It's sad we needed this before and sadder we need it now.
this post was submitted on 13 Mar 2025
29 points (100.0% liked)
Furry Technologists
1603 readers
1 users here now
Science, Technology, and pawbs
founded 2 years ago
MODERATORS
I read the article rather than watching the video. I noticed there seems to be quite a bit of (accidentally) duplicated text
There's a good chunk of this I'd disagree with, too. Suggesting the use of any Google service or product to someone concerned about privacy is absolutely bewildering to me.
Bitwarden is far and away the best password manager and recommending anything other than Bitwarden isn't great, really. Password managers are a bit like VPNs, lots of junk and big promises without much proof of anything, except Bitwarden is fully open source.
I think going into self-hosting is a bit self-indulgent and, honestly, not really appropriate for the intended audience. Self-hosting is a great choice for someone like the author, but for someone who is new to it, they're way more likely to misconfigure something and leave a major security hole.
The article seems to take the stance of "thinking about using a commercial VPN? Just use TOR!". But in my experience, TOR is glacially slow, and it's also not suitable for ordinary browsing because of how widely-blocked the exit nodes are. The article at least acknowledges the blocking problem, but for an article which focuses on tradeoffs, it doesn't acknowledge that there's a valid trade-off between TOR and a commercial VPN. A commercial VPN is faster and less blocked than TOR, but there is still an entity with direct knowledge of your browsing (the VPN company itself), there is more vulnerability to correlation (the VPN doesn't [and probably can't] change your exit node for each website, like the TOR browser would), and a commercial VPN is an expense. You don't have to jump all the way from "no-one can know which website I'm browsing" to "anyone tapping any leg of my connection can know which website I'm browsing" just because the website blocks TOR exit nodes.
For reference: I have a commercial VPN subscription, which I have connected for my daily browsing -- in large part to reduce the cognitive load of "what if X party knew I was visiting Y website" for every website I visit. I also have the TOR browser installed, and use it occasionally -- for when I'm concerned about the outcome of "what if the VPN company is breached/subpoenaed/sells my data/etc.". I don't put any stake in the ubiquitous "no logs" claims of VPN companies, since it's completely unverifiable.
I do at least appreciate the article acknowledging the grossly misleading advertising of nearly every VPN company. They advertise their product as solving problems which are solved by HTTPS and not solved by VPNs
It took me an entire year to realize your reply was also a link to an argument. I thought you were just stating your conclusion without bothering to explain, and was more than a little irritated. Sorry.
The main thesis of the linked article is that a VPN is a glorified proxy, but that's what I've always viewed commercial VPNs as -- proxy-as-a-service. The word "proxy" hadn't been at the forefront of my mind but it was the same mental model. And that's the only reason I've used (and still use) them. And that is consistent with the statements in my original reply. I can look at companies that advertise themselves as proxy services to see if I can get a better deal, but my current VPN plan comes with my current cloud storage plan, so unless I change that (which I am considering), it doesn't save me any money to switch.