[sir-alien]

When using a VPN (IPsec, OpenVPN, etc - something secure) then all the ISP will see is that you connected to your VPN IP and how much data volume was transferred.

Since the traffic exits at the VPN only the VPN endpoint would be able to read this meta data if they did such a thing which is not impossible but not normal. The worst case scenario is that your encrypted traffic is recorded for a while then they come knocking on the door for the encryption key. Alternatively if the international VPN provider is of the cooperating kind then they can log this data on behalf of your government. So use a foreign VPN provider that stands up for rights or use a dedicated server in a foreign country.

I have always wondered if this could be avoided though by using some form of rotating keys that you throw away or perfect-forward-secrecy if this works.

[napworth]

Do you have a suggestion for a paid VPN service?

[christoph]

https://gist.github.com/joepie91/5a9909939e6ce7d09e29

But if you must: https://thatoneprivacysite.net/

[UniversalBlue]

This article [1] is so stupid I want my seconds back.

The matter in question is: who do you trust more? Your ISP or the VPN provider? The default should be that you don't trust your ISP, especially if you are in the UK. Hence, trusting a VPN provider is the lesser of two evils.

Will that protect your child-pornography-viewing? If you use Qubes OS, where you have a VPN on the host, then you use Whonix in a VM, where you use tor, then you are probably safe.

Are you a terrorist planning to destroy America? You are probably our of luck, but for the truly paranoid it could be achieved.

My advice: it is better to trust VPN providers in other countries than your own, just select decently (aka, not Hide my Ass). NEVER trust your ISP!

[1] https://gist.github.com/joepie91/5a9909939e6ce7d09e29

[UniversalBlue]

Cryptostorm or VikingVPN.

[ionised]

Mullvad