[djrogers]

> VPNs do help maintain one small level of privacy (namely from your ISP)

So you've transferred the lack of privacy from one company (your ISP) to another (your VPN vendor). Heck - look what happened to Onavo - facebook bought them and reaped a treasure trove of private browsing habits.

[danShumway]

I use DuckDuckGo for web searches. Technically, I've just transferred my lack of search privacy from one company (Google) to another (DuckDuckGo).

I would of course prefer a zero-trust solution, but absent that, can I at least avoid giving my data the companies that are openly spying on me right now? At least until we figure out how to make Tor scale better for normal usage like streaming/games?

Transferring trust is definitely problematic, but it's also a thing that we do basically every single day all the time, and it's only in the context of VPNs where I see people suddenly advocating that anything less than a zero-trust solution is useless. Zero-trust solutions are the exception when we deal with companies. Most of the time we're just moving/centralizing trust.

[buzzy_hacker]

Well your VPN has a commercial interest in keeping your browsing private.

[vokep]

That hasn't proved to be the case. Nor does it appear so anyways, they have a commercial interest to appear as though they are interested in keeping your browsing private.

[mrmuagi]

So run your own VPN, at least you can minimize the trust to yourself?

[iudqnolq]

A VPN hiding your traffic from the websites you visit relies on substituting the VPNs IP for your own. If you're your own VPN, your VPN's IP is your IP.

I've used self-hosted VPNs running on AWS LightSail to have privacy from wifi operators I didn't trust, but it doesn't work for higher levels of surveillance than that.

For example, if your VPN runs on a server with a dedicated or at least relatively persistent IP and you're the only one using it an upsteam of the server like an ISP or a network of sites could track you cross-site and use that data to deanonymize.