pull down to refresh

0 sats \ 8 replies \ @Scoresby OP 20 Aug \ on: Who is more trustworthy: your ISP or your VPN? privacy
If you do trust your VPN provider more, why?
write
preview
127 sats \ 4 replies \ @optimism 21h
Not trust, but less regulated.
  1. VPN is in a privacy-respecting jurisdiction, but my ISPs often aren't - i.e. using one of those popular "anonymous" 3at or proximus esims, you're basically getting packet logged in resp. Austria or Belgium.
  2. ISPs are often mandated by law to keep logs, VPN I use is explicitly excluded from that in their jurisdiction
  3. My VPN doesn't have any KYC (neither does any of my esim providers though)
  4. MOST IMPORTANT: I don't use a single VPN account. I switch prepaid VPN accounts when I switch eSIMs (and these I switch with every border crossing)
reply
100 sats \ 3 replies \ @Scoresby OP 20h
I did some quick googling about packet logging, but couldn't get a sense of what the implications are. (Speaking as one who often uses esims while traveling)
reply
202 sats \ 2 replies \ @optimism 19h
Packets are the atomic data containers that you use to communicate over the internet.
Packet logging is simply the act of capturing that data at the transport level. Often packets are logged, processed and discarded 1. Much of this originates from the EU - of which both Belgium and Austria happen to be member states. To the best of my knowledge, the main body of text covering this is Directive 2006/24/EC.

Footnotes

  1. For example, the 2005 comms law in Belgium (only available in Dutch, ugh) dictates a ton of information that needs to be stored by Belgian operators based on usage (including usage that fails.) This includes for example timestamps of sessions, with IP and port information. In practice, most (allegedly all) Belgian ISPs consistently fail to do this because it's too much data to store except for the KYC parts, which you avoid by ordering through a middleman internationally.
reply
100 sats \ 1 reply \ @Scoresby OP 18h
But if it's https aren't they encrypted? I'm sure there us meta analysis one can do on them, but I have been under the impression that encryption prevents some of it.
Now, there is also maybe the risk that they are storing the packets until encryption is broken...but I'm not too worried about that.
reply
102 sats \ 0 replies \ @optimism 18h
Very good questions!
But if it's https aren't they encrypted?
The traffic is, but on all popular OSs (win/android/ios/macos), you have to manually configure encrypted DNS for your DNS lookups to not be in cleartext and the IP address that you're communicating with is too (and it's trivial to reverse-lookup) so your ISP can easily find out where you're going.
there is also maybe the risk that they are storing the packets until encryption is broken
There were some allegations that specific traffic, like all tor traffic, gets logged for later correlation, but I can't remember if I've seen direct evidence of that. Wouldn't surprise me though if that were the case.
But for the majority of traffic this wouldn't be feasible. I.e. an X post with 3 million views would be stored 3 million times, including all the megabytes of bloat surrounding the actual few 100 characters... Now imagine a 7GB youtube HD video. A Netflix series everyone binge watches... and so on.
reply
22 sats \ 2 replies \ @SwapMarket 23h
because I pay them with LN bitcoin and there is no KYC. all they see is tls traffic, no way to snoop.
reply
0 sats \ 1 reply \ @Scoresby OP 23h
don't they also see your ip address and every site you visit (and also your browser fingerprint)?
reply
0 sats \ 0 replies \ @SwapMarket 22h
yes, sure. everything can be unraveled if there is a good reason. I rotate several vpns to make it harder, including my own hosted at aws free tier.
reply