[yegor]

Disclosure: I run a commercial VPN service.

If all you need is to "change your IP" for some specific purpose, this and many other tutorials out there can accomplish this task for <$5/month. You are in complete control and have to trust no-one. However be aware of the following downsides:

1. You are mapping your traffic 1:1 to the VPN IP address, that you are the sole user of. This will do virtually nothing for pseudo-anonymity as your original ISP assigned IP will be quickly linked to your new VPN IP by every single shady data broker out there as you lose the benefit of "being lost in the crowd" when you share VPN exit IPs with hundreds/thousands of other people.

2. If you do anything shady that results in a LE subpoena or a DMCA, it's like you were not using a VPN at all. The cloud provider will hand over your details instantly.

3. Many sites block data-center ranges. You will not be able to use most streaming services, and random websites like Papa Johns, Home Depot, banks, gov websites, Ticketmaster, etc. Not all ASNs are banned, but many are. Commercial VPNs can (and do) re-route traffic using "residential looking" or actual residential IP addresses to combat this.

4. Performance MAY not be great. VPN providers do quite a bit of Linux kernel tuning in order to get high(er) throughput.

Depending on your use case, the above may not matter but if you plan to use this 24/7, be prepared to be annoyed.

[throwaway894345]

> You are in complete control and have to trust no-one.

I mean, you have to trust the VPN for reasons you enumerate in (1):

> This will do virtually nothing for pseudo-anonymity as your original ISP assigned IP will be quickly linked to your new VPN IP by every single shady data broker out there as you lose the benefit of "being lost in the crowd" when you share VPN exit IPs with hundreds/thousands of other people.

[yegor]

It would be suicidal for a commercial "non logging" VPN to keep track of IPs + timestamps. It also costs money to store this (best DB is no DB), and does not guarantee 1:1 mapping even if it was in place as exit IPs are shared by multiple users at any given moment.

[vinay_ys]

It is suicidal only if there's a way to get caught. also, the full picture of the finances involved isn't always clear – the vpn business may be just a front for some other much more profitable shady business.

Besides, post Snowden, it is silly to still believe in such claims as non-logging. there are many high probability possibilities:

– it is a legitimate business but a secret court order compelled it to install a tap and feed it to secret government agency.

- its not a real business but actually a secret govt security agency's slush fund funded cyber intelligence warfare operation.

- its an unscrupulous mafia funded business running a massive hacking/blackmail operation masquerading as a business.

- its an unscrupulous shady business that's harvesting and selling your personal data to black market data brokers.

...so on. possibilities are endless.

[yegor]

You're not wrong. All of those are possible. However some countries are better than others for some points you raised. For example, Canada has no NSL (National security letter) equivalents. We cannot be compelled to covertly log some/all of our users with the current laws on the books. Of course this can change in the future.

Shady businesses are out of scope when it comes to laws, but that's true for any industry. There are ways to protect yourself, if your opsec warrants it, by "double wrapping" and using 2 separate VPN providers simultaneously.

Greed is also a huge factor. Dishonest providers can implement all kinds of SDKs into their software and 2-3x their revenues. This is why its important to use VPNs that offer open source apps you can audit and compile yourself which would protect against some obvious violations, but one can do all kinds of evil shit server side without the end user ever knowing.

[dolmen]

- your own IP becomes an exit node for other users of the VPN (or for other proxy services offered by the VPN company)

[throwaway894345]

There’s no way to inspect whether or not a VPN logs IPs, and even if the exit IPs are shared, the VPN necessarily knows that your IP connected to some remote IP and can log that information irrespective of the exit node. As for the cost of log storage, we’re talking about 64 bits of data per connection—you can log a billion connections for less than $0.25 per month.

[raincom]

Does a commercial VPN service help to access American banking websites from abroad? Often times, banks just lock accounts when accessed from foreign IPs. I understand banks' concern about hacking. Or just spin up wireguard on home based router, then VPN into home network?

[yegor]

If your use case is to access home content/services while abroad, spinning up a WG server at home, or even using Tailscale "exit node feature" (https://tailscale.com/kb/1103/exit-nodes/) would accomplish what you need.

On a commercial side, we take reports from users. If someone tells us bank X doesn't work from VPN country location Y, we can fix that in minutes.

[raincom]

Thank you for your reply.

[noman-land]

Thank you for putting all these points down so I can just link people to this comment.

[rahimnathwani]

"If all you need is to "change your IP" for some specific purpose, this and many other tutorials out there can accomplish this task for <$5/month."

But using your ControlD service, OP can get it for $0/month, right?

[yegor]

Nope, that will cost $4/month :)

Also, Control D is a DNS service, not a VPN.

[rahimnathwani]

Got it. But the $4/month isn't just DNS, right? It also proxies traffic so you can spoof geolocation?

[yegor]

Indeed. DNS-only is 1/2 the price.

Just be mindful that despite it being able to spoof your location, SNI is still in the clear. https://en.wikipedia.org/wiki/Server_Name_Indication

[mike_d]

> your original ISP assigned IP will be quickly linked to your new VPN IP by every single shady data broker out there

Are you aware of anyone actually offering this service? If so, hit me up, my email address is in my profile.

[yegor]

Literally any social network, ad network or any of these https://whotracks.me/companies/reach-chart.html

[mike_d]

I'm interested specifically is correlation of VPN to real IP addresses, not generic data gathering.

[lilsoso]

To promote freedom, and avoid complications such as issue number two, we should also recommend users pay by cash.

[paulddraper]

If you're the only user, performance should be amazing.

[yegor]

Probably, in theory, yes.