6

7 comments

[–] CDanger 1 points (+1|-0)

In my mind there are two types of VPN providers:

  • Those who are ideologically motivated to preserve privacy and will do anything and fight attempts of government surveillance and censorship (e.g. LavaBit)
  • Those who know there is a big market for those looking for privacy and see it as a good business opportunity to provide a VPN service; giving off the appearance of privacy while cooperating with governments instead of resisting when it could compromise their business is a good idea in their mind (e.g. HideMyAss).

The problem is you don't really know which of the two types of providers you're getting, and I think the second group is much larger than the first.

[–] jobes [OP] 2 points (+2|-0)

Definitely have to agree. I use ProtonVPN because I already pay for their premium email service, so bundling their VPN is like $2/month, so I figure why not. I trust them enough and they're outside of EU and US jurisdiction being in Switzerland

[–] CDanger 1 points (+1|-0)

Outside of US + EU + FiveEyes definitely sounds like a plus, and Proton certainly talks the talk about caring about privacy... but I forgot about one more possible motivation for running a VPN: the honeypot. I came across this about Proton some time back that makes me not trust them.

The company that ‘’officially’' operates ProtonVPN is ProtonVPN AG, a Switzerland based company[1]. However, the business is in reality operated by PROTONVPN LT, UAB a Lithuania based company, which has the same office address as Tesonet, UAB. Both company offices are located at: J. Jasinskio g. 16C, Vilnius 03163, Lithuania[2][3]. PROTONVPN LT, UAB is a separate company that ProtonMail outsources the protection of its users information to - ultimately run by Tesonet out of Lithuania[4]. Furthermore, Tesonet is operating a data mining operation out of Lithuania[5]. TesoNet also operates NordVPN[6], which claims to be based in Panama, not Lithuania[7]. This is specifically the type of situation that ProtonMail themselves say not to trust[8]. It’s appalling. In short NordVPN and ProtonVPN are operated by the same people/team/company. It's likely a joint venture between ProtonMail and Tesonet.

[1] https://protonvpn.com/about [2] https://rekvizitai.vz.lt/imone/protonvpn_lt/ [3] https://tesonet.com/contact-us/ [4]http://apkforandroid.org/com.protonvpn.android/34784450-prot... [5] http://oxylabs.io.cutestat.com/ [6] https://translate.google.com/translate?hl=en&sl=de&u=https:/... [7] https://trademarks.justia.com/871/90/nordvpn-87190896.html [8] https://protonmail.com/blog/trusted-vpn/

I fundamentally just can't trust any of these companies (also including DuckDuckGo) since there seems to be so much marketing and what feels to me like corporate astroturfing in online discussions about privacy products. These company names just always have to appear in every thread. I guess that is what a marketing budget and VC funding gets you and what a free open source project doesn't have.

[–] jobes [OP] 1 points (+1|-0)

True, it is a good point that you really can't trust any company that does get pretty quickly popular. Their default accounts are free, and you know what they say about free services online....you are the product in one way or another. Unless maybe they just do magically care. I generally don't use the VPN because I'm like ooooo I need to hide this shit, but more that I just don't want my ISP and work wifi to sniff everything I do

[–] CDanger 1 points (+1|-0)

Also worth reading the source of the quote about Proton's organization and the Proton response: it's full of lolz

[–] jobes [OP] 1 points (+1|-0)

We've unfortunately had to deal with a lot of this recently. The issue is that we have turned the VPN industry upside down by providing a free service, and that is likely hurting profit margins across the entire sector so everybody is trying to hit ProtonVPN now.

That's pretty gold lol