx Owenii

formerly a jerkop, wants to avoid merge
True & Honest Fan
I've never quite understood how proton turns a profit off their free available service. I guess there are enough power users that exceed the limitations and pay but boy it's easy for simple browsing.

I don't get why you would use a VPN unless your using public Wi-Fi. Those VPN companies are just as bad as ISPs lmao. If you really need a VPN I would run one from home or on a VPS. Don't expect a VPN to really hide who you are.
It really depends who you're 'hiding' from. Your security needs for shitposting about a vindictive cow who likes to try and dox\sue people is a lot different than the security one would need hiding from a state actor.

VPNs in my opinion are too big a target for not being very attractive for subversion by certain agencies. That said they're probably safe enough to protect you from random greedy copyright lawyers and crazy forum admins. I'm not entirely sure they're good enough when a place you were active in gets seized complete with logs just because somebody read a bit too much 8chan and went on a spree, or caves in when it gets some low level police inquiry as null has gotten in the past, and my imagination is it depends how much public interest/pressure is on them in such cases. People say this never happened as the truth would come out that a VPN logs and supplies data but when uniformed people show up at your house at 4 AM, take all your electronics and scare and imply to you that you're "in hot water now" and better shut up, you're not gonna talk about it. Most people wouldn't. In many countries "gagging" people to talk about such things is also a perfectly legal tool.

What I'm generally mostly worried about with them is subversion for passive data collection, and I just don't really trust them there personally. That data they collect for god knows whom might not even be valuable now, but with shifts in laws in some countries and technology in general (to sort through it) it might become valuable later. These agencies have a very long breath and love doing shit like collecting stuff for twenty years "just in case". Look it up if you don't trust me on that, even "just" law enforcement loves such strategies. I wouldn't even be surprised if this very post ends up in some agency archive. Not because it's of special interest, just because it was passively crawled with everything else.

What also gives me pause with VPNs is how utterly aggressive some of them are marketed and advertised, even with huge, often unlimited rebates when you do as much as just sign up.

I'd go with Tor for general browsing, the decentralized "no single place knows all, nobody's in charge" nature of it speaks to me more from a security standpoint. I also like how most places lock out tor exit nodes by default, it's a bit of a seal of quality regarding how anonymous it probably is. (barely any of the big players do this for VPNs, strange if they're "just as anonymous&safe" IMHO) Tor has gotten noticeably faster in recent years and places that do blanket bans on exit nodes are often not worth visiting to begin with. Normal stuff (e.g. shopping on eBay, online banking) I personally do without anything as that's tied to my identity anyways. ( = it makes no sense to hide my IP from e.g. Amazon when I do christmas shopping with my account. They know my address. It might even make me less anonymous as they might correlate that data with other browsing I do)

All this also won't help you if you have poor opsec or limited understanding how this stuff works. I for example push my tor browser instance in a network namespace in linux in a way where it can only communicate with the outside world via tor and can't even see my network interace(s)/local network, even if I wanted it to. If you don't get any of that and just want to push a button that makes you anonymous, you might be in an inferior position to begin with. This is not meant in an insulting or arrogant way (I hold privacy very dear and it should be available to everybody) but the truth is if you can't identify risks and plan your own opsec, you might have a problem. Even the kiwileaks have shown that people that found their way here are not good about anonymity and there was enough data in that leak to dox some of them. No fancy vpn/browser/technology is going to protect you if you can't do it by yourself.


True & Honest Fan
like I said before I do not care (not enough energy) if my VPN is doing some shady shit or doesn't resist a determined state actor who thinks I'm a terrorist or illegal weapons dealer or something. If a government really wants to track me down they can easily and I just can't put in the energy to be paranoid. I just don't want to see any ISP letters from watching an old movie or downloading music.


However, the first TOR hop could do the same. But if someone gets a subpoena for your ISP and for the site you're connecting to with TOR, showing you were connected to TOR at the same time as the TOR connection to the site was made is at least consistent with you being that person, especially if they have other evidence to go along with that.
That is why its a good idea to use TOR when ever you can even for general web browsing. You can't correlate a TOR start/stop time for something that happens on a site if you never stop TOR. Leave a site like drudgereport with it's autorefresh or a site like KF open in a tab and your connected to the guard node constantly.

Use TOR 1 time in a month and it correlates exactly to the time something exceptional happens on a site. Ya that might be you.
Use TOR 31 days a month and something happens its a lot harder to say that was you.


You Can't Outrun the Dark Man
I use the TOR browser a lot so I guess your just as fucked as me. A little glow aint so bad.
The KF .onion works great and I don't really notice any speed difference with my shitty internet connection.
I got "hacked" in the big kiwifarms breach and literally have only seen an uptick in Nigerian Prince emails to the address associated. *yawn*

Smug Cat

An unarmed man with a knife
True & Honest Fan
For all you weirdos, if the spooks want you they'll get you VPN or not. If you're just concealing your IP from MPAA/RIAA for torrents and websites, pretty much any VPN listed on will be fine.
The difference between shady and not-shady VPNs is more for general privacy concerns than anything else, imo. You're right - if the feds want you they'll get you, no matter what you do. However, the company that just bought PIA has an awful reputation. They're an aggressive tracking and advertising company, and they've also been involved in adware and browser hijacking in the past (you can read about that a bit here). The MPAA still won't bother to get your real IP, and the spooks will still get it if they want it, but if you're a general privacy sperg like me, the difference between that and a more reputable provider is absolutely critical.


Trust me, I'm white
True & Honest Fan
Fucking Semper Fi. Thanks for the heads up, Josh. Little things like these are why I stick around. Every crazy motherfucker under the sun can suck my ball if they don't like my opinion, dox or not but a cover of a fuckup coming from a service or site admin feels like actual treason and a completely valid reason to bolt the fuck out.

No electronic service is safe but morals are a choice. If you compromise those, you're done.

I run my own VPN on an EC2 instance, works wonderfully. Free for a year, and something like $7 a month at my current data usage after. Highly recommend.
eh, if your the sort to use the vpn to "hide among the crowd" and an additional layer of CYA when your up to shady shit, this method does fuck all as the traffic coming out of it is directly tied to you and your billing info.

However if you're trying to make a remote access tunnel to and from home, or just for a private pipe when on foreign networks, this ain't too bad of an idea if you've got the cash to do it. Trusting yourself is better than some less than transparent company shilling "privacy services"


Boys are for pleasure women are for babies
I run my own VPN on an EC2 instance, works wonderfully. Free for a year, and something like $7 a month at my current data usage after. Highly recommend.
whats the most expedient way to transfer my data to the cia aws servers