undefined | Better HN

0 pointsneilalexander3y ago0 comments

> Actually, they do: Neither your ISP nor the government (assuming the VPN provider is in a "hostile" jurisdiction) can intercept, analyze or modify your Internet traffic

No, you're just delegating those capabilities to some completely unregulated random actors instead.

> which means any sort of shady bullshit would be a virtual death sentence

This assumes that their shady bullshit is discovered by someone. I would bet good money that the vast majority of it isn't. They could be sampling traffic and selling it to other companies without modifying it and users would never be any the wiser.

Honestly, I wish we could get past this broken narrative that VPNs are a panacea.

0 comments

2 comments · 1 top-level

mschuster913y ago· 1 in thread

> No, you're just delegating those capabilities to some completely unregulated random actors instead.

It's a question of trust in the end. Telco providers not just in the US but across the Western world have shown time and time again that they cannot be trusted: traffic manipulation, DNS hijacking, selling data to the highest bidder [1], engaging in open corruption to prevent competition, predatory sales tactics, fee scams, peering extortion [2], misappropriating government funds [3] - name the act and you'll find a dominant ISP having done or still doing that practice.

VPN providers generally don't have that baggage attached.

> This assumes that their shady bullshit is discovered by someone. I would bet good money that the vast majority of it isn't.

I agree, but at least the incentives are aligned completely different than with ISPs. The large ISPs can do whatever they want, even breaking the law, because their consumers have no other choice - rural ISPs will get competition from Starlink soon enough, but people in condos? They're stuck with whatever the landlord offers, and the landlord won't care even if there is competition as long as the monopoly ISP pays higher kickbacks.

[1] https://www.ftc.gov/news-events/news/press-releases/2021/10/...

[2] https://www.heise.de/hintergrund/Missing-Link-Regulierer-vs-...

[3] https://eu.jsonline.com/in-depth/news/2021/07/14/weve-spent-...

neilalexanderOP3y ago

> Telco providers not just in the US but across the Western world have shown time and time again that they cannot be trusted

This is true, although there's still a very large risk element here. The average person is not likely to be able to safely determine which VPN providers are trustworthy or not. They also aren't likely to understand their limitations, i.e. they don't grant you perfect anonymity, they don't grant you perfect immunity, they may or may not capture the traffic that you intended or thought.

In that case, is it really a good thing for VPN internet provider usage to be on the rise? All we're seemingly doing is handing people more guns to potentially shoot themselves in the foot with.

ISPs, for all of their transgressions, tend to be registered and regulated companies and that makes it much easier to at least find someone to target with legal action if needs be. The bar might be low but there are some standards to which they have to adhere to. Many VPN providers are nameless and faceless "organisations" with little-to-no regulation or responsibility. It's difficult to know if they take your privacy seriously, whether they are taking adequate precautions not to log, to not leak data or to adequately secure their systems.

Hell, it's entirely possible that your VPN provider is actually just an FBI honeypot on the lookout for people who are only actually using a VPN service because they have something to hide. How would you tell if they were?

I just don't really buy the argument that having different incentives means they are any less likely to be nefarious or negligent.

j / k navigate · click thread line to collapse