There are reasons why a VPN is great but not for privacy. A VPN is currently allowing me to work remotely would be one of them.
CiPHPerCoder provided a great link[0] in this discussion [1] that details a short list of a few reasons why VPN's are likely not what "regular people" who are concerned for privacy should be using.
that all being said, tools like tor have become much easier to use with setups like tails [2] which may have its own security issues but I'll agree that regular users may not be capable of using Qubes with Whonix.....yet
I think advocating for a VPN is actually harmful to the "regular user" not only in the fact it will not accomplish what they want, it will deepen their ignorance on how the internet works because they will think "its encrypted" "so I am secure."
I do have some concerns that tor is a tool that needs to be improved upon greatly to truly accomplish its goals but I am not aware of any projects that are doing so. Re metadata, fingerprinting, developers inserting backdoors etc.
> I do have some concerns that tor is a tool that needs to be improved upon greatly to truly accomplish its goals but I am not aware of any projects that are doing so. Re metadata, fingerprinting, developers inserting backdoors etc.
I always try to tell people about Tor's limitations, which are considerable. (I wrote the content for the EFF graphic that was linked above, and one goal was to show people things that aren't hidden by Tor — for example you can see an NSA agent in the graphic performing some kind of correlation attack between source and destination by monitoring the network at multiple points. Of course, the source of data for this doesn't have to be fiber optic taps, so other entities that can get source and destination data can correlate them too.)
Tor is doing work on all of the things that you mention: metadata, fingerprinting, and developers inserting backdoors. One could wish for more work and that it had happened longer ago, but all of those are active areas of concern and research for the Tor project.
>I wrote the content for the EFF graphic that was linked above
Thank you! I constantly share that link with people, I (and many others) appreciate your work!
I regret not going into software development, I wish those are projects I could contribute to, alas my closest work towards development is tinkering with linux etc .conf files to get home projects to work, which is not development at all.
CiPHPerCoder provided a great link[0] in this discussion [1] that details a short list of a few reasons why VPN's are likely not what "regular people" who are concerned for privacy should be using.
that all being said, tools like tor have become much easier to use with setups like tails [2] which may have its own security issues but I'll agree that regular users may not be capable of using Qubes with Whonix.....yet
I think advocating for a VPN is actually harmful to the "regular user" not only in the fact it will not accomplish what they want, it will deepen their ignorance on how the internet works because they will think "its encrypted" "so I am secure."
I do have some concerns that tor is a tool that needs to be improved upon greatly to truly accomplish its goals but I am not aware of any projects that are doing so. Re metadata, fingerprinting, developers inserting backdoors etc.
[0] https://gist.github.com/joepie91/5a9909939e6ce7d09e29 [1] https://news.ycombinator.com/item?id=15585974 [2] https://tails.boum.org/
[edit:added concerns about tor]