← Back to context

Comment by pilif

4 years ago

if only there was any proof of this actually being the case and there not being some "accidental" debug log enabled, or some other network level component having "accidental" access to the keys.

There's just no good answer to perfect trust-no-one private internet access.

If you need to hide all of your traffic from other users in your local network, you can accomplish that in a trust-no-one fashion by running your own VPN endpoint on a server you control which provides better privacy guarantees compared to a centralised commercial VPN whose business model will eventually involve selling your data (once user growth stops but shareholders demand continued revenue growth).

But if you need to hide your traffic from anybody but your peer on the internet and you need to hide the fact that you talked to that peer, then, I'm afraid, your out of luck.

28 comments

pilif

Reply
dtx1  4 years ago

> If you need to hide all of your traffic from other users in your local network, you can accomplish that in a trust-no-one fashion by running your own VPN endpoint on a server you control which provides better privacy guarantees compared to a centralised commercial VPN whose business model will eventually involve selling your data (once user growth stops but shareholders demand continued revenue growth).

Well not really. There was a great (german) interview with the perfect privacy founders recently [1]. They seem to be decent guys with close ties to the Chaos Computer Club and I strongly suspect they wouldn't want to work like that.

[1] https://www.youtube.com/watch?v=VMr0gJvI-6I

> But if you need to hide your traffic from anybody but your peer on the internet and you need to hide the fact that you talked to that peer, then, I'm afraid, your out of luck.

Nah, that one is easy just use an anonymous sim card or an open wifi and your good to go.

Honestly these discussions often feel pretty asinine to me. I personally use paid VPNs to pirate to my hearts content, work around my ISPs terrible networking and a little bit of geo-unblocking. Of course you can't use these services to protect yourself from three letter agency type surveillance or equally powerful threat actors but if they are "private" enough to block the music industry and their lawyers from suing you that's a pretty high standard of privacy, certainly more than any ISP alone gives you!

  • jack_pp  4 years ago

    Do you actually pirate music or did you give it as a general example? I feel no need to pirate music today with all the music streaming services especially since I can find all the music I want on all the streaming services which is a world of difference compared to the video streaming services

    • dtx1  4 years ago

      I stopped pirating music a while ago when spotify became better than what the trackers i was on delivered. That being said, i have recently started looking into it again since spotify is dragging their asses on high quality streaming and their app support on linux started to annoy me. The alternative streaming services barely support linux at all so they aren't really an alternative for me. But you are right it's mostly tv-shows and movies, a few books here and there. It seems I've basically missed the golden age of netflix (or there never was one in germany with their shitty catalog) and stayed on private trackers until now. I suspect it won't change any time soon either with all the fragmentation going on and i absolutely refuse to deal with their stupid DRM measures.

      3 replies →

burnaway  4 years ago

>> If you need to hide all of your traffic from other users in your local network, you can accomplish that in a trust-no-one fashion by running your own VPN endpoint on a server you control which provides better privacy guarantees compared to a centralised commercial VPN whose business model will eventually involve selling your data (once user growth stops but shareholders demand continued revenue growth).

the privacy protection for most people using VPNs is required against their ISP and other actors looking to analyse their traffic, not users on the local network. a commercial VPN will be better for privacy due to the crowding effects, ie. large number of users sharing the same IP and protects against correlation attacks - it's much easier to trace the activities on your own VPN endpoint back to you. of course you need to trust the operators, which is as different question.

  • Terry_Roll  4 years ago

    >ie. large number of users sharing the same IP and protects against correlation attacks

    Depending on where you are based in the world (see https://www.submarinecablemap.com) realtime throttling of vpn traffic can still identify a user and where they are going in some cases.

    You can get a degree of privacy from visiting websites located on servers in big data centres, but nothing a search warrant couldnt find out retrospectively.

    Just traceroute your journey inside a vpn to see where abouts you are going when connecting to a webserver anywhere in the world and workout the physical route you are travelling on the cable map.

    Obviously the number of languages you speak also restricts where in the world you will be going online to a point and timezones can also make you stand out like a sore thumb if you visit a website when the locals generally arent.

    I've identified (US) websites which can workout what DNS server you are using, so in my case, based in the UK if I swap from using a UK ISP dns to using another dns like quad9 in Germany, the (US) websites alter the content you can see, just on that single DNS server change.

    There is no privacy!

    • npteljes  4 years ago

      >There is no privacy!

      I think this is a good message. In the same vein, there's no security either. All you can do is make your and your adversaries' life harder, and balance the different tradeoffs.

      3 replies →

minerva23  4 years ago

Is no-trust ever possible? I thought people create their threat models and verify they can trust those they have to trust.

  • zeepzeep  4 years ago

    > people create their threat models and verify they can trust those they have to trust

    What kind of people?

    How do you verify you can trust some company?

    • minerva23  4 years ago

      Everyone does it informally to varying degrees for varying problems (often times subconsciously). E.g. "What do I know about this person? Can I trust them around my kids?"

      You verify trustworthiness by research. Who is involved? Do I trust anyone who trusts them? What are their motivations? What would cause them to take action against me? What causes them to protect my interests? What laws are they subjected to (i.e. who can coerce them)? What do they say for themselves? Where do their words fall on the credibility to BS scale? What is their reputation in the community? What do their competitors/adversaries say? What would cause their behavior to change?

      I won't enumerate all my research on Mullvad. I can say Mozilla attaching their brand to Mullvad's services helped me a lot (trust by proxy). I'll also say that some of their product decisions give credibility to their anonymity claims. Lastly, I found someone who shared a competitive analysis across many providers. I found the analysis trustworthy. Mullvad has some weak points, but was still the best provider for my particular use case.

WithinReason  4 years ago

Wouldn't the ownership of the server be easy to trace back to you?

PIA has been promising a fully audited and verifiable infrastructure in the future:

https://www.privateinternetaccess.com/blog/dont-trust-verify...

  • pilif  4 years ago

    >Wouldn't the ownership of the server be easy to trace back to you?

    yes. Which is why I said that this helps to shield your traffic from other people in your current local network (think: coffee-shop) which is one use-case of a VPN.

    If you need to protect your traffic from anybody but your peer (another potential use-case of a VPN if this were possible) and you even want to hide the fact that you were talking to that peer, then you're out of luck. Period.

    • wintermutestwin  4 years ago

      You are ignoring the use case of protecting my data from my ISP, who is a known bad actor that wants to sell my data and had the power to strongarm my government into legalizing that data theft.

zeepzeep  4 years ago

> There's just no good answer to perfect trust-no-one private internet access.

What about Tor?

  • mateuszf  4 years ago

    I think that if enough exit nodes would be owned by let's say government agencies they would be able to correlate requested domains with actual requester IP.

  • dharmab  4 years ago

    In addition to the traffic analysis mentioned in another reply, there are ways data can be leaked from Tor. One example from the crime documentary "Hunting Warhead": a white hat hacker managed to locate a darknet server running a forum software by setting his avatar image to a file hosted on a domain he controlled. The forum software retrieved the age via a regular internet route, exposing the actual host IP.

    For maximum privacy, Tor should be used with software designed for Tor from the start.