[EternalAugust]

I think the problem with personal VPNs is correlating incoming with outgoing traffic is trivial for a global adversary (NSA, ISPs). When you use a service provider where a bunch of people are connecting to a single server correlating input with output becomes much more difficult, I seriously doubt it would be impossible though.

[bradknowles]

If your threat model seriously includes the NSA, then you shouldn’t be using IP at all. Or any kind of electronic communication, for that matter.

If your threat model includes your ISP, but does not extend to nation-state level adversaries, then a good private VPN should be a decent enough solution, although a public VPN might be easier and still adequate.

Source: I personally pissed off the Director of the NSA in November of 1992 (see http://www.shub-internet.org/brad/cacm92nov.html ). At the time, my clearance was Top Secret/SCI, and I had been read onto multiple compartments — including the ones for ECHELON, KEYHOLE, etc.... So far as I know, I am still on their shit list, albeit not as high as Snowden or Binney.

[ShorsHammer]

May I suggest https://letsencrypt.org/ or similar for your website?

[mirimir]

Yes, this is true.

So the best bet is staying off the shit lists of the NSA and other global adversaries.

[lbatx]

Clicked on your link just to get on the list (or move up, I suppose). ;-)

[mirimir]

That's what I think.

However, I have used personal VPNs tunneled through Tor. But I was very careful to be anonymous about the VPS I used. And it was just to get around blocking of Tor exits.