You must log in or register to comment.
A VPN is just essentially a change in ISP.
importantly it’s (hopefully) an ISP that operates from a less copyright-happy country and isn’t tied down to tons of expensive infrastructure and long-term contracts
And make sure it’s a VPN that supports port forwarding. Sharing is caring.
or just use Usenet.
Yeah there is no way Surfshark, NordVPN and other services are compromised and or straight up run by the NSA
let’s say that VPNs are compromised and “they” know that you’re downloading “illegally”
in order to prosecute, “they” have to prove you’re a pirate and show how they know
would they compromise their backDoor to go after a tiny pirate?
you don’t really need to scare quote they in this context. The NSA and similar organizations are real and operating at this scale right now.
Will they compromise their back door to go after a pirate? No. Will they collect data on you to profile you and your activities and use that in the future? Yes.
It is not if, it is when the digital police state is imposed will we know the real end state of this level of data collection. My warning about them is not just about the pirates, its about installing their software and letting them port mirror you and cache your dns calls for years to target you later.
This is why I compose all my messages on an air gapped computer and send them out from my compound with couriers.
Unless you PGP-encrypt everything by hand you’ve just lost the fight
I personally just use a VPN that connects to NSA servers so they think it’s themselves doing the torrenting.
Who controls the couriers though
Will they collect data on you to profile you and your activities and use that in the future? Yes.
And that’s why the only thing I use my VPN for is piracy. Don’t really have a good reason to push anything else through it.
in order to prosecute, “they” have to prove you’re a pirate and show how they know
would they compromise their backDoor to go after a tiny pirate?
this information isn’t likely to be public after the fact.
Oh also people use VPNs to buy DIY hormones online, what happens when the inevitable US anti trans witch hunt happens?
nothing because it’s fucking hormones. It’s not meth.
Estrogen, yes. Trans guys are fucked if we’ve got to order testosterone off the internet.
yeah, and? What are they going to do? Send the DEA after you for growing GMO titties? Gonna hit you with the ATF because you grew hormonally altered facial hair?
They’ve got shit like fentanyl to be worrying about. I think this is probably the least of concerns, especially considering this is less “drug addiction” and more “illegal prescription drugs” instead. Besides, they don’t get drug money from trans people.
It’s certainly a potential risk for procurement of the drug legally. But that’s already a problem.
In fairness I doubt the NSA give a single solitary fuck about piracy and aren’t about to give themselves up over a telesync rip of Beetlejuice 2.
But probably best to plan 9/11 part 2 over something a bit more secure.
Bro I’m downloading Final Fantasy, not running a pedo marketplace. I will be fine.
do you have a moment to talk about our lord and saviour mullvad vpn
I don’t think they care about piracy.
what about proton or mullvad?
Both are considered strong choices but again… This is 100% trust me bro.
But that’s the people the bros chose to trust
Are you suggesting that it’s pointless to use a VPN?
For anonymity, yes. Sure you might fool Google trying to match your IP to your traffic but that’s about it
How so, specifically for logless VPNs?
Technically speaking, VPN logs tend to include the IP address of clients connecting to them, after which the good VPN providers like Mullvad, IVPN and maybe PIA tend to purge them somewhere in their process. Now, if the VPN is running in a RAM-only node, then these logs probably don’t touch storage, which means there’s not much need to shred information from hard drives for the VPN provider.
With that said, an ISP can technically log your traffic and see that you’re connecting to the IP range associated with a VPN. That and perhaps some more covert side-channel/correlation attacks can, in theory, compromise your identity.
Of course, this is going deep into OPSEC and forensics, and I don’t think the NSA is that interested in the average Billy torrenting “The Office” to go through that many logs, even if the studios sue in court. Hence, technically your privacy is somewhat maintained with the good VPN providers, but you’re definitely not anonymous
That’s kind of my thought as well. It’s certainly possible someone might go through the effort to find a single pirate downloading The Lion King, but that’s a lot of effort (read: money) to find just one person.
There’s certainly the possibility that an ISP could note that you connected to a VPN, but given that it’s not a remarkable event, since people connect to VPNs for all kinds of legal reasons, they aren’t likely to track your particular IP’s connection to a VPN apart from a court ordering them to care. They get paid their monthly internet plan price whether someone pirates or checks their email.
If someone was running the Pirate Bay from their home servers, however, more parties would likely be interested in finding that person, and that person’s threat model probably exceeds just using a logless VPN.
Maybe I should have said “it’s not anonymous based on your threat model”
At least if the company is run from the US
Everyone knows it’s impossible for the NSA to buy rack space in Bulgaria, where they literally don’t have to deal with any US legal process.
It’s also impossible for the NSA to market such a service via pop-privacy blogs and social media profiles.
The funny part about this is that the Snowden leaks showed that the NSA actually put a lot of effort into doing shit like this specifically to avoid all the paperwork which came with accidentally collecting data from US citizens. Keeping the data and analysis off shore means no pesky FISA paperwork.
Why?
Because if the government wants that data then they are gonna get it. If it’s in another country its a lot more work than just serving them a warrant like it is if they are USbased
At least that’s a more reasonable answer than trying to imply the NSA has backdoors everywhere.
My position is that it all depends on your threat model. The government isn’t likely to go after someone who torrents files and is hidden by a VPN. The government might go after someone running a streaming site, on the other hand.
And even that might wind up with a dead end. AirVPN (for example) is Canada-based, has no logs, and accepts both crypto and anonymous cash payments.
Yes, a hosted seedbox paid with crypto and self managed keys is the way to go for torrenting
If you are worried about VPN’s, why are you not worried about seedbox providers?
As he said, paid with crypto and managed with his own keys. I don’t see how the seedbox provider can trace you if you do that, so there’s not that much to worry about
You’re going to connect to the seedbox at some point, which ties your IP to the traffic. If you are worried about a VPN attaching your IP to traffic, this is no different, no?
SFTP over TOR. This should be a requirement at this point.
If you’re not doing that, then yes you’re technically right in that seedbox companies can be subpoenaed too. I usually use TOR to copy over what little I torrent.
I am not worried about my torrenting traffic. I am worried about installing their software on my machine and giving them wide access including port mirroring.
if you can’t connect to a vpn using only open source software, that’s a crappy vpn
What evidence do you have that no-log VPNs are compromised by the NSA? What about VPNs based in other countries like Canada?
the US has so much geopolitical reach that companies in canada or elsewhere would just hand over the question if it was high enough profile.
That’s an interesting point, but I think the “if it’s high profile enough” is key. People torrenting files is probably low on their priorities. On the other hand, somebody organizing a terrorist cell is probably much higher.
Companies might have an interest in finding pirates, but it would not be as easy for them to get other companies to comply with their subpoenas.
yeah if ur just a dude pirating, it probably doesn’t matter, but if they find you’ve done a large crime, you can bet your ass that shits getting yoinked from you.
companies might, but that’s almost entirely through legal processes. ceast and desists, required reporting, etc…
You might have heard about Edward Snowden? Have you looked into anything that he leaked?
The existence of the NSA and their activities is not proof that they have backdoors in VPNs. That’s bogeyman conspiracy theory shit—“they could be anywhere, therefore they’re everywhere!”
You still haven’t answered the question, and I’m beginning to think you are making shit up based on paranoia.
Go ahead and use these services. I don’t care about you, what you do or what you think. You are deeply unserious if you are not paranoid about the surveillance and I really have nothing to discuss with you.
Is there literally any evidence that the US government managed to extract useful information from no-log vpn providers in the US?
You didn’t answer the question. Your behavior is toxic.
My behavior is toxic because I am saying VPN services aren’t safe? OK whatever. I really don’t care what the fuck you do. Go ahead and pay money for these services 🤷♀️
Is your home machine, your phone, better protected than the VPN servers? I bet you’re not as good at IT security as the IT security staff VPN companies hire
If your threat model includes nation state actors, you’re best off not using networked computers
I am all about good tinfoil but some of these people acting as if they are SNOWDEN lol
Yes if feds wanted to catch you shitposting, watching big titied asian porn and downloading coldplay… I think there raised ways than compromising a VPN provider.
Unless it is a honey pot, then use a different VPN provider. Gonna need trust at the end of the day.
I don’t use a VPN because my government has acknowledged that an IP address cannot identify what individual was using it.
wouldn’t trust that tbh
I know that government prosecutions for fraud against government use IP addresses
The IP address identifies the company or home the fraud was done from, the account the money went to identifies the individual
If breaking the law and able to afford to make it difficult for prosecutors, it’s probably best to make it difficult for the prosecutors, we may have an activist pro copyright holder government in future and logs are forever (or 5 years)
Instructions unclear, VPN’d into my own home network.
I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P I2P
watched the mental outlaw video i see
Yeah, if you don’t mind it possibly taking a week to download something… Really like the idea, but in practice it’s very slow for something like that, unless you got a lot of seeders for something maybe.
I2P
wait, so this would route my traffic through others’ internet connections and theirs through mine? seems like a great way to get implicated for actually illegal activity, like, say, other people running I2P to download and/or upload certain types of porn.
Man, why is everyone like this? Please read the documentation, the traffic is encrypted and metadata cannot identify you. Unless the NSA has an active hack for I2P lying around, NO-ONE IN THIS WORLD can find out what chunks of traffic just went flying by your internet connection
sure, but I2P’s end-to-end encryption is for connecting to I2P addresses, not the general internet. I’m unclear on whether every node serves as an anonymized connection to the internet, though.
EDIT: read a little deeper! so no, not every computer connected to I2P is an internet-connected node, but, due to the limited number of internet-connected nodes, I2P does not offer the same level of anonymity that a VPN does, and may struggle from bandwidth issues.
I can understand the argument against bandwidth, but how do you conclude that it is not anonymous enough? Even against a VPN?
the whole purpose of a VPN is to anonymize internet traffic, so they have many servers that send traffic out to the internet, which improves both anonymity and bandwidth. I2P is more akin to Tor, with anonymizing internet traffic as a bit of an afterthought, and the limited number of internet-connecting nodes makes users’ traffic more trackable.
What you’re talking about is supposed anonymity in obfuscation, and that has been proven to not work.
Also, most VPN companies keep logs and can be subpoenaed. Not all, but most. I2P is meant to anonymize your traffic, so I do not see the point of your statement
What you’re talking about is supposed anonymity in obfuscation, and that has been proven to not work.
if it’s been proven not to work, then neither I2P nor VPN is worth using, no?
most VPN companies keep logs and can be subpoenaed.
well, sure, but that’s why anybody looking into a VPN is generally advised to use specific, known-good VPN providers who don’t keep logs and who, preferably, aren’t headquartered in a country with strict IP law.
it’s all encrypted, and a darknet, so unless you’re routing through exit nodes, or you host an exit node, that information isn’t publicly accessible.
the other problem here is the “illegal contents” problem, if UPS accidentally ships a human head in the mail, is that the fault of the UPS? If someone mails a bomb to someone else, is that also the fault of UPS?
Ultimately, there is little to no reasoning as to why you should be capable of getting into trouble, unless you’re storing it, and it’s a very very strict law. But it’s a router, so it shouldn’t be storing anything.
There are no exit nodes on i2p.
there can be clear net proxies iirc, which are essentially exit nodes, but they aren’t recommended for fairly obvious reasons.
It’s called an outproxy
The i2p outproxy is simply a user-specified proxy that i2p uses when you try to fetch someting outside the i2p network. I2p does not implement that proxy itself, therefore it is not part of i2p / it can’t be called an i2p exit node.
It seems trivial for the US government to tie data into TOR to data out. If you’re hiding things that government is willing to spend effort seeking, it’s not safe.
im not sure to which scale this is true, but TOR specifically is highly centralized, and by design I2P is extremely decentralized, with most nodes running network routing of other nodes. Not that it’s impossible to do, it’s just a lot harder, and not nearly as valuable.
A lot of the ways in which people are got over shit like TOR is just skill issuing. Don’t run a drug empire on the darknet and you’ll probably be fine. If you do run a drug empire on the darknet, you better be damn fucking good at opsec, and pretty fucking good at laundering money. And even then you’ll probably still end up fucking it up.
has it gotten any better since 100 years ago or whenever I was a kid?
Even Haru’s billionaire ass can’t afford all these subscriptions 😭
i never hav to use one lmao
do i want to be her or date her?
It’s important to note that a VPN is simply somebody else’s network in another location.
And please don’t use anime girls to refer to every fucking thing in the world
I mean this is Persona 5 and this is 100% what Futaba would say and do
My country doesn’t care, so it’s not necessary
Let me guess India?
You missed by a looooong shot, it’s Slovenia.
Maybe? But basically 90% of the countries in Asia continent doesn’t really care about digital piracy
I use Comcast VPN cheaper than mullvad /s
Nah, Verizon VPN is better
Haru asking Futaba where she has to type in her dad’s credit card number
I thought you don’t need a VPN for things like usenet
Your ISP sees the connection to news.usenetserver.com and if they cared could get a court order to get your data from them. They can compel you to release your username and password.
You also need to protect yourself against future law and enforcement
You can’t keep secrets from the future.
Heard that once in a song about how all encryption is doomed to break against future math/computing power. Great eery phrase.
You can keep secrets from the future. Future decryption won’t help government see what you did in the now, the logs don’t store the encrypted payload, only the end points and the user/ip
If your provider supports SSL and you actually turn it on then no technically don’t need a VPN for Usenet.
this is dangerous advice. courts can still subpoena the usenet provider for your information.
I guess, that depends on the legislative of your country, maybe they see all interactions with usenet providers as illegal, and if you are not using a VPN they see what IP you talk to. But in the other hand, in such countries, using (foreign) VPNs may also be illegal🤔
Meh my Usenet provider also partners with a VPN provider. Still costs me £5 a month for the VPN but I may as well use it, I like having a VPN
