/cyb/ - cyberpunk and cybersecurity

>>1938
If I may ask, why is this one reliable/more reliable than the numerous shills ?

>>1976
While I'm at it, according to this list, the best VPN available (nothing checked red) would be:
Trust zone
Mullvad
BlackVPN
IVPN
AzireVPN
BolehVPN

Which one are you using/which one do you recommend ?

>>1938
There's literally nothing trashy about PIA.

So-called VPN providers don't own their servers, or networks, they rent a bunch of servers around the world in different datacenters with different data retention and logging policies. If they tell you they "don't keep logs", they surely do, and even if they really didn't, the datacenters have keep their own logs, the Tier 1 ISPs have their own logs, governments put their taps here and there. You are not anonymous by using a VPN, not by a single margin.

Here's an idea: host your own. As long as you trust encryption and yourself, then you're golden.

>>1991

Self-hosting a VPN has one major flaw: your traffic does not get mixed in with traffic from other users. If you're on a commercial VPN service that actually lives up to a no-log promise, and you go to shadywebsite.com, there's no realistic way for someone else to tie that shadywebsite.com traffic back to you.

But if you self-host (say, on a VPS somewhere), then it's trivial to figure out that all traffic to and from that VPS is by the owner of that VPS. And once someone figures out who owns the VPS, it's game over.

>>1977
Mullvad is the specific one they recommend (the only one with a "GOOD TOPG Choice" badge).
https://thatoneprivacysite.net/vpn-review-badge-chart/

>>1976

It's not "they", it's a single guy who does this for donation money. It's his own site. He doesn't accept anything from VPNs and anything they send him he publicly discloses and gets sent back. You can see the criteria for the ranking list in the sidebar.

>>1986
If a hundred thousand people have a connection to a VPN service and you're the NSA or their hosting provider or whatever, you still don't know by sniffing the openvpn session which of the hundred thousand people connections coming out is yours. That's the point of a VPN. Of course your ISP knows you're connecting through it, the problem is linking that to a signal going the other way.

>>1991
You need to think a little harder about what you just suggested lol

>>1938
Take TOPG's list with a grain of salt because it looks like he's going for quantity over quality. I just looked over Cryptostorm's (the one I use) and there are fields which are wrong or even blank when there's clear evidence to support/reject a particular claim.

Only use the dude's list as a starting point, in other words.

>>2015
>you still don't know by sniffing the openvpn session which of the hundred thousand people connections coming out is yours.
Totally not true. They can't determine who is downloading what if users access a private network over VPN which is it's actual point. If you use some sort of generic tunneling protocol like TLS/OpenVPN to access public internet, then it is possible to fingerprint your traffic for different websites with about 90% accuracy. Chosen plaintext attack, remember?
Then, there is nothing stooping local police from seizing the servers or installing taps on running virtual system under disguise of investigating drug smuggling/terrorism or italian flat pies with sour milk in solid form.

>>2133
A chosen plaintext attack is a form of cryptanalysis that, at least in public knowledge, does not work on any modern encryption system. An attack like that being shown to work on TLS would immediately be cause for a move away from 1.3.

> . If you use some sort of generic tunneling protocol like TLS/OpenVPN to access public internet, then it is possible to fingerprint your traffic for different websites with about 90% accuracy.

Fingerprinting connections based on bandwidth/connection timing has been postulated but I haven't seen any proof that such attacks are practical. Where are you getting this information? 90% accuracy under what circumstances? How many people are connecting through the tap to this hypothetical VPN? How much traffic do you have to analyze before getting this 90% accuracy? How many bits of information can be gathered through these correlative tap in tap out procedures?

Hypothetically the NSA could tap the entire internet and use correlation attacks to deanonymize any connection, given a long enough time. I find it hard to believe that these attacks provide them that many bits, though, because darknet markets are still a thing and people still get away with massive amounts of cybercrime.