Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Thursday March 30 2017, @03:43AM   Printer-friendly
from the sipping-from-a-firehose dept.

The FCC broadband privacy rules have now been repealed by both the Senate and the House, and the repeal is highly likely to be approved by President Trump. This has generated interest (and advertising) for VPN services:

The vote by the U.S. Congress to repeal rules that limit how internet service providers can use customer data has generated renewed interest in an old internet technology: virtual private networks, or VPNs.

[...] "Time to start using a VPN at home," Vijaya Gadde‏, general counsel of Twitter Inc, said in a tweet on Tuesday that was retweeted by Twitter Chief Executive Jack Dorsey. Gadde was not immediately available for comment. Twitter said she was commenting in her personal capacity and not on behalf of the company.

[...] Some smaller broadband providers are now seizing on privacy as a competitive advantage. Sonic, a California-based broadband provider, offers a free VPN service to its customers so they can connect to its network when they are not home. That ensures that when Sonic users log on to wi-fi at a coffee shop or hotel, for example, their data is not collected by that establishment's broadband provider. "We see VPN as being important for our customers when they're not on our network. They can take it with them on the road," CEO Dane Jasper said.

[...] Private Internet Access, a VPN provider, took a visible stand against the repeal measure when it bought a full-page ad in the New York Times on Sunday. But the company, which boasts about a million subscribers, potentially stands to benefit from the legislation, acknowledged marketing director Caleb Chen.

VPNs have drawbacks. They funnel all user traffic through one point, so they are an attractive target for hackers and spies. The biggest obstacle to their routine use as a privacy safeguard is that they can be too much of a hassle to set up for many customers. They also cost money.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday March 30 2017, @04:55PM (5 children)

    by Anonymous Coward on Thursday March 30 2017, @04:55PM (#486589)

    > That applies to all VPNs in existence. Even PIA.

    Yes it does. But shielding the contents of your network traffic is rarely even a bullet point on the list of features of hosting companies. While it is the primary selling point of all serious VPN services. So if the hosting companies decides to spy on their users' traffic it won't hurt their business all that much. While if a VPN does it, they will face mass desertion. In the specifics, PIA has already had their no-logging policy validated in court. [torrentfreak.com]

    > You get to decide the level of logging (if any at all).

    Not if the hosting company decides to do logging. Its trivial to log the traffic of a VM, it all goes through a virtual interface anyway.

  • (Score: 2) by tibman on Thursday March 30 2017, @06:32PM (4 children)

    by tibman (134) Subscriber Badge on Thursday March 30 2017, @06:32PM (#486671)

    Is your argument that trusting someone else to run your VPN is safer than trusting yourself to run your VPN? Or is this specifically about hosting your own VPN in a VM though Linode?

    So if the hosting companies decides to spy on their users' traffic it won't hurt their business all that much.

    Are you suggesting that normal datacenter customers wouldn't be pissed? Only VPN customers would be pissed? Because privateinternetaccess hosts their machines in other company's data centers: http://www.vpn-providers.net/private-internet-access-vpn-network.php [vpn-providers.net]

    Most of the cons you list for running my own VPN apply to your favorite VPN provider (pia). The only difference i am seeing is price, maintenance, end-points, and extra utility. PIA is cheaper, has zero maintenance, lots of end-points, but zero extra utility. For privacy i argue that running your own server is better. Assuming that you know how to update and manage linux remotely. The less you have to trust other people the better. The less middle-men the better. Though ease of use is a really good trading point for security. Suggesting that a mass VPN provider is more private than your own private VPN is a tough sell. I'm not buying it.

    --
    SN won't survive on lurkers alone. Write comments.
    • (Score: 0) by Anonymous Coward on Thursday March 30 2017, @08:24PM (3 children)

      by Anonymous Coward on Thursday March 30 2017, @08:24PM (#486725)

      > Or is this specifically about hosting your own VPN in a VM

      This is specifically about out-sourcing the hosting of your VPN, full stop.

      > Are you suggesting that normal datacenter customers wouldn't be pissed? Only VPN customers would be pissed?

      I am saying that normal datacenter customers do not care as much as VPN customers.
      Obviously some care a lot. But for most, it does not even register.

      > The only difference i am seeing is price, maintenance, end-points, and extra utility. PIA is cheaper, has zero maintenance, lots of end-points, but zero extra utility.

      Yes, exactly. For the overwhelming majority of ISP users all that stuff except "extra utility" is important.
      Recognize that you are a severe outlier.

      • (Score: 0) by Anonymous Coward on Thursday March 30 2017, @08:58PM (2 children)

        by Anonymous Coward on Thursday March 30 2017, @08:58PM (#486742)

        Allow another AC to add to other AC in pros/cons of rolling your own vs PIA-type services.

        1. PIA is a HUGE target for both hackers and law enforcement (and potentially lawmakers). It's like using lastpass for passwords which I also think is dumb. All it takes is a quietly discovered vulnerability to be pwned. Security through obscurity with a roll your own option.

        2. You are guaranteed to be sharing IP addresses with people doing very NOT legal things on PIA. This can be both a pro and con. Pro is nobody can prove it was you. Con is someone might say it was you when it wasn't.

        3. I don't see why the logging and retention policy matter between a VPS and PIA. You choose to use a service that claims they do or don't do what they say and that you are in agreement with. And you pretty much have to blindly trust that regardless of the service. VPS services normally have very clear logging, retention, and privacy policies and there are many of them are just as *favorable* as what PIA's are.

        • (Score: 0) by Anonymous Coward on Friday March 31 2017, @01:46AM (1 child)

          by Anonymous Coward on Friday March 31 2017, @01:46AM (#486874)

          The most overlooked benefit is that your traffic through the VPN endpoint is combined with the traffic of many users whereas the hosted VM option is going to be limited to only yours. Also, you can pay many VPN providers anonymously which can be useful. Also, the best VPN can be overcome with a few lines of JavaScript. So if you've been unwilling to give up JavaScript/Facebook/whatever thus far, you can probably skip the VPN at this point...

          • (Score: 0) by Anonymous Coward on Friday March 31 2017, @07:04AM

            by Anonymous Coward on Friday March 31 2017, @07:04AM (#486972)

            > Also, the best VPN can be overcome with a few lines of JavaScript.

            Not if you do it right.
            PIA's client uses iptables to lock it up tight.
            So tight that I had to manually add my own iptables rules just to talk to other machines on my local subnet.