| You're right. I divide VPNs up into 3 choices: - Rolling your own VPN (control your own infrastructure) - Using an existing VPN service (crowd-based anonymity) - Doing nothing (privacy nihilism) Each decision has their own benefits and tradeoffs. If you're someone who torrents, you should probably be using crowd-based anonymity. If you really dislike the trust relationship you have with your VPN and you're technically inclined, you can roll your own VPN. If you don't want to spend the time worrying about this stuff, setting up a VPN on its own and doing nothing else won't make you private anyway. I (very cautiously) lean towards advising people to use an existing VPN service, but that's not a strong opinion. I do think people who argue that rolling your own VPN is the only sensible choice are either full of crap, or haven't thought through the actual threat models real people face. There's a big movement in some portions of the security industry to say that moving trust around isn't valuable, and that doing nothing is better than centralizing your trust. I'm not going to mince words, I think that's a really dumb perspective. |