Every single time I start researching VPN services I end up more confused and with more questions than before because basically every vouched service has the same amount of negative comments too. Like feels like the whole sector is a honeypot (lol) of shady stuff and also they figthing against each other (or not?). So I just wait until when turns out Mullvad is also one of the bad guys.
Is it to avoid your ISP collecting browsing data off you and selling it?
Perhaps using 8.8.8.8 or 1.1.1.1 as your DNS might be good enough.
Is it to watch geo region blocked videos?
Then pretty much any service will work for you. Except that video streaming sites have caught on and blocked hosting provider IP blocks.
So that might require you to shop around.
Do you want the most privacy or want to get around blocking?
Then get a VM from a provider and configure a VPN to it.
Wireguard works fine.
>Want to do something illegal? Don't expect a VPN to save you.
I'm not condoning piracy, but VPNs are generally a foolproof way to avoid DMCA letters from your ISP. Privacy means something different to every individual, everyone's threat model is different. And many models can benefit from a VPN; journalists, activists, and many others might find benefit from using a VPN.
Yeah, I think "VPNs won't protect you from the law" is far too broad a brush to paint with. There's no credible evidence that these services won't prevent a court or regular law enforcement from tracing an IP to a name without some specific arrangement to unmask you beforehand (there's a specific case where Private Internet Access replied to a subpoena saying they had nothing to provide), so people worried about that might benefit from a VPN, but of course it does nothing for the rest of the threat model. Torrents are pretty much the perfect crime in that it's a simple exchange of bits between parties that have nothing to do with each other, most other types of illegal activity involve myriad other ways to get caught that have nothing to do with a VPN. People who rely on VPNs alone to protect them from getting prosecuted for things like hacking and people who say VPNs are useless are wrong in exactly the same way: they don't have a complete/realistic threat model.
I used to work at an ISP, and once a month I would stuff envelopes with DMCA letters. I can assure you, that the only thing your ISP is doing with this letters is laughing at whatever porn you downloaded. They're just a scare tactic, and if you get one, you can almost certainly ignore it.
Didn't Cox recently lose a big lawsuit for not actually doing anything to punish repeat DMCA offenders? I'd be cautious about assuming those letters are still harmless today.
If you're going to do that kind of stuff, make sure the provider is based in another country. That gives you a pretty strong layer of protection against these kinds of things. Of course, nothing is entirely foolproof...
I moved to Germany and apparently they're still very much a thing here. Torrenting popular shows sans VPN is -- at least according to Germans on reddit -- an easy way to get sued, and forced to pay hundreds of euros.
Obviously, I have no interest in testing this out myself, so I take their word for it.
I got C&D from Daedalic Entertainment. They demanded 1.1k or something along the lines. I was on welfare at the time, so a lawyer was not within my means,so I objected. I'm not sure what happened next because I probably didn't open the letter from the court (getting a manila envelope is fucking scary in addition to the stress of already being broke) but they seemed to have got a verdict against me and suddenly I owed over 2k.
That being said I got a few letters from lawyers and replied with a legal note promising not to do it again (with any clause concerning automatic fines removed) and beat them by simply ignoring their demands afterwards. So it's entirely possible that I simply fucked myself with Daedalic by not opening their first letter and replying with a note.
I haven't pirated in years but have gotten a VPN and will start back up because the fragmentation in the streaming space pisses me off too much especially since there's stuff I can't legally get here.
Rather, it is used for accessing content that you can't pay for, given that Amazon Prime, Disney+, HBO Go, and I'm sure many more are (or were in the past) simply not supported on linux devices.
And, "Plenty to do in life" is a value judgment, and isn't relevant to this discussion.
Maybe in the US. Definitely not in ex-USSR. I don't know of any single person who's paying for anything other than Steam games (and that's only because they have prices adjusted to our ridiculous wages.)
I got one about a month ago (United States, the smallest of the three ISPs available in my area). My ISP had a screwy way of injecting the complaint, which I almost missed. I had to call them and actually request the complaint be sent by mail so I could see the details, which I don't understand why they didn't do in the first place... They actually served it to a guest in my house, who thankfully told me about it, so I could investigate.
i just never wanted my job to hire some dumb IT consulting firm to do some cross between IPs on a swam and IPs VPNing in as a "threat analysis" and my dumb name getting dragged into an office. I know it's far fetched, but $40 a year of PIA keeps my mind at ease.
if you work from home and your company provided computer do not talk exclusively to a VPN tunnel into their network, I doubt they will pay a threat analysis.
Not related to this thread: Do you have any way to communicate with actual humans inside of Google who can do anything? There are demonstrable issues with 8.8.8.8, yet I cannot get anything but the occasional form response from every address I've tried.
Complaining about a reproducible issue on a public forum works. Even if you don't get direct feedback, there's a good chance it will get quickly forwarded to an teams' internal mailing list.
A lot of google engineers read hacker news comments, reddit threads, etc. all the time, and generally try and route good feedback where it belongs.
The best argument I've heard about DoH (at least Firefox's forced implementation) is that it turns a distributed collection problem for the bad guys with guns into one-stop shopping for the bad guys with guns.
Maybe, but most ISPs are lazy/cheap and can't do a full-take packet capture of all customers data at the same time. The ones that I have seen usually have a custom or logging DNS server that associates each domain request with a customer account. So yes, in many cases, changing your DNS server is enough to avoid the larger DNS sniffing operations. You should also use an IP check query to make sure that you are really using the DNS server you think, and that you're not being DNATed back to your ISP's DNS server.
DNS is super trivial to redirect. I've been on ISPs that redirect _all_ DNS traffic to their servers regardless of where it was sent. The best solution here is to switch to DoH. Of course then your DoH provider gets to log all of that sweet info instead.
I have my own unbound running on a VPS. My network intercepts all port 53 traffic, filters out ad servers, and then forwards over wireguard to my VPS. I should probably enable DoH as well. I'm feeling kind of lazy about it though.
I think ceasing to use your ISP provider's unencrypted DNS services will already bring quite some boost in privacy for the average internet user. That's why I recently switched to using DNSCrypt (https://github.com/DNSCrypt/dnscrypt-proxy) with one of the public providers listed here: https://dnscrypt.info/public-servers (pick one run by some university or internet activism organization).
This time when I changed internet service providers from Cox to AT&t fiber, I was shocked to find that I could not change my DNS to point to the OpenDNS servers!
Just FYI just setting your DNS to 8.8.8.8 or 1.1.1.1 may not do that much. Not only is DNS in plaintext, but some ISPs simply redirect all port 53 DNS requests to their own DNS.
If you want privacy with your DNS, you should setup DoH using dnscrypt-proxy or perhaps DNS over TLS.
Personally, I think a better strategy with this whole vpn aspect is to just setup a vpn with pis in various countries + pihole. At least that way I know what the setup is happening in each locations and what expectations of privacy I can expect.
Unless you are using a VPN/Wireguard/Proxy your ISP can simply look at the source address on the IP packets and do a reverse IP lookup to find out what site you are accessing. Doesn't matter if you are using DoH, DNS over TLS, DNSCRYPT, etc....
At a conference I was talking to one of the OpenDNS engineers on the DoH project and when I asked "so how does DoH help snooping if people can just look at IP headers?" they conceded that it really doesn't help if someone is determined to snoop.
Additional use case: you want to self host at home ? A VPN will give you a public, stable IP address without having to fiddle with your router and opening ports and NAT-punching and friends
As long as you don’t use encrypted DNS (e.g. DoH) it doesn’t matter which DNS server you use - the ISP sees your requests and the replies, and the sees you accessing the returned IP within 10 seconds.
Also, unless it’s behind Cloudflare. Most nontrivial sites today have a unique IP so even with DoH there’s a good probability any specific site will be identified.
If you want your ISP to stay ignorant of where you surf, you MUsT have a VPN.
Though the last option doesn't give you anonymity. It just gives you privacy from your ISP. Any services you connect to can tie you to the IP of your VM. Sometimes the shared IP of a VPN provider might be desirable.
VPN’s just mean you’re trusting someone else than your ISP. Instead of your ISP seeing you go to site.com, now your ISP sees you connecting to a VPN and the VPN sees you connecting to site.com.
For this reason I am highly suspicious of any VPN service that markets itself as some “magical privacy wormhole”, which is 99% of VPN providers.
Honest ones I know of are Encrypt.me and Mullvad, who both tell you they should be mainly used to secure yourself on open WiFi and to circumvent geo blocks.
If you want a private internet connection, use TOR.
I regularly think that claims of astroturfing are overblown, but it is common in the "privacy" focused industry to FUD competitors to gain market share.
I'm immediately reminded of some shady search engine CEO going on OAN and other fringe shows posing as a security researcher to spread FUD about DDG to drive traffic to his site (can't find the link for it now.) That OAN video even went around the security industry (among compliance and less technical folk) who were persuaded DDG was now worse than Google for consumer privacy.
Some reasons you might get some negative vibes from looking into consumer VPN services:
* Some consumer VPN services have been found to be doing sketchy things. And you can imagine the business is attractive to people intending to do sketchy things, since it's a powerful/lucrative position to be in right now. (In addition to the business possibly being attractive to people just wanting to provide a useful and honest service for a fair price.)
* There seem to have long been referral kickbacks by some consumer VPN services, which I assume is the cause of some of the huge amounts of noise on the Web and such about them (e.g., search hits on some non-VPN topics, such as some home theatre search terms, overwhelmed by SEO articles, the purpose of which is to then herd the reader towards particular VPN services with a kickback). Even some endorsements by organizations might essentially be more about revenue than about merits.
* I speculate that it doesn't help if one of the main historical uses of consumer VPNs has been for activity that would be considered copyright-violating in the US (e.g., unauthorized trading of video files, or circumventing region restrictions). Without making any moral judgments, I think it's fair to say that constitutes "conscious rule-breaking" for some, so I wouldn't be surprised if there's an disproportionate culture of rule-breaking around the whole space.
The hypothetical culture of rule-breaking might not be convinced by a culture of rule-breaking surveillance. Seriously, I think government has gone to far with surveillance and that just means that I want to minimize my data collection on a domestic level.
I was not the original person that replied to you. I was just providing with you with information on the incident they were referring to. Proton denied the claim but it is up to you whether you believe them or not.
I don't think NordVPN is sketchy, even with their latest hic-ups. They are however located in Panama as far as I know, which probably gives the US access for "drug trafficing".
ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization [1]. Yes open source != safe; however this level of transparency is at least a step in the right direction.
They also have regularly been audited by independent organizations that are openly available for the public to see their compliance [2][3][4][5][6].
Do you have any evidence to suggest that they are honeypots?
Every time the VPN service industry is discussed on HN there is a barrage of comments that use keywords like “honeypot”, “snake oil”, and “shady”. I’m not denying that the industry has problems, but in this thread I’d like to focus on how we can improve it.
Please tell me - What makes a VPN provider trustworthy, and how do you _know_?
Personally I believe a trustworthy provider is _characterized_ by consistent actions that show transparency, honesty, and conscientiousness. Nevertheless, such consistent action doesn’t actually prove trustworthiness.
A good VPN honeypot, or reseller of your network traffic, is publicly indistinguishable from a trustworthy one. So what can the users do? What tools, technology, process, or ecosystem do they need to tell honest and dishonest apart? What do we need to build?
We all recognize that VPN providers are in a great position of power over their users. How do we tilt the scales in the users’ favor? What are _strong_ signals of trustworthiness?
Thank you for being here and starting this conversation.
I've joined several popular VPN services this year in my work on VPN Wire, and Mullvad's signup flow was by far the most enjoyable. Not only because there's no email required (a little disorienting, but very refreshing), but also because, unlike the experience on many of your competitors' sites, I didn't feel pressured to buy/commit every step of the way. User-friendly site design, in other words, is a positive signal.
I personally regard audits and pentests as strong positive signals. For example, PwC's audit of NordVPN's no logs policy was a positive for me. As someone in the industry, I'm curious if you feel the same.
Open source software and public APIs are very nice to see.
> What tools, technology, process, or ecosystem do they need to tell honest and dishonest apart?
Other than audits, I don't have a good answer to this one. I would love to hear some technical solutions, and hope other people reply!
And as an aside, kudos on running a very speedy network :) https://vpnwire.co
Sorry to go on a tangent (I believe it is word of mouth and actions of the company like you say):
What is the deal with Mullvad and Firefox? Are they completely using your services but with their name on it? Would you rather a client directly or through Firefox (bit cheaper now in $ )?
To quote https://fpn.firefox.com/vpn - “The VPN is built by Firefox and runs on a global network of servers powered by our partner Mullvad using the WireGuard® protocol.“
Regarding using us directly or through Mozilla, I think both are good options. If you pay directly to us we will put your money to good use. Same goes for Mozilla. And they are not mutually exclusive. You could also sign up directly with us AND set up a monthly donation to Mozilla for Firefox development :)
I'll give my opinion on this based on the two VPNs I've used: TunnelBear and Private Internet Access. Yes... LTT pointed me to them.
Reason for TunnelBear: independent audit. They had had an audit that went through their system and, at least how I understood it, confirmed what they had said they were doing.
Reason for PIA: they had a history of being questioned by authorities and providing nothing - because they had nothing.
The latter is why I continue to trust Apple more than Google, too.
Although paying for an audit could be interpreted as conflict of interest on the auditing side.
Perhaps the users should pay for an audit as in "Check this one for us!"
Question is, how that could be organized. I guess the user community would have to unite for it andthe VPN provider would need to declare ahead of time, that they are fine with being audited by an independent party, paid by the customers.
Reputable auditors care more about maintaining their reputation that pleasing a small client. Obviously nobody would trust an audit by the owner's cousin, but an established cybersecurity firm should be fine regardless of how it is funded.
Come on Mozilla, hurry up! I want to give you money for goods and services (I also donate monthly [1]), but I'm not that interested in a VPN (I can and do also pay Mullvad).
Give me that real internet stuff - email, calendar, file sync, chat(?) - give me Firefox Premium. Bundle in the Lockwise password manager. I'd pay good money to see a company fill the void of paid, privacy first essential internet services and I think Mozilla is one of the foremost existing players to pull it off. They've started talking about Firefox Premium a while ago now [2] and it's obviously not easy to build all of this in a lean way, but I'll happily pitch in. If only to help make Firefox development less dependant on Google or Yahoo.
Only Mozilla can make me pay for Google services like Email/Calendar etc. I think I subconsciously trust the brand more than most internet companies out there.
How about FastMail? They have a stellar email service. They also offer contacts and calendars, though I don't personally use those (I use iCloud for that).
I’ve used Fastmail for years now on a work account. It’s best feature is that it’s not Google.
First, no phone support. Hardly acceptable when even Google has this.
Second, no collaboration suite like Drive/Docs.
Third, no addons I’m accustomed to having in my daily driver email suite. Things I miss include schedule to send later, default reply all, and no priority inbox.
Im stuck using Google for email and maps. I hate google and want to get off them entirely but Gsuite with 1Tb of disk space for my single user personal domain is so powerful and so cheap it’s impossible for me to switch without giving up too much.
Google maps I think has some real competition at least. I’m hopeful Apple Maps gets continued improvements so it can get the job done well enough I can drop Google maps this year.
I feel a bit different: Email is a standard. You are talking about an app. Send later is the job of the application,not the standard. Same with reply all. Intelligent priority inbox is _hard_ but i. Principle the same.
When you use gmail you conflate the standard with the app.
I largely agree with this, except that "Send Later" really does want some form of server support so it will happen even if you quit the app (especially on mobile). That said, there are third-party apps that do this, such as Spark (though they require storing your credentials on their servers).
Priority inbox is also something that can be done client-side. FWIW FastMail does actually have internal flags for "$ismailinglist" and "$isnotification" that you can access via advanced search, but they don't have any intelligent customization of these flags, no way to tell FastMail "hey this email was categorized wrong". You can write a Sieve script that adds/removes the flags yourself but that only works for stuff you can detect in a sieve script, i.e. no ML. Still, it's better than nothing when using the web app.
The point of these discussions is that the standard (IMAP specifically) is inadequate to a lot of modern use.
One good thing that Fastmail is doing is promoting a REST-like IMAP alternative ( https://jmap.io/ ) that makes it easier[1] to go back to the distinction application/protocol.
[1] by this I mean that implementing an app like gmail over IMAP would be a terrible idea, while JMAP would be at least a bit better (it also adds browser support as it allows HTTP as transport layer)
What, exactly, do you feel is deficient about IMAP vs. JMAP, other than the latter being a protocol that doesn't require a bespoke parser? The only thing even remotely semi-annoying about IMAP that I can think of is the way message identifiers are per-connection (but in some very important way that actually makes sense).
The only thing I know about IMAP are from JMAP, so I cannot say what is lacking in IMAP per se.
As far as I know a couple things that are pain points for me when using thunderbird/other IMAP clients (weird search limitations, strict folder hierarchy organization) are due to how IMAP was designed, but these are mostly minor issues that I imagine would not require a new protocol.
What I hope the advantage of JMAP will be is that it will provide a more flexible foundation for gmail-like interfaces on an open protocol.
At least all IMAP clients I have used have always felt... clunky and counter intuitive (I started using email with gmail, so maybe I just never learned the skills) even if IMAP already had all the good things JMAP claim, I think that the different focus on message and less historical baggage have a good change of producing designs that will feel more natural to me.
That "stateless" paragraph in that article is explicitly referring to the per-connection message identifiers I was referring to; but that state burden is mostly carried by the server (which is put in the awkward position of dealing with separate clients with individual state sharing a mailbox) not the client (which by definition has a unique state anyway), which the article even admits.
I will argue that if you use the right data structures--not that anyone does--it really isn't that hard to make that work on the server, and the benefits to the client are actually enormous... particularly on mobile!
The way IMAP handles message identifiers allows for the client to pretend to manage a ridiculously large list of messages without storing any state locally that isn't visible on the screen (like it is _so good at this_ as Mark Crispin seriously intended the original IMAP protocol to be used by thin clients for mail: synchronizing mail over IMAP was never the intended usage model), as the entire problem of managing that consistent view has been pushed to the server (where it is solvable, just no one cares enough to even do a basic implementation correct much less a good one as everyone misunderstands and detests IMAP).
FWIW, the argument for how JMAP supports update batching over push notification channels is in fact interesting for mobile clients :(. That is so totally the fault of the mobile networks and OS people, though :(. The correct solution for that is to provide a flow control layer for wireless IP, at which point every app could be doing its own end-to-end encrypted push notification stuff without having to go through Apple/Google, but the incentive structure to centralize notifications through a middleman was just too great :/.
> push notification... That is so totally the fault of the mobile networks and OS people
The issue for mobile is that unrestricted push notifications are a serious battery drain. I think that JMAP makes the correct choice here, a push notification is just an external action/url, how the notification is delivered to the human is left out of the protocol. I would say that it allows for both openness and centralization without a bias for one or the other.
Yes, I both understood that, acknowledged it, and then not only noted that a better solution was available but actually sketched how that better solution would work ;P. Given the poor incentives on the platform players here, I will thereby repeat the part where I understand and acknowledge the issue, but am going to then once again note how sad I am that we are in a world that didn't just solve this issue in an egalitarian way that doesn't require middle-man (using a flow control layer for wireless IP, rather than simulating that using an oligopoly of middle boxes).
oh, the reason for my answer is that I implicitly assumed that something like `a flow control layer for wireless IP` capable of solving the problem could not exist. Or better I cannot even imagine how it could work.
My understanding is that a important property is that the device does not receive network packets that are not "replies". So that it has control on when it is fine to power down the network (in a very gross simplification)
So maybe something like what you are describing would be a protocol where the client can say "pin me back with this for this category of events but no sooner than X minutes", but at a network level, like a tagged TCP sleep function.
I never thought of this possibility. In the form I have imagined it it is technically inferior, but it would be an interesting approach to decentralization and surely could be improved.
I’ve never been able to search my entire mail archive quickly over IMAP, using Gmail or Fastmail. Mobile IMAP clients seem especially slow and inconsistent.
IMAP exposes a pretty comprehensive server-side query system. If your email is being synced locally then you aren't dealing with an IMAP limitation, as it isn't even using IMAP. If it is searching remotely, wither the email isn't being indexed for those searches or the client is doing some ridiculously poor search strategy. Like, if you actually look at the mechanism IMPA exposes for this, it is pretty powerful. (The only real limitation is that the original SEARCH mechanism is per-"mailbox", but this was fixed a long time ago with the SEARCHM extension. But arguably the correct way to map Gmail to IMAP is to put all your email in one "mailbox" and use IMAP "flags" as labels anyway.)
So I’m told, and yet searching my mail from the iOS mail app over IMAP is slow and unreliable, so I use the Fastmail app, even though it is slower to launch. Have you found a mobile IMAP client that works? notmuch [1] looks like it would solve my problems on the desktop, but searching from mobile devices is important to me.
I've gotten better email support from fastmail than phone support from G Suite. It's not much use getting on the phone with people who can't solve any problems. Especially since you can't get on the phone with them unless you can login to see the code, and chances are auth issues are about the only actionable thing they'll actually help you with.
Do people use phone support? I've never used it for anything in my life. If I was unable to make something work without phone support I would just switch to another service.
I once got on to Microsoft for some phone support, After asking me lots of questions about myself which were necessary before they could answer the specific question I'd already asked, the person on the other end finished up by saying that this was a question I needed to put instead to the vendor who had sold me the product. I can't remember if they asked if there was anything else they could help me with today.
Microsoft Support can be quite good depending upon the product you need help with.
I’ve called them for help with a Office 365 issue and they were very helpful.
I’ve called them once for an Xbox issue (I wanted to buy an Xbox 360 game and it wasn’t letting me) and the rep didn’t really have a clue. I ended up finding the answer after searching a few Xbox forums.
Oddly enough though, even the enterprise product support can be very bad. I've had dealings with Microsoft over issues related to Azure while under EA, and they still took weeks to even look at the issue, which turned out to be a problem on their end.
When it comes to big-brand software and services, it can really pay off to buy via a good reseller or consultancy, who often offer much better support than the company that actually makes the product. Of course, that's not actionable advice when we're discussing which mail provider is best for personal use. (Although I suggest the answer is still "not O365".)
You can and it is good. Had to a couple of times the last couple of years and every single time the support was stellar. Not just did the first person on the phone know what s/he was doing, they went to lengths to verify my credentials, which is a bit of a hassle but I appreciate it since it makes me feel my accounts are "save".
Yes, I do several times a month on behalf of my clients. You can call them, chat with them, they call you back. They aren't perfect, but far from "you're on your own".
How often are you calling support? The only time I've needed them was when I was locked out of the admin account, and there was no way to reach a human.
Indeed. I've been using FastMail for email (only) for a couple of years at this point, and I've literally never had to contact their support.
It just works.
(I'd actually be more worried about the AU legislation about permissible snooping, but... and I can't believe I'm saying this... It works well enough that I don't care. Most providers have learned to not send actual sensitive info by email.)
I am happy with Fastmail too. Use it for more than 3 years and never look back. There is a hype about Hey mail recently but I won't buy it:
- It is more expensive than my current plan with Fastmail. Hey mail is 99$/year.
- As all of my current emails and contacts are in fastmail, I am not likely to switch to another providers. Also, because I am happy user, I don't see the need to switch.
I used to love google inbox but switched to fastmail when google killed Inbox and it was easy to choose between old gmail and fastmail. Hey might address why I loved about Inbox. However, it’s clearly designed with companies in mind. The $100/yr is steep for a personal email service. Plus, they don’t have custom domains yet.
I used to run my own mail server and it's not actually fun. If you run everything on the cheapest VPS possible then you still end up paying about $50 or thereabouts. So they're in the right ballpark. I'm happy to pay them extra so I don't have to worry about email server maintenance.
Replacing the data hungry black box of Maps with the closed ecosystem of Apple via Apple Maps isn't a win in my book :(. Still, may be better than no change. I just happen to be intentionally outside of Apple's all-or-nothing ecosystem so it isn't an option for me. Who makes a system like that, are they trying to dominate the world??? If they succeed in their business model, they will probably be more dangerous than Google - a ticking time bomb waiting for shareholder or executive level change toward nafariousness with gargantuan incentive begging for corruption. We already see the dangers based on how they operate the App Store.
There are three things that are hard to leave Google for:
1. My email address, I've had my firstname.lastname@gmail.com from almost the beginning of Gmail.
2. $99 a year for 2TB of storage that is shared across my email, images and Google Drive
3. Google One, I can share that storage with my wife and kids and also monitor my kids accounts.
I hate myself a little for tying my kids into Google with their own Gmail addresses but the process is too easy to ignore, I don't have time to cobble together a mishmash of services. One part of me thinks Google needs to be broken up, the other thinks it will be a pain in the ass.
I’ve been a happy Fastmail user for years, but in a recent thread Announcing Hey, it was alleged that fastmail will recycle your email address after you stop paying them, and that it’s a common attack to try to register old fastmail addresses and try to use them to access services.
This contrasts with Hey which will forward your old hey.com address to another address after you stop paying, and not make it available to future customers.
That's a good point. I don't suppose there a way of leaving Gmail and bringing your @gmail.com address with you, is there. That was one of the changes that was forced on phone companies years ago to make it easier to move provider.
No, but Google will happily run your gmail address forwarding to your real address. I've been on fastmail for many years now, but I still get the occasional gmail addressed email in my fastmail inbox.
I also use a lot of the other fastmail features, like mail aliases, DNS, and file storage and web site serving. I'm very happy to pay the money.
I'd like to echo similar feedback. After I dropped gmail and went to fastmail i noticed it to be MUCH faster. gmail is my primary personal account. I really appreciated taking control of e-mail again.
i'm happily paying for e-mail and tend to think putting money down ensures I keep myself honest and maintain a workflow. Now I only save e-mails that are important to me, instead of archiving everything.
One of the nicest things about Gmail is to send myself an email with info or an attachment that I can't think of anywhere logical to put it so I'll find it again. Their search makes it the best filing system, a no-file filing system.
Having recently moved my personal domains to FastMail, I'm a big fan. It's solid, reliable, and reasonably priced. I would have happily paid for Mozilla/Thunderbird mail hosting had that been available.
Fastmail's domain feature is the killer app for me. I have my @firstandlast.com secured for $7/year or something, and I can make anything@firstandlast.com and if someone starts spamming me I can just block it.
One thing I'd recommend is making throwaway email addresses using one the domains they own (I think have around a 100). That way, if a spammer gets its, they won't know your domain, and try spamming other username at the domain.
Spammers are going to find your domain name and spam it at obvious usernames anyway (eg contact@).
Besides what use-case do people have for throwaway addresses? In my experience in most cases the addresses you use aren't throwaway at all.
Fastmail does subdomain aliasing and I've been using that for years with my own domain without issues. Every subscription I have has its own email address. I don't need someone else's domains for that.
I guess "throwaway" is the wrong word. In my case, I created a few emails under Fastmail's domains and then used them to sign up for things like reddit, newsletters etc, where I don't need to tie it to my identity.
I don't think it's a given that spammers will find your domain, if you only provide your email to real people, and give generated emails to online services.
If you're going to host anything on that domain, then it will be collected in domain lists. I got rid of my contact@ email address because of that.
Email addresses that I use now look like this: reddit@subdomain.domain.com
If this leaks, I can track the source and I can bounce messages for this address.
While what you're saying is possible, a spammer needs to target you personally and that's not cost effective. It's not easy for them to try every possible English name at that address, because then they quickly get blacklisted.
Spammers collect addresses via scripts that crawl the web or via data leaks. It's more cost effective for them to get addresses that have been validated. All the spam I get are on these aliased addresses, biggest problem being the one I publish on my website, which I change periodically.
---
I like using my own domain even for aliased addresses because I can change service providers on a whim. I love Fastmail, but if they ever piss me off, I can change to Google Suite or whatever over night, the only thing required is some flexibility in setting up aliases.
I could probably find an address you don't want to just block once I know your firstandlast.com domain. Why not use @fastmail.com (or any of Fastmail's other domains) for throwaway aliases?
I don’t doubt that you could, but in my experience spammers are invested enough in a single individual to get clever. We’ll see. I enjoy having a predictably unique login for each site {site@firstandlast.com}.
I'm also a very happy fastmail user. I don't use the calendar or contacts feature either. But I use the webapp a lot on mobile and it's quite good. I don't even need to download the native app for my phone.
Very happy Fastmail user. Not so happy that so many different services don't interoperate with it. Things like Calendly or many standalone Calendar apps.
Seems like it is Apple, Google, Outlook or nothing.
Gmail is under US jurisdiction though which provides far more protections depending on circumstance.
I wouldn't consider them equivalent. Australian laws are some of the most intrusive on the planet and are shared amongst the 5/14 eyes without a warrant.
2) Sync all mail from GMail account to Fastmail (via the Fastmail web UI; you grant FM access to your GMail data through OAuth - once sync is complete you can revoke this access).
3) Set up an auto-forward rule in GMail for all incoming mail to go to your Fastmail address.
4) Set up a rule in Fastmail to put all incoming mail sent to your GMail address into a separate folder (or labeled with a special label if you're signed up for Fastmail's label beta). Any time you get email in that folder, that's a task for you to either unsubscribe or update the corresponding account to your new email address.
I'm currently in month #10 of migration. Most commonly used accounts were updated during the first couple of weeks. But be careful that the tail of services that are still configured to use your old email address tends to be long, and in my experience those are some of the more important emails that you don't want to miss. The ones that are only sent once every couple years.
Also, it really helps if you've been using GMail with a personal domain name (e.g. through Google Apps). In this case migrating is a matter of pointing the MX DNS records to Fastmail's servers. Bonus points: Fastmail allows wildcard recipients, so if you prefer to have unique addresses for each service you sign up for, you don't even need to set up a separate xyz@example.com alias. Just register with <whatever>@example.com and you'll get all email delivered to that address in your inbox, and you'll be able to specify it as the sender's address if you decide to reply to some of those mails. Having a separate email address for each web service also makes looking up who leaked what on haveibeenpwned.com more fun.
0) Get your own domain and set up MX record to fastmail servers
This way if you ever migrate again, you will not need to do it all over again. One word of advice - keep your registrar login and emails associated with the domains _not_ on your domain, otherwise it is going to present a problem should you ever need to fix anything related to domains.
That is a great advice. One of the registrars has been sending verification messages for one of my oldest domains to the mail account that I do not use anymore and one day they stopped serving DNS for it. I had an access to the old mail account still but if I had not, that would have been an arduous process indeed!
OK, I think the other reply missed your question (if I am reading this correctly).
Basically, if you register your domain through namecheap, then after setting up email at *@ximeng.net, don't update your email address to be namecheap@ximeng.net when changing the rest of your accounts. Reason being, if for some reason there is a problem with the domain, you don't want your only means of fixing that problem to potentially be invalid.
Therefore it wouldn't be a bad idea to keep the account associated with your registrar still on the original Gmail address (or if you are really paranoid, create a new email address through someone like protonmail just for your registrar account).
Right, that is what I meant - you’re then pushing the risk to the management of that secondary protonmail or gmail account. So you basically always rely on a third party to manage the registrar account.
Oh I see. I agree that it is a risk, so - in the vein of another advice in this thread - if you have a co cern about third party email provider, update your domain records to another provider.
I have to manage a domain and have a basic understanding of how DNS works, that is unavoidable.
DNS is a bit complicated to describe in short reply but on a very high level: say I register a domain example.com. Registrars usually give you an interface to manage DNS where you can set A records (association with IP), you basically put there 2-5 IP addresses of the DNS servers serving your domain. You can also setup MX records that are used to resolve mail servers for your domain. Setting up fastmail is simple: you tell them that you want them to serve mail for example.com and setup couple of MX records pointing to the Fastmail servers (they give you the full host names).
I set up my own domain, and forwarded emails from it to my Gmail account. Over a year and a half, every time I logged into something, I updated the email address to my own.
Eventually, when I jumped to FastMail, I repointed my domain name to it, and most of my new emails started coming over automatically, since the email address is now something I control. I monitored Gmail for a while regularly to catch straggler services. (I chose not to forward to avoid complacency with stuff going to Gmail before reaching my FastMail account.)
First, do a one-time import from Gmail. Fastmail has an import tool that does this over OAuth. Took me ~45 minutes to import ~50,000 emails.
Next, setup IMAP and SMTP on Fastmail for your Gmail account. This way, you can continue to receive and reply to emails sent to Gmail, using Fastmail as the client. When replying to an email, Fastmail defaults to the right sender (identity) based on whom the email is sent to (abc@fastmail.com or abc@gmail.com).
An alternative is to setup email forwarding in Gmail, so you get a copy of emails sent to your old address.
If you don't have a custom domain, I highly recommend getting one and use that going forward. There might come a day when you want to migrate off Fastmail. With a custom domain, you just need to update the MX records.
I've never had a problem with gmail recipients since setting up DKIM, SPF, etc. There is an incompetent rinkydink shop running IT for the Irish government ( Topsec - https://www.topsec.com/ )that blocks ANY email from namecheap DNS which is really annoying, though.
FastMail can pull from gmail. My account pulls from all emails I use minus work and can send on those addresses so. It also supports having a different signature depending on which address I'm sending from.
That's what I did and it worked well for me for the most part. I ended up keeping Gmail around for the occasional service that doesn't work well with Fastmail. Off the top of my head I've had issues with:
Late but essentially what the others said. Additionally I would point out that I migrated my accounts whenever I used them and noticed I logged in - so really piecewise.
On top, I had some burts of motivation to step through my password manager vault occasionally and update accounts I don't log in to too much.
I would make this Step #1 to the 5 or 6-step processes outlined above. Gets most of the important migration out of the way with a little work the first day.
I really love Fastmail, but shared contacts have never seemed to work with the default Mac contacts app. According to Fastmail support as of a few years ago, the default Mac contacts app cant handle multiple address books (shared and personal) from the same account. Not Fastmail’s fault, but has anyone else had this trouble?
What in Mozilla's track record makes you trust that they can run a trustworthy service? I'm a big fan of Mozilla for Firefox and rust. But they we have to be objective. They have yet to earn my trust for running a safe and secure service to which I can trust my data.
I'd pay at least $10/month or $99/year for Firefox Accounts, just as they stand today, because they give me at least that much value. Integrate full 2FA into Lockwise, so that I have 2FA that'll never die with a broken phone, and I'd pay more. Add a secure calendar I can use with friends and family, and I'd pay more. (I'd hesitate to say email, just because running that is a can of worms I wouldn't wish on my worst enemy, but I'd absolutely pay for that too.) I would love to have all of my major services tied into my Firefox Account, with the same level of security, privacy, and trust I've come to expect.
Yeah, no. The least they should do is enhace the size for syncing extension-data. It's today limited to 100kb per extension, which destroys syncing for most useful extensions like ublock, greasemonkey or some mature manager for bookmarks and notes. Giving any paying user some GB as global storeage and remove the per-extenions-limitation would push productivity immense.
Sort of. Netscape Communicator critically never included server infrastructure and was completely focused on e.g. connecting to your ISP's email servers.
Although a great 'client' experience is absolutely crucial for Firefox Premium's success and would be a modern resurrection of Netscape Communicator in that sense, what I mostly need is convenient 'servers' from a company that I can trust and a business model I can support. In a sense that would be a modern way of meeting the needs of Netscape Communicator, sure :)
Doesn't need to be a move back to Mozilla Suit (today named Seamonkey). They can offer web-services for this (just cooperate with an existing Provider like fastmail), but with trusted privacy features and embedded in the browser with first class-quality-extensions.
Or they push thunderbird, the mail-client they brought into the world to just ignore it for such a long time. A trustable privacy-first mail-client with brainless configuration and maybe some useful modern PIM-features would sell well enough to satisfy a price. I mean there are already services doing that, mozilla couild cooperate with them or just push their own weight in the ring.
Especially when a small unknown company can take the same abandoned platform to become a viable player in the smartphone ecosystem[1] just by targeting the right device for the OS & right strategic partnerships.
At least Mozilla seems to have signed a deal with KaiOS to develop the Gecko engine further[2].
I don't have much too add, I'm just replying in case Mozilla devs see this. I want this so much as well! I don't mind the VPN though. I pay for it now even though I run mostly Linux
I'm in exactly the same boat. Paying for the VPN to use on exactly one device because everything else is Linux, and would happily put more money towards it if they offered a paid equivalent to GSuite that was privacy-respecting.
Question--why does everything else being Linux negate the need for a VPN? AFAIK, aren't the main reasons for a VPN bypassing georestricted content and avoiding ISP snooping? I don't see how running Linux negates any of these, and routing through a VPN certainly doesn't stop win10 from exfiltrating data.
Oh wow. I haven't thought of this till now. But you are absolutely right. I would totally trust Mozilla to provide me the privacy sensitive alternatives to google and would definitely pay for them too.
Gesture typing (swipe) is still in beta and didn't work much the last time I checked. I'm posting this by swiping on SwiftKey. I've been using swiping keyboards since 2011 and I won't go back to tapping buttons.
There are many VPN services that begin just by reselling white-label VPN solutions, such as provided by NordVPN[1], because it's much cheaper and easier than building your own globally distributed high-capacity and low-latency network. I hope that Mozilla didn't go down this route, as many suspect ProtonVPN did[2], which Mozilla has partnered in the past with[3]. In fact, given that partnership I wouldn't be surprised, if Mozilla VPN was just a rebranded ProtonVPN service underneath. That would bring additional income to Mozilla without taking away any of the development resources from Firefox, and could be seen as a win-win situation by both companies.
Thank you, I wasn't aware of that. I consider Mullvad to be both, a technologically superior product, and a much more trustworthy company than ProtonVPN.
From the technical point of view, Mullvad was one of the first VPN services to adopt and support the development of Wireguard; it was also one of the first to open-source all of its client-side code.
From the privacy point of view, Mullvad doesn't ask for an email address, accepts payments in cash, publicly states the full names of all the people behind the company, and doesn't pay any affiliate commissions.
> If only to help make Firefox development less dependant on Google or Yahoo.
Omg, my thoughts exactly! I dont want services... I dont want anything except that with the donations they will break away from google. That is it. And I bet a lot of us here would gladly donate, I donate to EFF while mozilla could in theory have more impact.
If Firefox integrated with Keychain, it'd probably be my default browser again. I'd happily pay.
Once Keychain got good enough, I transitioned to Safari 98% and dropped 1Password. iCloud syncing is nice too.
--
Anecdotally, it just seems like a lot of web sites are poorly tested against Safari, so I run into weird stuff. Also, Safari now inevitably abends, seemingly after binging YouTube.
I favor Safari, mostly because of lower power consumption. I have only positive things to say about Firefox. I've always liked it and I've read they keep improving the power stuff. If I ever do front end work again, I'll definitely go back to 50/50.
--
Leaving gmail is on my to do list. I've just been too lazy to follow thru. I dunno why, but if Mozilla partnered with FastMail, I'd be more motivated. Probably for bragging rights, virtue signaling.
Totally agree. I feel like I trust Safari in terms of privacy as well, and it works so well in the walled garden of iOS/macos. I really hope they get it up to date with the latest web standards, it's a joy to use otherwise.
Firefox Premium is just branding, so far as I can tell. I can't imagine Mozilla charging for software. They might make software that's not useful without the service (like the VPN client), but the software itself is free.
Why would it be a monopoly? If you use something that uses open standards and provides ways to export or backup your data, you can move anytime.
Taken a little deeper, your statement would imply that people should build and maintain their own data centers and host all services by themselves (this argument could be stretched even further).
A monopoly on the services you use, not a monopoly as in they have total control over your data and you cannot export your data. If all you use is Mozilla services, as the original commenter would like, that is the very definition of a monopoly over your personal software usage.
I did not imply anything of the sort, and I am astonished and confused as to why you would think that. How in the world does mentioning that it's not a good idea to give a company a monopoly over your personal usage lead to people should build their own personal data services? Obviously the real implication is that it's better to use multiple different providers of software services instead of one, or use as many different open source software as possible. The benefits being if or when a company decides to use your data for nefarious purposes they can only use a portion instead of all of your data. Likewise a security breach to one of those companies would only expose a portion as well.
> Taken a little deeper, your statement would imply that people should build and maintain their own data centers and host all services by themselves (this argument could be stretched even further).
Yes, yes they should; it's called a personal computer; IBM used to sell pre-built ones.
I was just about to change to something different from LastPass, pretty much convinced about Bitwarden from previous HN mentions, until you mentioned Lockwise :-) care to share some pros and cons or comparison between these two?
Currently using both, Bitwarden is much more robust, customizable, and safe (audited by 3rd party). Lockwise is great if you want a simple pw manager for browsing online but Bitwarden is like a "life" manager that can store addresses, credit cards, notes, passwords, etc.
I use Bitwarden as my main password manager. But Bitwarden is still lacking in the "life" management part because common things like WiFi passwords or software licenses need to be added as custom entities. Managing those is not easy with Bitwarden. I stopped using 1Password long ago (when it moved to a subscription model), but it has had many more rich types to manage for a long time. Bitwarden has a long way to go.
There is also always https://www.passwordstore.org/ it is a bit more work to get everything set up, but I now have an encrypted git repo of my passwords with clients on my laptop and android phone. I cant speak to ios or macos, but there is a distinct lack of good windows gui client, which is the biggest con.
The major pro for me is that I know exactly how it is encrypted end to end, and have control over how and where it is stored, and can move the storage as I please, all entirely for free.
I can offer up 1password comments. It has a good native app for osx. I don't use osx. It offers a CLI tool that spits out json. I wish it would just integrate with pass(1). The Firefox add-on is close enough to abysmal that I use thier website making it inconvenient. It doesn't work with regular http auth so you have to copy the fields in manually then refresh.
Otherwise it's fine. The multiple Vaults is great to share passwords among family or maybe your co-workers. It has features like TOTP and supports many types of other fields.
4/10 on usability
10/10 on its core feature set.
Probably a 9/10 on osx.
> It doesn't work with regular http auth so you have to copy the fields in manually then refresh.
There's a slightly easier way - escape out of the basic auth dialog box, open the 1password menu which will be showing you the website you're on and select 'Autofill', and then reload the page (ie Ctrl-R) and the basic auth is supplied from 1password.
Not great, but easier and faster than copying in username and password fields manually (and with keyboard shortcuts available to do each step it can be quite fast).
From 1password comments I believe the limitation is because Firefox does not allow 1password to interact with the auth dialog box (which isn't strictly a bad policy from a general security point of view).
I personally use 1Password due to it being better polished than Bitwarden and the support being excellent. I'm using it with Windows/Edge and haven't encountered any problems.
I moved away from it because they still don't have a fully featured Linux client, and their 1PasswordX client is missing some features, and seems to be in general quite lot slower than Bitwarden.
Having said that, Bitwarden is a big pain in the ass. I still can't open the main window when I'm in private browsing window.
Judging from the sibling comment (https://news.ycombinator.com/item?id=23567966), the support for non-mac platforms sounded to be less than stellar. Still nice to have different opinions, so thanks.
To throw in a less conventional option, I've been very happy with MasterPassword [1] myself. I mostly just use use the browser plugin (Firefox/Chrome) and mobile app (iOS/Android).
Unlike the other options, it's a deterministic password manager. This means that you don't need to sync anything, and there's no risk of losing your password database. As long as you know what website you're signing in to, and remember your one master password, you can regenerate all other passwords.
100% this. I'm currently waiting for the ProtonMail calendar and still looking for an easy file sync solution. I tried syncthing today but it's really not that comfortable to use....
Agree. I’m currently on Proton but I’d like to see Mozilla bundle the essentials, with vpn and mail as the basics.
Also, consider if possible affordability for students and senior, who might not be able to afford a subscription. Maybe limited bandwidth for free w/o subscription? Something like ProtonVPN provided.
I agree. Bundle a PiHole-powered cluster service with a secure proxy for child surfing and Mozilla will get my bucks.
Last but not least, it should be easy to set up.
The problem is the revenue source. Currently Mozilla gets most of their income from their biggest competitor, Google, which is pretty fragile and all-eggs-in-one-basket. Diversifying their revenue stream by slightly diversifying their product would make them more likely to survive.
Because running it is not free and paying for it directly is the best way to align interests - you are the customer instead of being the product for advertising and analytics.
Just to be clear, your donation at donate.mozilla.org goes to Mozilla Foundation. It doesn’t support the development of Firefox or other products, which are part of Mozilla Corporation (which gets about 90% or more of its revenue from the Google search partnership). This doesn’t mean your donation is useless, but it may not be going where one might think it’s going.
I agree with your second paragraph, which is more in line with directly supporting Firefox and other products with money.
As much as you would like to be, you are not Mozilla's customer. You are, as they say, a "product". The subject of an ongoing marketing study. There are people willing to pay for the results of that study, and they are willing and able to pay much more than you will ever pay for Mozilla's open source software or use of its servers to store your personal data (email, calendar, files, etc.).
We are told that Mozilla has to keep pace with Chrome (because ..., and that's because ....), and the only way they believe they can do that is to take money from Google. Mozilla's CEO and employees are far too expensive for their salaries to ever be paid by end users.
I am surprised at how much money exists in the VPN industry. Whenever I watch even a mildly-popular YouTube video, it always has an advertisement for the latest VPN provider. As far as I can tell, there is only one reason there is this much money in the field -- to subscribe to US-based video streaming services from outside the US. But they never ever say that that's the reason, they always say things like "work from home securely" or "avoid being tracked". But, of course, your IT department already has a secure VPN for working from home, and that Facebook cookie works regardless of what your IP address is. In general, the sell of "you can't trust your network provider, so pay for an additional network provider that doesn't keep logs and only accepts payment in Bitcoins," doesn't seem particularly strong to me. Of course you can't trust the network layer. Nobody trusts the network layer. That is why we have TLS. (Anyone remember "wired equivalent privacy" when WiFi was a cool and new thing? Turns out wires don't offer much privacy.)
So why people are buying this service confuses me.
I am also confused at why people can run these services so cheaply. I looked into doing it myself (I had some ideas for actual value add), and the economics didn't seem that good. There is a lot of software between "ifup wg0" and "collect money from people that want a VPN". It seems expensive to write all that, unless a "yolo" strategy of starting up openvpn and setting up a couple NAT rules actually scales. (At the very least, you need to be able to distribute keys to pre-built clients, and if you want to make it smooth, you are looking at writing your own Windows/Mac/Android/iOS clients. Then you need all the business management software on top of that -- didn't get the Bitcoins so delete their private key, etc.) It seems like quite a bit of work that is quite expensive.
But these things exist left and right and have huge advertising budgets. So obviously I am misunderstanding something.
No, your premise is wrong, all major browsers have committed to removing third-party cookies, or have already done so. And after third-party cookies, your IP address is the next-easiest way to track you across sites.
that Facebook cookie works regardless of what your IP address is
Firefox has been blocking third-party cookies by known trackers, including Facebook, since last year [1]. Safari started blocking all third-party cookies (not just known trackers) in March [2], and Chrome committed in January to work towards removing third-party cookies [3].
And of course, all major browsers have provided the option to block third-party cookies since before IE6. I use this option, it rarely breaks things, and it's only getting rarer—and I don't use a VPN, so this would make me measurably harder to track across sites.
Keep in mind that Chrome also sends a high-entropy identifier that is certainly sufficient to identify you in combination with an IP address, to every Google property, including DoubleClick, on every request (first or third party).
I think you're right, a lot of VPN usage has to do with circumventing some tiered, segmented, bullshit content provider restrictions such as region or schedule or device type.
The fact that all these people are paying for a service plus VPN means the services are leaving money on the table. If they would simply offer what we want, when we want, where we want it, on the device we want, on a single service without a hassle, many consumer would be lined up for that.
They must massively oversubscribe their services, far beyond ISPs. The advertising probably brings in a lot of profitable users who aren't pushing tons of BitTorrent traffic as well. With the insanely high affiliate commission they're offering I can't think of another way.
The conspiratorial side of me says that they have alternate revenue streams as well. Why should only google get that sweet cash from a steady stream of user data?
The VPN providers are not paying per gb. They are paying for IP transit, probably in the range of 50c / mbps. They make money by oversubscribing, just like any ISP.
I don't understand this argument, but would like to.
I run https://everytwoyears.org, a political non-profit focused on ending the warrantless metadata collection of U.S. citizens' communications. From everything I know about these programs, they are _explicitly_ not collecting content of communications. These programs only collect the metadata about a communication. As citizens, we don't get to have a clear definition of "metadata" (that is classified!) but we can assume anything that isn't the message itself is at risk of being considered metadata, especially if it was shared with a service provider in the normal course of conducting business (i.e. routing a request).
For HTTP requests, I assume the body of the request would require a warrant before it can be persisted on a government server. The HTTP headers, if unencrypted, _might_ be considered metadata but I would be surprised. The IPV4 headers are more than likely metadata. DNS queries are more than likely metadata.
If you are trying to avoid _active_ surveillance, where your government has a warrant, a VPN isn't going to help you. If you are trying to avoid _active_ surveillance where your adversary doesn't need/want a warrant to search you, a VPN isn't going to help you. But if you are trying to avoid having your internet activity ending up, de-anonymized, in a metadata database that your government does bulk analysis on, a VPN does seem like it would help. It seems like it would help a lot.
A VPN is just a tunnel from one point to another. You'd have to establish why the remote end is more trustworthy than the local end. Being located in a hostile jurisdiction may be somewhat protective, but it would also seem likely that compromising foreign VPN services is within the NSA's wheelhouse.
I think the key for me is that, at least under the original Presidential Surveillance Program, the providers that participated were not compelled to share their user's metadata. They shared it willingly, regularly, and in bulk. There is reference to a service provider backing out of this agreement a few years later, telling the NSA they would feel more comfortable sharing the data if it were compelled.
It's not clear if this has changed since 2013. But assuming Mozilla, or Mullvad, isn't compelled to share _all of their data_ it seems unlikely that they would willingly give that up to a government surveillance program.
I think ISPs have demonstrated they aren't trustworthy. For most people in the U.S., it seems, finding someone more trustworthy than their ISP is literally anyone who isn't admitting that they collect and share their private data. I would be surprised if Mozilla doesn't clear this bar.
> compromising foreign VPN services is within the NSA's wheelhouse
This is the explicit danger of VPN providers. Even if the provider is not complicit (which I believe applies to the likes of Mozilla), it still creates a centralized aggregation site for collection.
I'm not even sure a US-based VPN provider is safe. GCHQ just conducts the interception and would share the data with NSA. At that point, you are at the mercy of the NSAs locators being good enough to flag your tunneled traffic as "reasonably a US person" so it gets excluded.
> I'm not even sure a US-based VPN provider is safe.
Oh, I am sure that it is not safe, thanks to the PATRIOT Act. Even if they were not storing any metadata, VPN providers can be compelled to 1) share all data about their subscribers, which will include you, then 2) silently wiretap and decrypt everything. US courts will rubber-stamp, as they've consistently done in the past, and "that's all, folks".
Sadly it's not like you'll be much safer elsewhere: as soon as you step outside of the US, one of the strongest cybersec agencies on the planet (NSA) will have free reign on your traffic. But you can resist the legal attack (in some countries) and at least try to make it challenging on a technical level.
I hope Mozilla want to bring some innovation to the table that will make VPNs somehow more resistant to legal attack (not just in the US) but I doubt it.
Again, from what I understand, this would be active surveillance targeting an individual and the bulk data would not be collected (even if technically feasible given the mechanism for collecting the individual's data).
From write-ups of the 2013 leaks, we saw references to violations of the legal theory used to justify the Presidential Surveillance Program. One of those violations was them unintentionally collecting the wrong data, due to how the ISP was bundling packets or something like that, which constituted a warrantless search, and they supposedly took that very seriously because it jeopardized the whole program.
My take on the surveillance program is that they try very hard to be law abiding, even if they have to stretch what the law means to justify the program. If you are worried they have a warrant for your communication, a VPN isn't going to help you. If they don't have a warrant, they will avoid U.S. citizen's content like the plague for fear of compromising the whole program.
That would still create protections for people outside the US but with US-friendly administrations. Using a VPN in less US-friendly nation could increase protection. Is it safe? Probably not. Is it safer? Most likely.
Unless I set up my own VPN I'll share a VPN server and IP with other people. That makes my traffic inherently more anonymous once it has left the VPN server, since you can't correlate traffic to a single person anymore. So even if traffic in the data center is analyzed, that's better than my ISP analyzing traffic.
Thus we only have to establish that the VPN provider is at least as trustworthy as my ISP. That's a pretty low bar to clear in many places. I have no doubt some VPNs are operated by nefarious actors (no better way to collect high quality data), but I don't think that's a concern with Mozilla.
You should expect that the government can compel a VPN provider to correlate traffic to subscriber information exactly the same way it does with a residential ISP.
Sure, but the set of governments that can compel my ISP might be different from the set of governments that can compel my VPN. I don't care about all governments equally, and my own government has a disproportional impact on me compared to most other governments.
If they have a warrant a VPN isn't going to protect you. If you think you are under active surveillance, you want more than a VPN.
Write-ups of the 2013 leaks revealed they did not compel ISPs to correlate traffic to subscriber information. It doesn't seem like they had any subscriber information in their database, only enough metadata about the communications to later compel a ISP to provide the subscriber information _postmortem_ (i.e. who did this cellphone number belong to on this date?).
ISPs weren't even compelled to share that metadata. It was a voluntary program. Some ISPs said no. Others said yes and then later backed out. In the end something like 80% of the traffic the NSA was after was able to be collected through the ISPs that voluntarily shared their data.
But, again, this was 2013. 2013 was forever ago, things may have changed.
I thought I did? The condescending attitude is unnecessary. Happy to clarify my point if my initial comment was confusing:
Websites such as http://panopticlick.eff.org/ showcase how fingerprinting works. They tell you how many bits of information they can extract from various datapoints they get out of you when visiting their site, such as User-Agent.
Panopticlick does not use your IP address as a datapoint, but actual trackers most likely do. If not your IP directly, then a prefix thereof (such as your /24), to account for ISPs w/ dynamic IP allocation.
If you have a static IP, there's a lot of bits of entropy in it, i.e. it's great for fingerprinting. It's basically sufficient, by itself, to uniquely identify your home. The handful of devices in your home can then likely be distinguished by the User-Agent.
If you're part of your ISP's small dynamic IP pool (e.g. a /24), there's probably still a lot of entropy in there. How many people in your neighborhood are also on Linux and have the same set of fonts installed? Probably just you.
Your VPN's dynamic IP subnets, OTOH, can be a lot larger, and the members of the pool are not geographically close to one another, so there's probably a lot less fingerprinting entropy in your IP in that case.
I think the negative reaction to your earlier comment comes from your mis-use of the term entropy. A static ip, for purposes of tracking you as an individual, has very, very little entropy (in fact, none) . High entropy would be a dynamic IP that is refreshed from a large pool very often.
Additionally, very few ISPs assign static IPs anymore, not unless you pay 5x the price for a business account. Trackers, by and large, don't really pay much attention to IP, since much more reliable metrics have been implemented. Sure, it probably is used to a small extent, but there are much more effective steps that can be taken.
Even if you trust your ISP, and it's not required to keep logs due to local laws, a VPN is often a good idea anyway. Geolocation from IP address can be scarily accurate - mine identifies me to within a mile radius of where I live.
I think you are correct that VPNs are a sort of half-solution.
There are a lot of people that think anything less than 100% isn't worth your time, so they suggest TOR - but TOR has all sorts of annoying limitations that preclude daily usage. Absolute solutions are seldom worth the 10x extra effort they frequently require.
Another set of half-solutions can be seen here which will make you more secure...
ESNI, DoH, DNSSEC, and TLS1.3 are fairly easy to setup - and worth your time .
Using Firefox with uBlock Origin & PrivacyBadger plus the above gets me to a good enough place.
Illegal stuff on the other hand -> TOR.
The problem with doing illegal stuff with only half-protections is that the authorities don't need to use the metadata to prove your guilt. After they raid your house they'll have all the parallel construction they need to make it stick. ...then again if you're just buying personal use amounts of drugs - no one at the FBI cares.
I think you cut right to the core of where I get lost in the VPN argument.
Tunneling (even through TOR) isn't sufficient if you have someone well funded, highly skilled, and very motivated to watch you. I would posit that purely technical solutions will never solve human problems. Perfect, unbreakable, encryption can be trivially passed with a set of cleverly placed jumper cables.
The key, in my opinion, is trying to align technology with the laws that (mostly) already successfully protect us from jumper cable wielding adversaries.
From my understanding, The U.S. government interprets "metadata" as having no societal expectation of privacy and therefor they don't need a warrant to collect it. These questionable metadata collection programs seem like they can be effectively thwarted through half measures, like E2E encryption of the metadata (use HTTPS and DNS over HTTPS), obfuscation of the metadata through tunneling (use VPNs), etc.
Some metadata I don't have a good answer for, like location data when my cellphone pings the local towers. I can chose to share my location data w/ the tower so it can route calls to me, and submit to that possibly ending up in a government database, or I can keep my phone from talking to the cell tower being unable to send/receive calls. I don't see a half measure...
Encrypted SNI is a solution in search of a problem.
Unencryptable metadata (destination IP) makes it pretty worthless. Even on shared services like Cloudflare, things that are of interest for collection are probably paying enough that they get stuck on dedicated IPs. The 4chans of the world that might not be paying still make sense from a provider perspective to move to isolated IPs for DDoS mitigation.
Censoring proxies actually look at SNI to deconflict shared IPs where pornsite.com and travelblog.com are on the same Cloudflare IP, and will just revert to blocking the destination by default.
(I'm picking on Cloudflare here specifically because they are pushing it - but this applies to MaxCDN, Akamai, etc just as much)
> and will just revert to blocking the destination by default
Good. That's way better than being able to tell which site you were trying to go to. It's more expensive for the misbehaving network operators as well; block some popular sites just because they share an IP address with something you want to censor and people are bound to complain, even if they couldn't care less about the censored sites.
I was using Brave until this story came out and switched over to Vivaldi for the stuff that absolutely demands the Blink engine.
Point one, if they _repeatedly_ continue to do this kind of thing, what kind of stuff are they also getting away with? Or what's the next big surprise around the corner?
The second point is I really no prefer Vivaldi as things like sync work (it's been broken for a long time in Brave) and there's more exposed in the prefs for techie types who like to tinker with that kind of thing.
Firefox continues to be the every day browser and it keeps getting better as time goes on (another +1 for take my money for email, calendar, file storage, etc.).
HTTPS protects content. Content requires a warrant in the united states.
The bulk metadata programs, as far as we know, only collect metadata. Which two IP addresses communicated, the routes they took, the size of the payloads, etc. are all "metadata".
Using a VPN adds indirection but can give you a sense of false security as well.
Metadata is obviously the least important data to analyze, but for example a VPN does not hide the size of payloads. TLS 1.3 do addresses that and let's you randomly pad messages but I don't think anybody use that.
You can use HTTPS with a VPN. With HSTS and certificate transparency, a modern browser will not let you get compromised by a HTTPS MITM.
I also trust many VPN providers more than my ISP, which actively engages in MITM like compressing images to be a lower resolution on HTTP pages on 4G networks.
If you assume VPNs don't keep logs forever, then a VPN is very strong protection. Seems like all the anti VPN arguments are predicated on the VPN keeping exhaustive logs of every request. Given the volume of data and the incentives of businesses, i feel like thats probably not true for many VPNs. I generally believe them when they say they don't log, because its just more $$$ on storage that provide 0 value to the company unless they are required by law.
I use Mullvad, paid using BTC that came straight from a tumbler. I don't use it for any nefarious reasons, just wanted to see how such a setup would work. It was surprisingly painless. I think it took 15 minutes in total from moving my btc to the tumbler and having the tumbler move the btc to my Mullvad account.
Am I 100% secure? No, they know what IP I'm connecting from. Is my name attached to the VPN? No, not even close. I suppose if I wanted to further improve my security I wouldn't use my own home network, but public wifi's nearby.
But again, I didn't do it to stay "safe" or anonymous. Just wanted to see how the process would actually be.
> I use Mullvad, paid using BTC that came straight from a tumbler. I don't use it for any nefarious reasons, just wanted to see how such a setup would work.
> But again, I didn't do it to stay "safe" or anonymous.
I sincerely hope that you're trying to stay safe if you're admitting to money laundering on a public forum.
Money laundering is turning dirty money into clean, that appears legitimate, taxable etc. If the source isn't illicit, it isn't laundering because there's nothing to clean.
Tumbling coins is just obscuring their origin.
The two don't inherently have anything to do with each other.
Even if you tumble "dirty" coins, you've got to explain to the IRS the source of income behind the new coins. Tumbling, in and of itself, doesn't achieve that.
Bitcoins may get a pass because they aren't technically "money", but in general any business that transfers money on behalf of another entity without knowing exactly who both the sender and recipient are—and registering as a money transmission business, a very expensive process—will be considered to be involved in money laundering. Even if the money is provably "clean" to begin with. A company that implemented anything like a "tumbler" for USD would most certainly run afoul of anti-money-laundering regulations.
It's not right, but that's the way the rules are written.
He's actually technically correct, as that is the very definition of money laundering. The difference is (assumedly) the money he's laundering wasn't obtained via illegal means.
Despite his somewhat annoying style, that article has many good points about the aloofness of security researchers. However, I will disagree on two points which the article contains:
1. Tor is (rightly) used by anyone who has a good reason for remaining anonymous. (See [REALNAMES] for who this can be.) Anyone trying to smear Tor as only used by drug dealers and other unsavory types are themselves suspect of having an agenda of discouraging Tor use for anyone lest they be suspected. This can only lead to an installation of Tor being viewed as a suspicious thing in itself; who would want that?
2. His threat model of Mossad or not-Mossad leaves out one important actor, which we can call the NSA. They, and others like them, unlike Mossad, are not after you personally in that they don't want to do anything to you. Not immediately. Not now. They simply want to get to know you better. They are gathering information. All the information. What you do, what you buy, how you vote, what you think. And they want to do this to everybody, all the time. This might or not bite you in the future. He seems to imply that since nothing immediately bad is happening by using slightly bad security, then it’s OK and we shouldn’t worry about it, since Mossad is not after us. I think that we should have a slightly longer view of what allowing NSA (et al.) to know everything about everybody would mean, and who NSA could some day give this information to, and what those people could do with the information. You have to think a few steps ahead to realize the danger.
I doubt it, unless you run the VPN. Governments have the same ability to leverage things like trackers, etc.
A public VPN service is good for localized privacy. Even a cheap Ubiquity setup will be able to tell about your habits. It's probably good enough to avoid the attention of a civil or informal inquiry (DMCA, employer, etc).
> Governments have the same ability to leverage things like trackers
It's not clear to me whether the methods trackers use to de-anonymize you are considered "content" or "metadata", and whether the U.S. government would need a warrant to access tracker information.
They can think of it, sure. But when you read their testimonies, and read the summaries of leaked documents, you can see they are attempting to be law abiding even if they _really_ stretch to interpret the law.
Just because they know its a way to thwart their system doesn't mean they have another "legal" way to collect the same data.
I'm not qualified to analyze the technical details but I have some more practical grievances with VPNs. I paid for ExpressVPN for 1yr on going and found it disappointing despite being advertised as the expensive but good option.
First, geo blocking often catches it or provider has moved to other means to verify address. I don't use Netflix but for certain streaming sites in Japan that I use and BBC express does nothing.
Second, it doesn't get pass GFW whereas shadowsocks based solution does.
Overall it seems the only benefits are getting better speed sometimes and theoretical privacy benefits.
Browser fingerprinting means you can more or less be identified regardless of your IP address. Since tracking is more or less tied to the browser should you not use the VPN in some instance the browser fingerprint remains the same. So all the Facebook/Google tracking will be able to determine who you are after you change your IP.
Yup. But it isn't clear to me whether that tracking information would be considered "content" (and require a warrant) or "metadata" and be subject to mass warrantless data collection.
They are explicitly collecting both the metadata and the content of all communications they are able to. They have burned their own when someone raises a complaint about their methods or dares to introduce crypto that respects constitutionality(https://en.wikipedia.org/wiki/Thomas_Andrews_Drake).
There’s a lot of gross stuff that your ISPs (which includes your mobile phone provider) do to further monetize your relationship with them, and having a VPN can negate that.
ISPs can observe your DNS lookups to their servers and assemble a profile on you based on the domain names you look up, and put you into a series of audiences that marketers can then use (for a fee) for ad targeting.
ISPs can also observer your DNS lookups to Google’s or anyone else’s public DNS servers.
ISPs can snoop on your unencrypted traffic, proxy it, and inject headers into HTTP responses to facilitate (you guessed it) the creation and sale of audience data to advertisers.
ISPs can transcode (and downsample) multimedia content to decongest their pipes or airwaves.
If you are a spy or a member of a disfavored political group, you should almost appreciate the scummy practices of ISPs, as it drives a bunch of non-spies and people not associated with disfavored political groups to adopt privacy-enhancing technologies.
If I worked at the NSA or CIA or FSB or Mossad or wherever, I would highly encourage lawmakers to enact laws to protect consumer privacy in order to drastically reduce the perceived need for people not in the above groups (et alia) to adopt VPNs and other technologies; there would be fewer “boring” people using such technologies, giving the needles a lot less haystack to get lost in.
Some ISPs even tried to replace NXDOMAIN replies with their own "services". That was particularly popular in the last decade, though I haven't seen any recently.
Why would a VPS server be any more secure than a VPN provider?
They have the same ability to view outgoing traffic and can very easily log the source ip address.
Protocols are not designed for what we use them for, and buggy legacy applications that won't change their protocols or implement them correctly. The more people use VPNs, the more the problem gets buried behind a wall of abstraction. The proliferation of VPNs is really the burying of a problem, not the solution.
I don't care about being tracked, because I live my life in the open. I'm not a vulnerable minority, so I don't fear for my safety. I don't care what a random corporation (or anyone, really) knows about me. You could log into every digital account I have, and the only thing I'd be worried about you finding is an active session to my bank's website if I was still logged in at the time. I don't care if my ISP "monetizes me".
I also know how to browse the web as securely as possible, and that there are plenty of ways I can be hacked regardless of my network connection. The biggest risk I face is not from a VPN, but from my local network: if my internet modem or router gets compromised (either remotely or through my machine), I'm subject to local attacks a VPN won't protect me from. And if the government wants to hack me, they'll just guess what websites I'm viewing (either by conventional means or statistical traffic analysis), hack the server, and drop a payload through a browser 0-day.
I could see using a VPN if I was an activist, or of a class of citizen that's oppressed by my society or government. But even then, they'd figure out I was using a VPN, and realize I'm hiding something. So you could argue everyone should be on a VPN to make this less noticeable.
But then we go back to the beginning: we're not solving the root problem.
> At Mozilla, we are working hard to build products to help you control of your privacy and stay safe online.
> We know that we are on the right path to building a VPN that makes your online experience safer
Commercial VPNs are good for censorship circumvention or location spoofing. It is irresponsible to market VPNs as something which “protects” you online. In reality, they do nothing to improve security, and very little to improve privacy.
I see this take a lot. Serious question: doesn't the U.S. government surveillance program focus on collecting communication metadata for U.S. citizens? While it isn't clear what that metadata includes, we do have examples of past programs that have leaked (and the legal theory used to justify them) to guide us.
Given what we publicly know about these surveillance programs I could see FISC approving bulk metadata collection for the IPv4 header content, insecure HTTP header content, and DNS queries.
Wouldn't using a VPN, DNS over HTTPS, and HTTPS everywhere shield you from these bulk metadata collection programs? I run https://everytwoyears.org, a political non-profit focused on ending these programs, and I view VPNs as a key technical piece of preventing these metadata collection programs from functioning; if the security community doesn't believe they are effective, I would really like to know!
Another way of saying this: collecting _content_ of a communication requires a warrant (and our mass surveillance programs respect that from what we publicly know). Most people that I know aren't trying to avoid active (we have a warrant to search you) monitoring with a VPN, but trying to avoid passive warrantless monitoring. Obscuring communication metadata through encryption and tunneling seems to be an effective way of doing this.
If I were a government trying to gather metadata about web usage, the first thing I'd do is set up or acquire my own VPN company (and make it look convincing, of course).
VPN (and tor) users are the ones you'd be most interested in as a government. So it doesn't matter how much of the general population uses your VPN as long as you convince the ones you're interested in to use one.
And for all of those not using a VPN, just ask the ISPs.
The original form of the Presidential Surveillance Program didn't compel service providers to share this metadata. The providers willingly shared it. There is a reference to a service provider backing out of the agreement several years after it started stating they would feel more comfortable continuing to share their data if the government compelled them.
Agreed -- they provide some tiny specific benefits for security (e.g. against Wi-Fi hacking if accessing a site over HTTP, rare these days) and privacy (no geolocating), but the Mozilla copy says:
> feel empowered, safe, and independent while being online
Huh? This is doing nothing to protect me from any of the common attacks. It's not wiping my cookies. It's not anonymizing my browser fingerprinting. It's not blocking analytics or tracking. It's certainly not protecting my credit card details or password from being hacked from a website's server.
Am I more "empowered"? "Safe"? "Independent"? What is this nonsense marketing fluff?
To market this as being able to control my privacy or stay safe online is just completely disingenuous. Mozilla should be ashamed for trying to imply such strong claims that are just false.
That’s what I said. VPNs are good for “location spoofing,” i.e. changing your web-facing IP address to a different region. VPNs are great for this purpose.
The issue is, VPN companies (Mozilla included) are marketing their service as one that improves your safety when it doesn’t.
The value of location spoofing is to access geographically-restricted content (like a netflix show that is available through their service in Europe but not the US), not to avoid DMCA notices. VPNs are valuable for avoiding DMCA because it hides from your ISP (the entity serving you the notice) what you are torrenting.
If you live in a place where the ISP actually looks at what you torrent and does something about it then you clearly need a VPN. Luckily that mostly happens in places where a DMCA is the least of your worries, like eastern europe and the middle east.
I don't know anything about how frequently Eastern European and Middle East countries act on DMCA. But I do know that this frequently occurs with US ISPs.
This is a bad take. I don't have the energy/time to go too in depth at the moment, but I've commented in more detail in the past. The short version:
- HTTPS isn't perfect, sites sometimes support old encryption protocols that can leak resource information. Most users aren't checking packets from native apps to ensure they're being sent over HTTPS, and browsers don't mark sites that are configured for old SSL/TLS versions as insecure.
- Most people aren't currently using encrypted DNS, and even as browsers like Firefox and Chrome move to turn it on by default, there will still be tons of older devices and native applications that lag behind.
- VPNs only encrypt your connection from you to the provider, but the space between you and the provider is the part that's most likely to be targeted by attackers. You are far more likely to accidentally send a plaintext POST request to an infected router than you are to be targeted by a nation-state actor on the open web.
- VPNs aren't just for hiding what sites you visit from your ISP, they're also for hiding your IP address. The linked claim that IP addresses are irrelevant is just outright wrong, IP addresses are extremely helpful for doxing, and sites like forums don't always secure them[0]. If you know my IP address, you'll be able to get surprisingly close to my real address.
A VPN on its own will not protect you or provide you with a noticeable privacy increase. And a VPN should not be the first thing you reach for if you're trying to improve your privacy. But if you're already using an adblocker, if you're already taking steps to mitigate tracking in Firefox, if you're already disabling Javascript on most sites, if you're already avoiding native apps that break the browser sandbox or engage in hardware tracking, you do eventually reach a point where your IP address is a concern you will want to address.
Ask yourself a few questions:
- If IP addresses don't actually matter for tracking, then why is TOR wasting so much time and energy trying to mask them?
- If masking an IP address doesn't provide any extra privacy, why do some services like Google Captcha penalize shared IP addresses?
- If IP addresses don't matter for tracking, why are so many sites using IP bans at all?
The answer is that IP addresses do matter, they're just not the only thing that matters.
I’ve been speedtesting a few VPN networks, and the biggest surprise has been how fast Mullvad + Wireguard are. I need to try NordLynx (NordVPN’s flavor of Wireguard) for more of an apples-to-apples comparison, but at least on the speed metric, it looks like Mozilla chose a good partner.
Making deeper data exploration possible is a work in progress, but you can see what I have so far here: https://vpnwire.co
What an odd choice from Mozilla and Mullvad to segment this based on geography. Can you use it while traveling outside the US? Why not simply have a wait list? Mullvad already operates globally - what is the reason for the geofence? Is Mozilla not able to accept payment outside the US? (maybe not able to pay taxes?)
Forget the VPN--I already have a VPN provider and I have no interest in changing. Offer a paid e-mail service, on the other hand, and I'd sign on up Day 1.
This right here. And a hosted suite of productivity tools that have documented, public formats that contain all of your data (and not just a link to the cloud-hosted copies).
Amazing that GSuite's only real competitor in 2020 in Office365.
I've checked out Nextcloud a few times, but it really needs a sizeable and trustworthy brand that would host it for you, allow you to point a custom domain at it, and provide zero config email/calendering out of the box.
I second this wholeheartedly. I would be happy paying at least the $5/mo that they're charging for the VPN to have web-based access to privacy-respecting email service tied to a name I tend to trust like Mozilla (hopefully with a fairly vanilla domain name that doesn't get weird looks).
Purism's Librem One suite [0] comes the closest, but I just don't have the trust in them that I'd want before pulling the trigger. They have a history of making grand claims with sub-par delivery, which just doesn't cut it for a service like a primary email provider. They've claimed plans to add features like file storage for ages now with no updates. Email is just too important a part of daily life to risk it.
When you connect to a VPN you advertise the fact that you are connected to a VPN to your local network, and hide your tunneled traffic. The tunneled traffic emerges elsewhere, with the extra encryption removed and proceeds as normal. Basically all a VPN provides is a mechanism to pretend that your butt is in a different seat. You hide your traffic from one network and expose it on another.
If you are on public wifi somewhere and are concerned about traffic that isn't otherwise encrypted (DNS comes to mind), or if your connection is in some way restricted (govt, shitty isp, etc), then a VPN can address these issues. But you have to keep in mind that your new network is similarly untrustworthy.
You might argue that by hiding behind your VPN provider, you are gaining anonymity. This might be true under the best circumstances, but this can _very_ easily break down. For example, the moment you load tracking_pixel.png then you are de-anonymized. That is saying nothing about the shady practices of the VPN providers themselves, or the governments that regulate them.
When people connect to a VPN, especially lay-people, there is this feeling that the VPN is providing security, and privacy. This is largely marketing BS designed to sell more subscriptions. When I connect to a VPN I might be able to obscure my activity from state actors, or avoid some coffee shops bogus DNS server. What I can't do with a VPN is avoid literally every other form of tracking. And of course if I connect to a VPN, then I should be ok with those same bad-actors knowing I am connecting to a VPN. And I should be OK with the VPN provider being able to monitor my unencrypted traffic. And I should be ok aggregating all of my encrypted traffic into one easy to watch place.
So what is a VPN providing the average consumer? If you want privacy install ad block software, https everywhere, enable DoH, don't log into social media sites, and clear your browser's cache frequently. If you want to avoid a state actor, then your best hope is probably something like Tor Browser.
> over 70% of early Beta-testers say that the VPN helps them feel empowered, safe, and independent
Well, does it make people empowered, safe and independent? Never mind what people feel - the users don't know the details of the implementation, so their belief could be mistaken.
Really smart from Mozilla; they leverage trust in their brand with a product for which trust is the most important feature. Making a VPN is a non-trivial technology project, but it's pretty straightforward how to do it well.
Couldn’t agree more. Often I see people wishing for Mozilla to add more services. Please just do one complicated thing really well, Mozilla!
I guess all these additional services help lure more users to Firefox, so there’s that.
Maybe Mozilla can eventually generate enough revenue to stop nuzzling on Google’s money teat.
I think I just convinced myself that additional services are good overall for Mozilla. But yes, I’m firmly in the spread your online presence wide camp.
Since they are using the infrastructure of Mullvad, what's the point of using Mozilla's software instead of using directly Mullvad's ?
Price related I'm paying 5€/month for Mullvad and Mozilla's VPN is at $4.99/month so when it will be available in Europe I expect it to be 4.99€.
If they where offering something more, I'll see the point, but here by them developping their own software to use someone else infrastructure seems to be a huge waste. If they wanted to put their Mozilla logo, they should have gone for a white-label product with Mullvad no ?
A little late in the game, but they're a brand I would hold in higher regard than 99% of the other providers out there. I believe that a lot of people misunderstand what exactly a VPN is and what scenarios it offers benefits of use in. I personally host my own VPN on a lowendspirit server [1] for when I'm on an untrusted WiFi network or I need to have an IP in the US (it comes in handy as a US citizen living abroad). I also use a VPN sometimes when I have a dev server (hosted on the server itself) that I'm developing/testing on since being on the same network as the server makes things easier, e.g. having a container with an API bound to the VPN network so that I can access it easily and without it being public facing.
Of course there's also the shady side of VPN use. If you're doing that it might be beneficial to use the VPN within a VM with strict firewall rules, i.e. only allow incoming/outgoing to/from the VPN. Doing so allows you to only send the traffic you want to over the VPN, thus reducing your exposure to any nefarious data collection that the provider might be doing.
I also want to subscribe to Mozilla. For viewing Mozilla as a foundation that does the right thing. Thankful for many of the Internet standards Mozilla helped develop.
Please help making Internet decentralized and private again.
* Support for paying content creators without advertising
* Decentralized CDN and compute
* fast privacy
Given the high ethical standard of Mozilla I’m not sure how popular this will be.
For example, a while back there were research showing nord was setting up users as proxies, there by making it impossible for Netflix to block these residential ips.
How do we know this is safe from bad actors? If it's in the U.S. is it safe from discovery? For example Watchtower tried to use 'copyright Infringement' to force reddit to give a usernames IP and account information. https://m.youtube.com/playlist?list=PLkdgWccrJAy53-jeBxM3Pk_...
VPN's are the only way of protecting what should be protected speech. You have to not keep logs or anything that allows a court to find the identity of a user.
You don't. You never will. This is the case not just for Mozilla but for all VPN services.
Until there's some kind of hardware-level attestation that verifies a server is running a particular software installation, that's going to remain the case.
> VPN's are the only way of protecting what should be protected speech.
No, if you want safety, a VPN is not the solution. VPN providers have invested a lot of marketing in trying to tell you otherwise but it's simply not true.
All a VPN does is move what little trust you're forced to have in your ISP to a different, often less-regulated ISP.
The solution if you want privacy and/or anonymity is a technology built for that purpose, like Tor or I2P.
"Less-regulated" is usually the entire point of using a VPN. Regulations force your local ISP to keep detailed logs and reveal who was using a certain IP address at a certain time to various entities based on sketchy circumstantial evidence. If you go through a VPN then anyone trying to track back the IP address has to go through the VPN provider first—who probably doesn't keep such detailed access logs, and may well be in a completely different jurisdiction—before they can even begin to approach your local ISP. You certainly shouldn't rely on it exclusively, but it's an important part of defense-in-depth.
I download music, movie, tv, etc files via torrent using my Canadian IP address and I have never seen anything more than an email from my ISP saying essentially "so and so company thinks you downloaded their material, don't do that ok?".
Is the general public so afraid of getting the odd email that paying $5/$10 month to make them disappear is a good deal for them?
Why wouldn't people just use TOR for free? It was extremely fast the last I checked.
tor begs you not to use their service for torrenting. it would also be a lot slower than a VPN
i use a VPN (to Montreal since it supports port forwarding) because i work from home and i don't want my IP that VPNs to work for a major company also being part of a torrent swarm.
I'll live without a VPN as long as it is crazy expensive to find one fast enough to not throttle my connection (so 1gbps) with unlimited data and support for encryption at a level that is okayish secure yet still fast enough to not kill my server or router. I've tried a few that said they could deliver, but none of them could. I have no interest in paying my ISP for bandwidth and then strangle it with a VPN.
<snark>"This is why we built the Firefox Private Network VPN Network which you can use with your Personal PIN Identification Number! Please get some cash out at the Automatic ATM Machine and donate today!"
Naming things: one of the truly hard things in computer science... (But come on, you don't have to fail _that_ hard Mozilla, surely?)
I don't use a VPN as I'm pretty sure my traffic identifies me once it pops out the other end. But I do tunnel DNS with a server I trust so that my ISP only ends up seeing encrypted traffic (DNS over ssh, and HTTPS). I don't do DoH because there are only a few providers and so those are hotspots for espionage.
Who is the target market for this in the markets it actually operates (US)?
The only people I know that uses VPNs do so to download torrents and evade DMCA notices. And in that case it only really works if the VPN provider is itself located outside of US jurisdiction and collects little to no information about you the user.
I love Mozilla and Mullvad, but 5 simultaneous connections just isn't enough for me. I know they can't allow unlimited devices due to the potential for abuse, but is something like 20-30 connections so I can use it for all my devices/VMs isn't too much to ask for?
an alternative is also the https://librem.one/ services run by Purism. VPN, Email and more. All server and client code is at source.puri.sm and it's mostly only rebranded "standard tools".
After firefox introduced that megabar UI with no option to turn that off, I started considering switching back to chrome. It's very questionable if they still care about their users, and if that's the case, firefox has ZERO advantage over chrome.
Please take notes from Mullvad and give some basic transparency about the data centers and whether the servers are rented or owned and etc. Stuff like that goes a long way for people who are genuinely serious about privacy.
I currently run a wireguard vpn on digital ocean and it works really well.
What is the reason for developers to pay for this service when they can set one up in less than 5 minutes and automate the whole thing with user-init scripts.
What good is a VPN if you have to reveal all of your personally identifiable information to the vendor?
You're better off using Mullvad directly--it looks like they don't require you to fork over personal information to use their service.
Shameless plug: SatoshiVPN (https://satoshivpn.com) gives you access to your own private and anonymous VPN server with Outline pre-installed, no questions asked. Payments in Bitcoin only.
> What good is a VPN if you have to reveal all of your personally identifiable information to the vendor?
Because most peoples threat model doesn't include actors that can force a VPN provider to give up their data. They just use it because it's making it easier to not get data stolen in a coffee shop and watch US Netflix.
If you have two equally great user experiences and in one case you have to share your personal information, and in another you don't, which would you choose?
The one where the company behind has a good reputation and seems trustworthy. Like Mullvad where their real address, developers, history and open source projects are available on the website (https://mullvad.net/en/help/no-logging-data-policy/) and they have been around for a while without any scandals that I'm aware of.
If there's a new provider out with no name, company address, audits or history and tells me they are not sharing personal information I just have to take their word for it. So it's not much better than the alternative if I can't verify it.
Assuming Mozilla isn't compelled by law to share it's entire database of user information on a rolling basis without a warrant, I suspect (in the U.S.) it would be somewhat effective at shielding yourself from bulk metadata collection (government mass surveillance) of your online communications by obfuscating that metadata.
Compare this to your ISP and telecom providers. A subset of the larger providers willingly handed over the communication metadata of their users without warrant.
It's disheartening that Mozilla is continuing to actively avoid partnering with the Tor project for problems like this, despite the fact that the Tor project has contributed to Firefox for many years (mostly related to fingerprint resistance). I get that Mozilla needs to make money, but the fact that they still haven't made "private browsing mode" actually private by making it use Tor is a real shame.
I stopped using Firefox when they discontinued RSS support saying “it’s too hard and old and lame! Oh but here’s Pocket (tm) which costs money and has nothing at all to do with cutting RSS support”
It is a bit pricey compared to the competition (lots of VPNs out there that cost ~$3/month) but apparently Mullvad is the VPN provider for this offering, and they cost $5 a month because they are considered one of the 'best' VPNs in terms of privacy (for example, they will accept cash payments: https://en.wikipedia.org/wiki/Mullvad#Privacy ).
Price is in line with Mullvad which they are piggybacking off of. Nord has an iffy past and they advertise a lot(often exaggerated claims) which is a red flag for me.
"For example, over 70% of early Beta-testers say that the VPN helps them feel empowered, safe, and independent while being online."
What have these "feelings" got to do with anything? This is a measure of successful marketing and has nothing to do with the product or its efficacy.
Personally I use Windscribe and I really like it (I've used PIA & Mullvad in the past). I use it for watching US Netflix and to make it slightly less easy to track me on the net (I know there are many other ways). I also like the idea of not having my IP or the gov't spy on me _as easily_.
=== edit because I feel this comment is not substantive enough / engages with a strawman version of your comment ===
I understand you're talking about where those feelings come from -- ie, that the feelings are more useful information when backed by the reason for them. And you do provide some of that in your post (privacy, watching US Netflix). But those are things that any trustworthy VPN with US-based endpoints can provide, so they're not a unique selling point, which means your recommendation basically boils down to unsubstantiated feelings again, to which:
=== Original comment ===
I don't use a VPN and have no horse in this race, but surely you see the irony in:
> What have these "feelings" got to do with anything?
"unsubstantiated feelings" heh, that's a pretty ungenerous/rude way of putting it. Here's a better way: "Can you explain why you like Windscribe? You say you've used other providers, how is Windscribe different?" If you're not clear on something it's always best to ask for clarification before accusing the other party of fabrication or making "unsubstantiated" claims.
So why do I like Windscribe? Good question! I like the ease of use of windscribe clients compared to other VPN clients I've used, the fact that I can add many devices, and the fact that it has endpoints in lots of countries. I had trouble with both the PIA & Mullvad clients & configuration on my desktop and phone eventually. I don't require much, as you say VPN is a commodity product, I just want it to be easy to use & Windscribe is and they seem committed to adding features & fixing bugs. I also have met the team, they're local to me, and they seem trustworthy.
I'm not sure if you read TFA, but here's the context of what I highlighted:
> We started working with a small group of you and learned a lot. With the VPN in your hands, we confirmed some of our initial hypotheses and identified important priorities for the future. For example, over 70% of early Beta-testers say that the VPN helps them feel empowered, safe, and independent while being online.
"we confirmed some of our initial hypotheses and identified important priorities for the future ... Beta-testers say that the VPN helps them feel empowered, safe, and independent"
What type of initial hypotheses might have been confirmed by learning that people "feel empowered" by using a VPN? This is what I don't understand. Of course users motivated enough to try a beta VPN product like using VPNs–I'm not sure what insight that adds. Can you help me connect the dots here?
My feelings about a VPN provider based on personal experience is not beta testing that "proves" a product. Mozilla suggests here that these "feelings" prove "confirm their hypothesis" and put numbers next to the feelings, like 70%. I am questioning the relevancy of these numbers & it strikes me as pseudo-scientific to put these numbers in the intro as some sort of proof that their product has value. Throwing up meaningless numbers like this gives me the impression of smoke and mirrors/bullshit.
> "unsubstantiated feelings" heh, that's a pretty ungenerous/rude way of putting it.
Thank you for the feedback. It wasn't meant to be rude, but I see now how it can be interpreted that way (particularly with the unedited original comment below, which was intended to be... not rude, but let's say, harsher than I'm proud of, a few hours later). Text is hard -.-
Asking clarifying questions instead is a good suggestion. Your answers are good, too; if I'm ever in the vpn market, I'll put Windscribe on my shortlist to research more thoroughly.
> I'm not sure if you read TFA
I have not and do not currently intend to. I checked in with the comments because I was curious how it would be received. I replied to your comment because I was frustrated at what seemed to be hypocritical criticism. I still think your original comment is light on detail/justificatipn, so I'm happy my reply, however rude and imperfect, lead to your second comment, which is the type of thing I was hoping to find when I opened the thread :)
I think "feeling" safe is an important component of a product. Of course the product has to also be effective, but if it's effective and people still don't trust it, then they won't use it. A good example of a similar situation is in the US military where we had to do yearly chemical weapons training that involved putting on a gas mask in a room filled with tear gas. The gas masks were already proven to work, but one purpose of the training was to make sure people trusted their equipment to keep them safe, making it more likely for them to use it when needed.
I would counter that how safe people feel, and to what extent they have an expectation of privacy online will determine their behavior. The technical effectiveness of the product is one thing, but how users perceive it will determine whether it offers them any real benefit. These things do matter.
Remember Foucault's panopticon: If someone merely thinks they might be surveilled their behavior will change in profound ways. More concretely, if you think the government may be spying on your browsing habits, maybe there are sites you won't visit or comments you won't post or videos you won't watch. It's important not only that the product works, but that people feel it works so that they can behave more freely on the internet.
This is marketing copy. Criticizing it for being marketing copy is surely a little redundant. Besides, feelings matter. If the majority of VPN users felt that the security provided by the VPN was not worth the effort involved in using then that would indicate a failed product. Ignore that at your peril.
As a security person, I am somewhat baffled by the popularity of VPNs. I have no idea why anyone would use them for general internet usage, and I suspect the majority of VPN service users are misinformed about what they think they are gaining.
Any VPN subscribers want to fill me in? The only thing I can think of is hiding the source of pirated media being shared via bittorrent.
Because my government passed a legislation that forces all ISPs to collect all metadata and to store them and this information is accessible to be searched by multitude of government departments without a warrant.
I am, in principle against this policy. When it was proposed, I tried activism and letter writing and meeting with Senate staffers to try and fight it. I lost, it became law with bipartisan support from both major parties here. So now I use a VPN.
Biggest real usage I know of, and why people I know use VPNs, is piracy. I've never had my ISP send a letter about anything, but some people I know would get warnings pretty often. Some countries even make it a criminal matter. VPNs help reduce the risk.
And there are people who use it for more legal media consumption, like paying for a subscription-based service and the shows/movies they want to see are region locked.
Many ISPs in the US perform DPI, sell anonymized data to marketing companies, slowdown YouTube/Netflix when the backend pipes are congested, etc. If you want your ISP to provide you with a dumb pipe and not interfere with your traffic, a VPN is an easy solution.
In practice, you’re almost certainly not getting faster netflix or youtube by adding an extra VPN into the congestion path. There are some weird edge cases where particular peering agreements and anycast routing quirks leave some exceptions to that, but I highly doubt a non-negligible amount of users are actually seeing a consistent speed increase on a VPN, and the vast majority would definitely see a decrease. That VPN is doing more to interfere with traffic than an ISP is.
As for tracking you and selling your data, I trust my ISP to behave better in that regard than I do some shady VPN provider. And I don’t even trust my IP that much.
Because in the US at least, part of ISPs business model comes from deep packet inspection of customers websites, dns queries, habits and subsequent selling (or using) that data. If you have a trusted VPN you can prevent that data and privacy siphoning. "trusted" VPN company is a discussion for another time...
Sharing an IP address with a load of other people makes one more anonymous. I know there are lots of different ways of identifying someone online but it is a start. My ISP is also behind a CGNAT so I am also sharing that IP with loads of other people and also most ISPs don’t provide static IP addresses so you can’t rely on an that either but I guess I also trust my VPN provider to handle identifying data more than my ISP as I haven’t even given them my name (Mullvad)
Brendan Eich is the creator of JavaScript and was the CTO of Mozilla.
He is intelligent and works hard on open source. However,
he HAD opposed same sex marriage.
While he was CTO of Mozilla, no one cared. When he became CEO, there was a smear campaign to get rid of him.
I respect his contributions, but not his politics. He has the freedom to say what he believes - I still use Firefox. IMHO this was just an excuse to get ride of him as CEO.
Yeah, I never really understood all the animosity against Mozilla or Firefox around this.
IMO giving money toward homophobic causes is reprehensible, and Eich sounds like someone I wouldn't want to be friends with or work with, but he is not Mozilla and Mozilla is not him.
> He has the freedom to say what he believes ... IMHO this was just an excuse to get [rid] of him as CEO.
I support the right of employees to hold their executives to high standards, even (especially?) when those standards aren't directly related to the work they do. It was a messy situation and perhaps not handled perfectly, but I don't see anything wrong with the end result being his resignation. Yes, the timing was suspicious (I would have been uncomfortable reporting to him "even" as a CTO), but I would argue more along the lines of "took you long enough" instead of "why is this suddenly an issue now?"
> ... but not his politics
I really dislike seeing things like this phrased as "politics". Treating other people with respect and giving them equal rights isn't politics, it's basic human decency. I hope in 50 years we look back at this time period and are appalled at how we treated our fellow humans.
The parent is transparently concern trolling so it's not worth engaging with, but to answer your question it's important to remember that VPN providers have access to all of your traffic. Even if you use HTTPS and other encrypted standards you can probably infer a lot of personal information about a user by just monitoring when and where they connect to.
It's even arguably a bit worse than an ISP because any given internet connection may be shared across many users, and users often move between several connections managed by different entities. VPN on the other hand are generally personal and keeps tracking you regardless of whether you use your home connection, mobile data or a free WiFi connection.
I know this, I only asked because Mozilla, like most other VPN providers, promise not to snoop on your traffic, so OP's concern boils down to "but what if they're lying?", and you could ask that about virtually any service.
> Why the hell would anyone trust mozilla.org while they work tirelessly to make money?
In what fantasy world do you live where hosting services and building products costs zero dollars? Not sure how Mozilla could operate at all without making money.
* sites can already do the same thing with javascript. this simply standardizes it, AND makes it easier to block (since it's a different request type rather than being lumped with other xhr).
You cannot connect to the internet without an IP address. However, ZudVPN servers are disposable. This means that you can always destroy the server and create another VPN with completely new IP address that is assigned by cloud providers.
I won't be switching to this. I've been paying €4.99 monthly for Blokada VPN on Android. It's pretty reliable and offers ad blocking as well. Also supports up to 5 devices.
It's a rebranding of Mullvad. I'm happy with Mullvad itself, and while I think Firefox is the most important browser I'm not very happy about Mozilla arguably destroying its brand and seemingly pivoting away from maintaining it. I'd directly pay for the development of FF, but not Mozilla's "btw, we now sell $completely_unrelated_product_without_even_an_ethical_business_model".
They seem to be relatively safe from forking though, because apparently the code base is too much of a mess. Yay.
The Mozilla Foundation annual financial statement include its subsidiary Mozilla Corporation. And most of the Foundation's expenditure is staff costs, for the Firefox project.
If that doesn't satisfy you, note that targetted donations are also a thing.
Unless everyone does targeted donations, it's pointless. It's like adding water to one end of a pool and expecting the water level at only that end to rise. If only a small percentage of donators ear mark their donation to Project A, then the less money will come out of the general fund for Project A and more from the general fund will go to Project B. The money you just donated didn't increase the budget for Project A, instead the organization just increased the budget for project B.
In other words, targeted donations are not a targeted budget increase.
> Also, your complaint about an ethical business model seems unfounded, especially in this instance.
I have no concern about the VPN service itself since it's Mullvad which I like, but the devaluation of the branding (which I consider a long term problem).
Look at stuff like Firefox Send and Pocket. The latter is proprietary (holy shit, how is that ethical?) and the former bugs you with in-page pop-ups to get an account when you try to change the settings that looks either very stupid or malicious (and they invested a lot of money). I thought it was a bug at first.
They may sound like specific petty issues, but I consider them symptoms of a gigantic systemic problem.
I am aware of Mozilla's financial struggle, but don't think this is a good way to solve it, or much of a viable one at all. I fear it will completely dilute the Firefox brand, lose core user's trust (what they have left, anyway) and result in barely any revenue. It may well result in the permanent ruin of the Firefox (the browser) project, especially since it appears to be 100% dependent on Mozilla because of its high entry barrier.
I do see the idea behind the pivot I think, which is banking on the rising popularity of privacy, but honestly I don't think they even have much of a good reputation on that front. The wide public doesn't know ("Mozilla is like Google, right?") and the techies have been burned too often. Neither do they explain much in their surprisingly widely deployed phsyical ads (how much did that cost?).
