The phrase in the title is a common trope that comes up when VPN services are discussed. While this statement is technically correct, it can be misleading, as it implies that all providers handle law enforcement requests and prepare for worst case scenarios similarly, so their conduct cannot be a differentiating factor when you evaluate them.
It is something to always take into consideration and not forget.
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.96K Posts
- 74.6K Comments
- Modlog
I would put Mullvad and IVPN up there as the two VPNs I’d trust most to do things right, but I still agree with everything you’ve said.
I’d put cryptostorm up there too
deleted by creator
After the changes to their TOS I lost any trust I had in Proton
See the last points in the article: run by activists, and would rather shut down than cooperate with law enforcement.
I don’t know if proton is run by activists, but I do know they’ve cooperated with law enforcement by inserting code to log user requests when coming from a specific user. Plenty of articles about the court case, and it’s also why they did away with their no-log policy.
Also, are their logins token based or username based and connected to the protonmail account?
deleted by creator
deleted by creator
Sure here’s the correction, and why I’d never trust them with anything sensitive.
They had a no-log policy, and all mail is PGP encrypted on their servers and proton to proton is encrypted in transit and at rest (it doesn’t travel), decrypted only client-side in the browser or with proton bridge, with your account password acting as the PGP key password.
They could have designed the system so they couldn’t be forced to add that backdoor, or at least automatically notified all users when an unauthorized change was detected, or they could have shutdown, or they could have revoked their warrant canary, but instead they were caught when the court case came to light and they were caught with their pants down, and revoked their no-log policy. https://arstechnica.com/information-technology/2021/09/privacy-focused-protonmail-provided-a-users-ip-address-to-authorities/
That’s why I asked if the proton VPN is token-based and completely disconnected from the proton email account, or if they’re the same login. If the latter, it’s trivial to request the IP address of email account xxx@proton.me