Came across this controversial link where someone says that a VPS would be more secure than a VPN provider. From my understanding:

-Wouldn’t the VPS provider just see everything instead of a VPN provider? -Wouldn’t fingerprinting be straightforward, even if you use a hardened browser, since you have a single IP traceable directly to only one user?

ytcombinator doesn’t seem to take it seriously but I’m curious to hear what you all think about it.

  • Mikelius@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I would argue a VPS is less secure than a trusted provider. Of course, the definition of what’s trustworthy is up to each person. The reason I say it’s less secure is for 2 reasons:

    1. As you stated, the VPS provider sees everything. They also have direct access to the box themselves. Trusting them is just the same as asking to trust a VPN provider, the only difference being that a VPS provider will ask for personal information where a good VPN provider won’t (i.e. Mullvad)
    2. You’re a part of the security of the device. If you’re not 100% familiar with exactly what you’re doing to secure the VPS, you’re likely exposing yourself in some way to bad actors. I also say you’re “part” of it because you also have the dependency of the VPS provider being secure so someone can’t compromise your machine.

    The belief that a VPN provider doesn’t help privacy is a myth. But it’s true that you can’t depend on the VPN being your only solution to privacy. There are more steps you must take beyond just a VPN, but it’s definitely a required step if you want to be truly private. As an analogy: if people said “drinking water won’t make you healthy” that’s not true… But it’s also only a part of what you need to be healthy and the statement’s only true if you ignore the other things you need.

    Further on the privacy front for my personal opinion: I don’t think there’s a such thing as a trustworthy ISP with personal data since they definitely track everything you access and probably sell that data, but there are a few trustworthy VPNs who likely don’t do this. I’d rather take the risk in a VPN provider that is probably not doing what ISPs do, also allowing me to further enhance my anonymity online.

    For me, I’ve been using Mullvad for about maybe 5 years now, along with a ton of other things I’ve setup for privacy. Haven’t seen a targeted ad in nearly that amount of time, websites always think I’m located somewhere else, and any data breaches I’ve been a part of where IP addresses are in the data are of no concern to me.

    Be sure to also look into geo tracking. If the device you’re using is wireless, chances are Google and such can get your exact location if you’re exposing your browser or software to geo tracking on the web, or if you don’t spoof your Mac addresses. How they do this: the Google maps vehicle that drives around collects the locations of wireless devices and their Mac addresses, so that when you have geo enabled, they can pinpoint you down to a very close lat/long coordinate.

    • sandblast@lemmy.oneOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      This is my personal takeaway as well. The article seems to insinuate that because VPNs by themselves don’t do anything meaningful for privacy, they’re useless. It seems defeatist, since one could take measures to mitigate fingerprinting. But like you said they’re only one of the important parts of maintaining privacy.

      I am not more technically proficient than the average user. I have little experience in hosting anything, let alone hosting something that will tunnel all of my internet usage. I’d rather put my faith in my current provider to take the proper precautions and put more effort into things I feel comfortable with. It seems better to me than trusting an unknown VPS provider, my own skill and/or my awful ISP.

  • aksdb@feddit.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I think both protect from different threat vectors.

    A VPN provider can anonymize you but you have to trust them to not use the backchannel in any way (and of course to not actually log everything you do).

    Hosting your own VPN isn’t anonymous anymore, since the final connection still leads back to you. But it can properly shield you from untrusted public networks and you can be sure, that you are private, since you are in your own network then.

    • duckjjj@feddit.it
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      These days I was thinking about what you just wrote. I use iOS as mobile and Mullvad vpn. But few days ago I just log out and started to use just Nextdns and orbot for surfing in site like Amazon. My question as been: is it useful to use a vpn in Apple ecosystem in which they know my identity?

      What do you think about that? Using https connections (no vpn but just nextdns) make my surfing less vulnerable from isp eyes?

      Thank you

    • sandblast@lemmy.oneOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      I just don’t want to be tracked and profiled, especially for ads. I only sign into accounts with personal information for absolute necessities and browse websites without accounts. Plus my ISP openly tracks and sells history to third parties. It’s not viable for me to use tor for daily usage.

      • constantokra@lemmy.one
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Yeah, this trust shift argument doesn’t work the way people think it does. A VPN does just shift trust from your ISP… and your ISP is known to sell your data. And you’re paying the VPN provider not to do that. And most of them are audited. And they’ll stop making money if people find out they’re selling the data.

  • ᴅᴜᴋᴇᴛʜᴏʀɪᴏɴ@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    A VPS might be more secure, if you know what you’re doing. I use a VPS as a VPN to keep my ISP out of my traffic. Privacy is out the window though, because I have a static IP.