VPNs -

Venomine

Probably doesn't know what he's talking about.
kiwifarms.net
Posting here since I think the "No stupid questions thread" has died.

So I just got a standardized message from my ISP on my browser, apparently they are pissy i yarr harr'd a little to hard over the past month. Is there anything using a decent VPN (like Proton) will NOT guard against when it comes to that kind of thing?
 

AnOminous

Really?
True & Honest Fan
Retired Staff
kiwifarms.net
Posting here since I think the "No stupid questions thread" has died.

So I just got a standardized message from my ISP on my browser, apparently they are pissy i yarr harr'd a little to hard over the past month. Is there anything using a decent VPN (like Proton) will NOT guard against when it comes to that kind of thing?
The free service blocks peer to peer. I also don't think it would block any kind of client fingerprinting, for whatever clients are vulnerable to that. So at least change to a new client if you're not sure.

And I don't know how resilient something like Proton is against serious lawfare. I'd look for guaranteed no log VPNs with a track record of actually not turning anything over. PIA used to be in this club, and may still be, but was recently sold to a seriously shady company.
 

Venomine

Probably doesn't know what he's talking about.
kiwifarms.net
The free service blocks peer to peer. I also don't think it would block any kind of client fingerprinting, for whatever clients are vulnerable to that. So at least change to a new client if you're not sure.

And I don't know how resilient something like Proton is against serious lawfare. I'd look for guaranteed no log VPNs with a track record of actually not turning anything over. PIA used to be in this club, and may still be, but was recently sold to a seriously shady company.
just for clarity, i was not using proton at the time i yarr harr'd. I only mentioned proton since it seems to be null's replacement endorsement for PIA since that buyout. he mentions they don't keep logs.

once more just to avoid any confusion for anyone glancing at this thread: I was NOT using proton (or any other vpn) at the time i got that message.

so lets assume you're in my shoes, and proton lives up to the standards of PIA (pre-buyout). would you be concerned?
 

3119967d0c

a... brain - @StarkRavingMad
True & Honest Fan
kiwifarms.net
I hadn't seen this discussed anywhere as of yet. More NordVPN bullshit.

Interesting. I know I've seen various dumps around of 'NordVPN credentials'. This vulnerability obviously doesn't provide passwords. I'm guessing the people behind those might have gotten email addresses associated with NordVPN accounts that way, then tested those against passwords from other dumps.

Obviously, you should set up a throwaway email via cock.li or similar and pay with a secure cryptocurrency like Monero, in which case this unfortunate failure is nothing to worry aobut.

At least they're still owned by trustworthy actors, unlike PiA.
 

AnOminous

Really?
True & Honest Fan
Retired Staff
kiwifarms.net
Interesting. I know I've seen various dumps around of 'NordVPN credentials'. This vulnerability obviously doesn't provide passwords. I'm guessing the people behind those might have gotten email addresses associated with NordVPN accounts that way, then tested those against passwords from other dumps.

Obviously, you should set up a throwaway email via cock.li or similar and pay with a secure cryptocurrency like Monero, in which case this unfortunate failure is nothing to worry aobut.

At least they're still owned by trustworthy actors, unlike PiA.
I wouldn't call repeatedly covering up vulnerabilities rather than disclosing them, often after months of vulnerability, "trustworthy."
 

ArtPig

kiwifarms.net
My NordVPN 1-year subscription is set to expire in a couple days, and I've been planning on switching to another company, but each one I look into seems to have its own problems. Nord covers up any vulnerabilities they discover (and I have to assume for every one that we DO hear about, there are 10 we don't). ExpressVPN is based in the British Virgin Islands and logs timestamps and bandwidth. ProtonVPN is based in Switzerland, but don't they cooperate with 5 Eyes? PIA is based in the US and seems to have been bought out by sketchy characters.

Starting to think I might be better off sticking with Nord, after all... *sigh*
 
Tags
None