Home

Stop using VPNs for privacy.

So a lot of you probably already know about the whole nor DPN drama, but those of you unaware, basically, a very famous, very shield. Vpn service called Nord VPN got hacked somewhere in 2018. Basically, one of the servers got compromised and the attacker was able to get access to all the data that was going through the server for the whole month until North EPN discovered it and shut the whole thing down. Now I've been meaning to do this, video for a while now and the whole lore DPN situation was just an additional motivation sort of, and in this video I want to tell you that you probably shouldn't be using a VPN at all, while, with a few minor Exceptions, of course, let's get started, first of all, full disclosure, a lot of what I'm going to say in this video is based on this very good github, just like joepie 91, in which he described why one should be using VPN services, and I agree on a Lot of what he says, but I want to extend it and kind of elaborate on some points that I disagree on thing is a lot of.

Dbm providers employ so-called bait-and-switch tactics, which means they advertise one thing and at the end, you get something completely different that you didn't sign up, for they all have those flashy websites and advertisements where they promise you ultimate privacy and absolute protection from any kind of track. You know spying or what-have-you, whereas actually VPNs don't really protect your privacy or anything. The only thing a VPN server does is it takes all of your web traffic and it passes it through itself, so that your internet service provider or your employer doesn't see what websites exactly you visit. It only sees the VPN address and that's basically it your privacy is not going to be magically improved by just using the VPN, because you still use your real IP address to log into VPN service and even though pretty much every VPN service says that they don't Log your activities, they have a no lock policy and trusting those claims is the only thing can do really.

There'S no way to check whether your provider actual logs activities or not. There is no transparency about it ever besides, if you're using VPN service to connect to your online accounts such as Twitter, Facebook or Instagram, it becomes really easy to trace your identity to VPN service and it kind of defeats the purpose of using VPN for privacy to Be honest, so the only thing you're accomplishing by using VPN service is hiding your web activity from one untrustworthy party, that is your internet service provider and showing it to another one, possibly even more untrustworthy. Moreover, if a VPN service that you using is based in US, is obliged by law, to provide any kind of user data that it has, including your data also and in a lot of cases.

Those requests are also accompanied by a so-called gag order, which means that the company is obliged to submit any kind of user information that it has, and it's also obliged to keep silent about it. Some VPN providers can also potentially work as a honeypot. They basically operate on an assumption that, if you're using APN, you probably have something to hide. Are you doing something? Not legal means sure you might be just a law-abiding privacy, conscious citizen, but you also might be a script kitty or a drug dealer or an activist and journalists. This also gives EPN services an additional incentive to keep the data to lock the data, because who knows? Maybe there's going to be something interesting in there that they could use against you even also.

There are some drawbacks to using VPN services that are not directly related to privacy, but are pretty inconvenient regardless. Every VPN service has a limited range of IP addresses, so in some cases, especially if you use a very well-known VPN service, your internet service provider and the websites that you're visiting will know that you use a certain VPN which might draw attention to you. Some websites go as far as blocking all of the known VPN IP ranges, which means you probably get used to this kind of messages, because you'll be seeing them a lot. This point a lot of you, especially those who are more well-versed and the privacy stuff might say well, okay, sure VPN services are bad, everyone knows about it, but what about self hosting a VPN on a cheap virtual private server?

That could be better right. If you have some basic knowledge of the linux shell and thirty minutes of free time, you can basically set up a fully working VPN server for just a fraction of costs of those VPN services and at the first glance this option sounds great. But there's a catch and the catch is called openvz. Openvz is a virtualization technology that basically 99.9 % of cheap BPS providers use now the thing about open museu, it's a container based virtualization technology, which means all the VMS on a host share the same kernel and currently the majority of cheap VPS providers use openvz version 6, which ships Linux kernel version 2.6 point 32. A big portion of newer software doesn't even support kernels that are that old.

You want to run docker or maybe you want to set up a wire guard VPN. No, you can't - and I didn't even get to the best part due to the container based nature of openvz. Your VPS provider can basically snoop on everything you're doing in your virtual machine. That'S right! Your provider can basically see your process in real time. Has full access to your storage? It is absolutely impossible to encrypt your hard drive when you're running a openvz based virtual machine, so everything you're doing in your virtual machine is basically an open-book for a provider with other virtualization technologies such as KVM and Zen. It is still possible to snoop on you in seventies, but it usually involves dumping the RAM of your virtual machine, which is much more difficult and time consuming so yeah, basically stay away from open, musi based VPS and pick something that has KVM or zem based virtualization.

However, you might notice that open musi based Virtual Private servers are much cheaper than KVM or Xen based ones. Reason. Over-Provisioning openvz allows a virtual machine to borrow resources from another virtual machine that is currently not using any resources. As a result, a lot of VPS providers sell more virtual machines that they can afford resource wise. Some VPS providers will actually go as far as suspending or terminating your virtual machine if you've been using it to its full potential, stating that you've been overusing their resources. It actually happened to me once so so, if you're going to host your own DPN, for which there are valid reasons, I'm going to talk about them at the end of this video be sure to pick a KVM or a Zen based one, don't cheap out do Keep in mind, though, that a lot of what I've said about VPN services actually holds true for self hosted VPNs.

You still need to make sure that your VPS provider is not based in the country where it can be forced to give out all the data, and you still need to take systematic measures to improve your privacy. And even if you host your own VPN on trustworthy VPS, where you encrypt your hard drive and you and you don't keep any logs, VPNs are still not a silver bullet that will make you magically invincible to all the spyware and all the tracking and invisible to Cia FBI and we'll have you now? Are there valid reasons to use a VPN? Of course? Of course, there are here's some valid cases for using a VPN you're on an open network, for example Airport or cafe, Wi-Fi you're at work or university, and you want to hide your browsing history from your employer or your university.

You want to circumvent censorship and access content that is blocked by your ISP or in your country. And, finally, you want to torrent Linux iOS in a country that is known to be very hostile and very strict about piracy. So, that's basically all one to say: Oh almost forgot to mention our today sponsor you. I want to say a huge thanks to my patrons Mitchell villains. You know Christopher rate area, newer, gamer and everyone else supports this channel. Thank you for watching and I'll see you soon. Bye,