[HN Gopher] Consolidation of the VPN industry spells trouble for...
___________________________________________________________________
Consolidation of the VPN industry spells trouble for the consumer
Author : InvOfSmallC
Score : 93 points
Date : 2021-09-18 17:03 UTC (5 hours ago)
(HTM) web link (blog.windscribe.com)
(TXT) w3m dump (blog.windscribe.com)
| goodpoint wrote:
| Use Tor.
| armchairhacker wrote:
| I'm may be dumb wrt this but i really don't get the VPN business.
| Why so much advertising for VPNs in particular?
|
| Looking at why someone would want to use a VPN:
|
| - Protection from governments or big businesses: you probably do
| actual research, not listen to some ad by your favorite gamer
|
| - Protection from scummy ad tracking: Most people still do some
| research here albeit less carefully. But again, if you're worried
| about ad tracking, wouldn't you worry about a VPN aggressively
| advertising themselves?
|
| - Access region-locked content: Any VPN works here. This could
| explain some of the advertising. But still, most VPNs talk a lot
| about security, and only a small section on region switching. I
| would imagine if this was the main target audience VPN
| advertisements would be different.
|
| Are people so gullible that they see an ad for NordVPN, think "oh
| shit I need to protect my security", and then buy NordVPN,
| without questioning at all if it's worth the money, if there's an
| alternative, or why NordVPN advertises on XxGamerClipz? So much
| that NordVPN makes money off of its ads? And if so, why don't
| other companies do this that could better target dumb people?
| vkou wrote:
| There is one other use case that is rare, but the one I needed.
|
| Sue to shitty peering, and some bad connection between me and a
| service, I was seeing horrific latency and packet loss.
|
| A VPN let me route my packets through Chicago, which had a
| better connection to the service in question.
| chaz6 wrote:
| I just do not understand it either. When I want some protection
| I use tor. I would never trust a paid vpn service.
| legrande wrote:
| > Are people so gullible that they see an ad for NordVPN, think
| "oh shit I need to protect my security", and then buy NordVPN
|
| Well not the people serious about VPNs. The ones I consistently
| see popup in online discussions about what VPNs to use are
| Mullvad, ProtonVPN (Because of their Switzerland location), &
| iVPN (because they're based in a non fourteen-eyes
| jurisdiction, namely Gibraltar).
|
| Of course jurisdiction doesn't matter since the point-of-
| presence of the particular VPN country is usually housed in
| some cheap colocation datacenter that could have questionable
| ethics and could be feeding logs to adversaries, without the
| VPN provider even knowing.
|
| Then there's the whole 'we never keep logs' claim which can't
| be proven. So, _caveat emptor_ folks!
| ohdannyboy wrote:
| Then there's the whole 'we never keep logs' claim which can't
| be proven. So, caveat emptor folks!
|
| It can be trusted with a fair degree of certainty depending
| on the company. For instance, we know that PIA at the very
| least was willing to testify under oath that they had no
| records to provide the US government. Could they be keeping
| secret logs or have changed practices since? Sure, but at
| some point the claim seems credible.
|
| Now those flavor-of-the-month budget VPNs that cannot
| possibly be profitable unless you're the product? Different
| story.
| bennysomething wrote:
| i thought pia got bought recently by a much less trust
| worthy vpn?
| ohdannyboy wrote:
| Huh, looks like it was. That would make me apprehensive
| about continuing to trust them.
| astura wrote:
| They were bought by Kape Technologies which used to be
| called Crossrider and has a history of producing malware
| and the owners used to work at the Israeli version of the
| NSA.
|
| https://restoreprivacy.com/private-internet-access-kape-
| cros...
| kbenson wrote:
| The issue is that yesterday they may not have kept logs,
| and today they might, and there's no feasible way to know
| for sure. Even warrant canaries can't be relief on if the
| type of warrant requires no notification whatsoever.
| [deleted]
| everdrive wrote:
| >Protection from scummy ad tracking: Most people still do some
| research here albeit less carefully. But again, if you're
| worried about ad tracking, wouldn't you worry about a VPN
| aggressively advertising themselves?
|
| Importantly, most advertising and tracking does not care what
| your IP address is, and so a VPN does nothing here unless you
| can separate your cookies / hardware profile / etc.
| Hamuko wrote:
| > _And if so, why don't other companies do this that could
| better target dumb people?_
|
| I see ExpressVPN ads all the time and they're almost always
| advertised as "protecting yourself from hackers or your ISP".
| jayski wrote:
| i think a vast majority of it is people who want to stream
| content, pirate torrents, etc, without getting a strike letter
| from their ISP
| Hidios wrote:
| > i think a vast majority of it is people who want to stream
| content, pirate torrents, etc, without getting a strike
| letter from their ISP
|
| This use case is definitely very underrated, people usually
| associate VPNs with higher latency but if your ISP has bad
| peering to certain locations, which many of them do, a good
| VPN can do wonders.
| marcus_holmes wrote:
| I live in Germany but don't speak (or read) German. Almost all
| internet sites completely ignore my browser's "preferred
| language" preference and serve me content in German because I
| have a German IP address.
|
| So I use a VPN to pretend I'm in the UK, and get English
| language.
|
| I actually have to turn this off to watch streaming services,
| because they detect it too easily. The streaming services then
| cheerfully serve me English UI (because my account preference
| is for English) but German language content. I understand why,
| but this is such bullshit.
|
| If you want people to stop using VPN's, then stop assuming that
| their IP address has anything to do with their physical
| location, culture, language, bank account region, home address,
| telephone prefix or anything else.
| pydry wrote:
| >Are people so gullible
|
| Yes? I think theyre usually riding off the trust of the content
| creators they advertise with.
|
| >And if so, why don't other companies do this that could better
| target dumb people?
|
| NordVPN arent the only ones.
| ajsnigrutin wrote:
| I watch many, many youtubers... there are probably only two
| or three that i trust with their reviews, and none of ther
| reviews are sponsored.
| vehemenz wrote:
| It's a bit weird that you omit the main reason for VPNs--
| avoiding dumb copyright strikes from your ISP when torrenting.
| To be fair this is a US-only reason. Maybe you live in Bulgaria
| or Finland.
| saurik wrote:
| > Access region-locked content: Any VPN works here. This could
| explain some of the advertising.
|
| Actually, most of the time your VPN is just going to be blocked
| entirely by the service: they have a limited pool of IP
| addresses being shared by users, so the patterns of access of
| users randomly popping up on their addresses makes even
| automated bans pretty easy.
|
| https://news.ycombinator.com/item?id=28143238
|
| To really get this right requires crazy tricks like taking all
| of the traffic destined for a service and routing it to per-
| user stable addresses that you cycle much more slowly. NordVPN
| seems to do this with Disney+, for example. There was a great
| analysis of this done (but to get it you will need to use an
| archive site as the author mysteriously deleted it).
|
| https://news.ycombinator.com/item?id=21664692
|
| The result is that users trying to do this tend to have to keep
| using different VPN services until they find a server on one
| that actually works today, and probably in the process keep
| accumulating subscriptions to "too many" VPN services for "too
| long". A lot of random review sites are then just claiming to
| tell you which service is best able to access such content at
| any time (but honestly, it is a losing battle: there is no
| obvious way to win this in the long term).
| OJFord wrote:
| > Actually, most of the time your VPN is just going to be
| blocked entirely by the service
|
| Actually, my experience is Netflix blocks some of the time;
| Wikipedia blocks (edits) all of the time (which really pisses
| me off - I'm logged in!); and nothing else that I use blocks
| me.
| Tenoke wrote:
| >Actually, most of the time your VPN is just going to be
| blocked entirely by the service
|
| Doesn't seem to be the case 'most of the time' for non-free
| VPNs or at least mine. You can definitely access YouTube
| videos available abroad or BBC iPlayer or whatever. I'm on
| VPN a 3rd of the time and it's only very occasionally I have
| issues. Sure, maybe it's worse with some services but not
| 'most of the time'.
| eptcyka wrote:
| Yep, but Amazon for instance blocks first party content
| when accessing it via a VPN. Some delivery services block
| my VPN outright.
| saurik wrote:
| I am doing an implied integral here over over all random
| VPN services and servers, as the person I am replying to
| said that "any" VPN would work. If you have found one that
| seems to consistently work for the BBC--and based on their
| efforts against Disney+, I bet NordVPN would work?--you are
| now a single data point: if you search for BBC blocked VPN
| on Google, however, you will see that it is an extremely
| common issue that the BBC blacklists VPNs from accessing
| their service.
|
| (FWIW, I could accept an argument that I am not "weighting"
| my certainly-informal statement well on actual usage
| figures: if NordVPN and ExpressVPN are even the only two
| VPNs that work well against the BBC, maybe they are alone a
| considerable percentage of the market. I am pushing back on
| the idea that "any" VPN would work, and so I am looking
| more at the idea of choosing a random brand, equally
| weighted.)
| Tenoke wrote:
| Actually, you are right. I just tried again and now only
| 1 of my ips works for BBC so they are clearly getting
| more aggressive (or my provider hasn't been changing them
| as often recently).
| greggman3 wrote:
| I wonder if this will continue with Apple (and my guess is
| other similarly sized tech companies) offering VPN. In other
| words, shutting out Apple's VPN might mean losing 5-10% of
| your market? Probably not but it will certainly be a new
| situation for so many non-tech people to have easy access to
| a VPN and Apple likely pushing it as "good for your privacy"
| judge2020 wrote:
| Apple's VPN explicitly maps users to an IP with a
| [relatively] close IP address[0] (as in, for IP geolocation
| purposes), and does minimal actual proxying:
|
| > In iOS 15 and macOS 12, Private Relay will apply to all
| web browsing in Safari, all DNS name resolution queries,
| and a small subset of traffic from apps.
|
| > Specifically, this will include all insecure HTTP
| traffic, such as TCP port 80.
|
| So I can see most services not needing to block iCloud
| Private Relay.
|
| 0: https://mask-api.icloud.com/egress-ip-ranges.csv
| azalemeth wrote:
| At some point, we're going to have more and more users
| behind NAT and IP address looks even worse as a device for
| banning someone. Them making impossible journeys and
| changing country every five minutes, however, provides more
| useful information.
| Pmop wrote:
| I use it mainly because my ISP does traffic shaping, videos and
| images load painfully slow on a full duplex half gigabit fiber
| connection. We do have a law that makes traffic shaping
| illegal, but it's not enforced, so the only way around it is to
| use a VPN.
| xvector wrote:
| It's for protection from ISPs.
| legrande wrote:
| > It's for protection from ISPs.
|
| Insofar as there are shitty ISPs that sell your data, yes.
| Most ISPs don't though. Also: I trust a VPN based in
| Gibraltar more than an ISP which is known to sell your data.
| MattGaiser wrote:
| In North America at least, your ISP will happily comply
| with copyright notices and threats of lawsuits and pass
| them along.
| api wrote:
| VPNs are cheap to run snake oil that you can sell to people who
| don't really understand security. Snake oil in general is a
| great business.
| michaelt wrote:
| VPNs, much like gas stations, are selling an almost
| indistinguishable product. Essentially every VPN is fast
| enough, and secure enough in its selection of software.
|
| The only differences are:
|
| * Undetectable things (they say they don't keep logs, but do
| they _really_ not keep logs?)
|
| * Price - which they don't want to compete on if they can avoid
| it
|
| * Reputation - which advertising can buy you a simulacrum of
|
| Some VPN companies have decided the way they're going to stand
| out in the sea of very similar looking options is by being the
| company whose name you recognise.
| brighton36 wrote:
| Great comment.
| Tenoke wrote:
| I've tried a few VPNs and they are pretty distinguishable.
| Some offer more countries, some higher speeds, some rotate
| IPs more often etc.
| this_user wrote:
| "Secure enough" depends on your threat model. Many VPNs were
| poorly configured in the past and were leaking information.
| Only a few (like IVPN) were doing a proper job and had that
| verified by a third-party audit.
|
| The next big question is jurisdiction. I would never trust a
| VPN that is based in the US, UK or a similar country where
| government access is virtually a given.
| tptacek wrote:
| You could remove the first two words of this headline
| ("Consolidation of") and end up with a headline that is as true,
| if not more true.
| ignoramous wrote:
| Windscribe themselves got pwned not long ago:
| https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-b...
| Ownership is just one part of the equation.
| fuj wrote:
| Meh looks like a cheap shot at the recent acquisition news.
| martinmunk wrote:
| Apart from legal protection, I've found that if you are behind a
| crappy ISP router, bundling a bunch of Torrent connections in one
| VPN connection can prevent the router from becoming unstable.
| math-dev wrote:
| Can someone explain how VPNs work / why they are cheap to run?
|
| If I download 1TB through my VPN, dont they have bandwidth costs
| for 1 TB as well?
| no_wizard wrote:
| As part of a software package I get 1Password, AdGuard, the
| AdGuard VPN and Malware Bytes, all for the same price as paying
| for 1Password yearly, so I got the bundle deal.
|
| I often wonder how good AdGuard really is, anyone know about
| this? I'm aware they use some kind of proprietary connection
| scream, but the actual VPN tunnel appears over IPSec, I think
| it's the negotiation that is for some reason non standard.
|
| Anyone know anything about this? I am only testing it out cause I
| get it in this package deal
| ignoramous wrote:
| AdGuard's VPN isn't IPSec? IIRC, to evade censorship, they
| tunnel through HTTP (or something that looks like HTTP):
| https://archive.is/HxZG5
| no_wizard wrote:
| Ah I may be confused as the client registers on my device as
| IPsec (in this case my iPhone)
| mmarq wrote:
| These so-called VPNs are only good to bypass Nexflix's regional
| filters, and shouldn't even be called VPNs. Nobody should assume
| these services can be used to improve security or privacy.
| dreyfan wrote:
| VPN companies make a lot of money selling your browsing activity
| to governments, fintech, and adtech.
| fuj wrote:
| Free or close to free VPNs? Maybe.
|
| Paid VPNs like Nord, Proton, Express. Seriously doubt it. Their
| estimated subscribed count * subscription cost is worth a lot
| more than selling data, specially considering it would kill
| their business the minute it came out.
| threecheese wrote:
| Do you have evidence of this?
| greyface- wrote:
| https://www.vice.com/en/article/jg84yy/data-brokers-
| netflow-... https://news.ycombinator.com/item?id=28300234
| sdrawkcabmai wrote:
| They do not keep logs on your browsing history but they do
| route it immediately to various parties paying for the live
| feeds. /sarcasm sort of
|
| I think those vpns are monetizing your traffic everyway they
| can and are often circumspect about it.
| monkeybutton wrote:
| The best way to find out would be to try and buy such data.
| TheSpiceIsLife wrote:
| What would that look like?
|
| Do you have evidence _some don't_?
| etaioinshrdlu wrote:
| Here is some:
| https://www.buzzfeednews.com/article/craigsilverman/vpn-
| and-...
| cortesoft wrote:
| "VPN companies are all scummy and make false promises in their
| advertising"
|
| "Anyway, here is an advertisement for our VPN company"
| Reubend wrote:
| That's not what the article is actually saying, and they make
| some good points in the article about how other VPNs have
| conflicts of interest. But you're right that this post
| basically amounts to content marketing rather than a real
| discussion of the complicated issues at play.
| t0bia_s wrote:
| VPN is just another "man in middle". If you need anonymity, use
| TOR.
| Andrew_nenakhov wrote:
| Yeah, many men in the middle is better than just one! /s
| novok wrote:
| This post finally inspired me to try out mullvad, and I wish I
| did sooner. It's actually really easy, and the way they set
| things up and writing about how they work is a breath of fresh
| air.
___________________________________________________________________
(page generated 2021-09-18 23:00 UTC)