[toyg]

The truth is that authorities the world over have finally caught up with the internet. Look at it this way: they already had pretty extensive powers to monitor telephone calls and correspondence; then the internet came about, and slowly made them blind.

Until a few years ago, they compensated by treating the internet as a free-for-all where they could spy at will; as people fought back and started to demand accountability and limits, they responded with a legislative backlash that is slowly making gains everywhere. The most authoritarian-inclined states (UK, France, Italy) have passed the worst laws, but others are busy following suit.

It's an ideological battle, and they are winning it. One day we will look back at the Chinese firewall as a pioneering effort.

[Quarrelsome]

> The truth is that authorities the world over have finally caught up with the internet.

This isn't true they misunderstand it. They're trying to force it into their centralised, controllable world-view. They haven't yet figured out that this doesn't work with a decentralised system where its trivial for people to hop on and off the network irrespective of geography and borders.

This is hardly a battle they can win, the outcome is just that the average citizen is watched and those with knowledge of the internet circumvent the snooping. This will slowly chug along until someone leaks or gains a copy of the data, shares it online, ruins a bunch of lives, prompts public outcry and then they inevitably scrap it.

[napworth]

I've been wondering, do we have any idea on what type of data they'll be recording now?

- Is it domain names, or subdomain names?

- How do they get the domain names? Do they look at IP addresses I'm connected to and do a lookup?

- If I use a VPN, will all my traffic come up as that VPN?

- How will they link an internet connection to a person? Will it be done on the name they used when they signed up, their house address, or their billing details?

[sir-alien]

When using a VPN (IPsec, OpenVPN, etc - something secure) then all the ISP will see is that you connected to your VPN IP and how much data volume was transferred.

Since the traffic exits at the VPN only the VPN endpoint would be able to read this meta data if they did such a thing which is not impossible but not normal. The worst case scenario is that your encrypted traffic is recorded for a while then they come knocking on the door for the encryption key. Alternatively if the international VPN provider is of the cooperating kind then they can log this data on behalf of your government. So use a foreign VPN provider that stands up for rights or use a dedicated server in a foreign country.

I have always wondered if this could be avoided though by using some form of rotating keys that you throw away or perfect-forward-secrecy if this works.

[napworth]

Do you have a suggestion for a paid VPN service?

[christoph]

https://gist.github.com/joepie91/5a9909939e6ce7d09e29

But if you must: https://thatoneprivacysite.net/

[UniversalBlue]

This article [1] is so stupid I want my seconds back.

The matter in question is: who do you trust more? Your ISP or the VPN provider? The default should be that you don't trust your ISP, especially if you are in the UK. Hence, trusting a VPN provider is the lesser of two evils.

Will that protect your child-pornography-viewing? If you use Qubes OS, where you have a VPN on the host, then you use Whonix in a VM, where you use tor, then you are probably safe.

Are you a terrorist planning to destroy America? You are probably our of luck, but for the truly paranoid it could be achieved.

My advice: it is better to trust VPN providers in other countries than your own, just select decently (aka, not Hide my Ass). NEVER trust your ISP!

[1] https://gist.github.com/joepie91/5a9909939e6ce7d09e29

[UniversalBlue]

Cryptostorm or VikingVPN.

[ionised]

Mullvad

[legatus]

Could you please elaborate why Italy has one of the worst laws? Never read about it.

[toyg]

The public-wifi law recently amended, the anti-blogging laws, the leeway given to authorities to run riot over a datacentre if even just one account comes under suspicion, the cozy relationship with Hacking Team... all datapoints confirming an overall view of the internet as something to be curtailed and intercepted.