This is a guest post by ro0ted, founder of the hacker crew of the same name. It is reposted with permission and slight editing for clarity from a Twitlonger of yesterday. We reprint this not in the expectation that you, gentle reader, will be able to perform the action recommended, but rather to alert you to the risks which are out there. We note with alarm the many spambots on Twitter screaming “safe VPN! no logs kept! totally #Anonymous” when it is clearly nothing of the kind.
A VPN or Virtual Private Network encrypts your data and obscures your IP address, so that when you browse the internet outside observers cannot determine what you are looking at/downloading, what you are inputting/uploading, or where you are located. For best protection, always use a VPN with TOR because either on their own is, you know, better than nothing, but when you go out you lock the deadbolt as well as the doorknob lock, don’t you? Use both. And make sure that you either build them yourself or you look into the companies that produce them. I remember well using a random passerby’s key to get into my Honda Civic, as that year they only produced five different door keys and several million Honda Civics.
There’s a Part II here.
Your VPN costs 7 bucks on average, maybe less. Which means the VPN provider isn’t about to lose his company over 7 bucks, which means your life as of the moment you bought it, is worth 7 bucks.
Now, on their website the policy will say whatever the customer would want it to say to make them decide buy it. That’s what they call “Fishing”: you are the fish, and you took the bait.
Now, [when you get arrested because they turned over their logs, etc] you can argue the policy says whatever it said to get you to buy it; it won’t matter, because the government isn’t after the provider (since they cooperated with the government). They want you. The provider is well aware of this situation, and believe or not they expected this to happen.
So they are going to say, “Fuck it, I lost 7 bucks? Who cares? All I care about is making money, which is why I sell VPNs.” And that’s why policies say “Policy may be subject to change at anytime”.
Now ask yourself is my online activity and the next 10-20 years behind bars worth 7 bucks?
I hate this subject but people ask me what I think about VPNS and it always come down to:
Make your own fucking VPN. Don’t trust ANYONE.