Hacker News new | past | comments | ask | show | jobs | submit login

I think it's prudent to assume (even if not accurate in every case) that any VPN provider that reaches PIA scale has already been compromised by the relevant State Actor working its jurisdiction.

It's the tragedy of success in the privacy industry.




Except for the fact that PIA has been subpoenaed by the FBI and state police multiple times and PIA could give them dick all. Yes, their servers could be compromised illicitly, but if the NSA or GCHQ is willing to go to that much trouble just to monitor you, you have bigger problems.


>[...] but if the NSA or GCHQ is willing to go to that much trouble just to monitor you, you have bigger problems.

This type of argument contains the assumption that it would be too much trouble for them/not worth it to monitor an affluent anarchist or semi- anti-authortitarian with an above-average IQ.

We've seen that A) their resources are as virtually unlimited as their paranoia B) tech developments have driven down the cost of sophisticated surveilance strategies C) xkeyscore and all of the other releases is confirmation.

This type of argument does us all a disservice by subtly shaming those who care about state-surveilance of private (and peaceful) citizens who value their privacy and/or who exercise their right to actively participate in progressive movements that challenge the establishment.


It also embeds an assumption that someone is targeting you instead of people like you. Compromising the servers of a VPN provider makes plenty of sense in the service of full-take or person-of-interest collection.

We've already seen that the NSA actively targets people searching for privacy tools (e.g. Tails, Tor). The act of using a VPN is mildly interest-provoking, so it's far from crazy to suspect that someone might try to scrape everything happening there in case some of it is interesting.


PIA might actually log everything and send to the FBI as a regular part of their operation, hell, they might even be funded by the FBI and you would never know.

You should not trust what people tell you over the internet.


>"Except for the fact that PIA has been subpoenaed by the FBI and state police multiple times and PIA could give them dick all."

How is/was this claim substantiated?


They say theres nothing to give, but how do you really know for sure?


If they have your data but won't give it to the authorities, the result is the same, isn't it? Unless you're suggesting the authorities aren't fooled, and will pry it out of them? That hasn't been the case so far.


They're asking how do you know they didn't hand the data over but just publicly say they didn't? Or that they agreed to give it to the FBI if the FBI would treat it as a confidential source.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: