It's all very well saying a VPN services keep your communications secure, encrypted and away from the prying eyes of your ISP - but why would you trust a VPN provider more than an ISP?
These consumer-oriented VPN services marketing to bittorrent users seem kind of sketchy to me.
I trust a VPN provider more than a ISP. The reason is pretty simple, I trust a random company more than a 30-200 year old telecommunication company which has strong ties to government and content delivery networks.
How many VPN's companies has deals with content networks? How many ISP has a content network deal?
How many VPN's has has a past of cooperative with government surveillance? How many ISP has cooperated with police and government secret police?
How many VPN's has lobbyist in government. How many ISP's has lobbyists in government?
An ISP has all the reasons to snoop at the traffic of their users, and they commonly do. Their core product is advertised as an service that provides Internet connectivity. Their core product is thus not effected by much if they get caught snooping on their users. A VPN has few reasons to snoop (QoS is the major exception), and their core product is to provide privacy. If they are caught snooping, their core service of providing privacy suffers.
Thus, yes. I trust more a VPN provider than an ISP.
I think another reason to trust a VPN provider is that it's their reason to exist. If people find out that they're not really protecting their customers' privacy, they'll lose all their customers.
ISPs, on the other hand, provide a different service and privacy is merely an additional consideration. It's not their main reason to exist.
Not even that. Look into CALEA - a law which, summarized briefly, requires that ISP gear have backdoors for law enforcement packet capture.
There's a reason you don't see anonymous ISP's around in the USA; the laws as written explicitly prevent them from existing in any meaningful capacity.
> If people find out that they're not really protecting their customers' privacy, they'll lose all their customers.
Yeah, but given the lack of history, openness, and reputation a lot of the VPN providers have, it seems to me that a provider could just "pick up and move": start a new company with a new name and new IPs and what not, and just do it all over again.
Not to mention that there is also a pretty big incentive to sell out your users. Probably a high percentage of shady business that the entertainment industry normally can't get a hold off legally.
"but why would you trust a VPN provider more than an ISP?"
You probably shouldn't. There are most likely laws against your ISP from listening in on your traffic, not for your VPN. If the government wants to listen in it doesn't matter, your VPN service is forced to cooperate anyway so you haven't gained anything.
If I'd use a VPN I'd make sure to use one that is in another country, probably making it a bit harder to connect the VPN and ISP to you that way - but hardly bulletproof.
The VPN account is directly tied to you by your payment details. Also most VPN services that claim to "not keep any logs whatsoever" are just a 3 page website with not much information. Maybe that's safer since they are low profile, or maybe it isn't? I honestly have no idea and I wish I did.
It feels like your just trusting some random person to not mess with you.
- you can buy them to your name, and then after a few transfers/transactions it would take the collaboration of an army of disparate users worldwide to determine where did the coins come from
- #bitcoin-otc in freenode
Although I do agree that's not easy to grasp for outsiders. It takes some time to get familiar with the best options. There's no way in hell they can connect your id with your coins (or a subset of it you keep for stuff like this) if you are moderately careful. Even satoshi-dice does the trick.
> you can buy them to your name, and then after a few transfers/transactions it would take the collaboration of an army of disparate users worldwide to determine where did the coins come from
Sounds exactly like money laundering to me, even if there isn't malicious intent. I'm genuinely surprised the government hasn't done much to try killing off bitcoin, even with it being (relatively speaking) a tiny fringe movement.
I thought anonimity was a big point of bitcoin, I'm a little stunned. So you're saying if I buy bitcoins off Mt Grox or somewhere else, each coin contains some data linking back to me?
The way you track down someone using Bitcoin is complicated. Let me explain the way the Bitcoin network works.
Conventional banking assigns each new identity that enters through the door an account, to access that account you prove your identity. All transactions are kept confidential and in-house.
Bitcoin works by giving everyone an account and forgoing any identification. If you own the private key to the account you are the account holder. Next, all transactions are publicized. Since no one has ID information tied to their Bitcoin wallet, it doesn't matter if transactions are publicized.
Now here is how you get found out. If you use a service such as Mt. Gox which requires you to tie your identification to your Mt. Gox account, any bitcoins you send from Mt. Gox can be traced. So, when you corrupt bitcoins by using a site that has id on you, you lose your anonymity.
Yes that or cash in the mail might be reasonable options for paying.
I guess my problem is more that you are trusting an overall unknown entity with your real ip, which is only one step away from your real info for someone who is able to compel that information from the VPN provider in the first place.
In e.g. Sweden, VPN's are not covered by the EU Data Retention Directive. ISP's are. Ie. they're not required by law to log more than what they need to bill you accurately. And of course you can pay for a VPN with bitcoin or prepaid credit cards.
Of course, your VPN can still _choose_ to log your IP address (e.g. if they're acting as a honeypot), so at some point you have to trust someone (perhaps by looking at whether there have been news reports of that VPN handing over data to other entities, ie. don't use HideMyAss).
How would that help? Tracker leads back to IP of your VM instance. Although your VM instance doesn't keep VPN logs, the VM provider would happily cough up your Name/Address/PaymentHistory in response to a court order. They wouldn't need to know your home IP address.
These consumer-oriented VPN services marketing to bittorrent users seem kind of sketchy to me.