If you set up the VPN yourself they can be both cheap and relatively secure/private (e.g. EC2, Linode, etc).
I'm not sure how much I'd be willing to trust people selling anonymous VPN services. Many of them are located in untouchable countries and knowingly provide services which violate various laws (e.g. one I used to subscribe to had a specific tab for copyright notices).
If you dig down into who operates many of them you come up quite empty handed. No address, no name, just a few more shell companies and then a dead-end.
HTTPS certainly makes you more secure while using them, however you leak a lot of information in general as a lot of stuff is still HTTP. You trivially build a full picture of someone (name, literal picture, DoB, et al) over a week of watching their insecure web-traffic.
Plus if you're depending on HTTPS then what is even the point of an anonymous VPN? Might have well just use the dumb WiFi and assume that everything HTTP is world-visible.
How sure are you that your cheap anonymous VPN isn't malicious and hasn't been hacked? Is that more or less likely than an attacker being on the same physical wireless network as you?
True. But I'm able to send all traffic through an encrypted tunnel so that nobody listening locally can get their hands on it. And if I wanted to, I could then tunnel all traffic over some other service to anonymize it.
obviously people able to setup their own VPN arent the target. even when connecting on open wifi without vpn im pretty you would spot anything suspicious
PIA gets a lot of recommendations but no one ever mentions that a great number of sites prevent you from using them from the PIA addresses. I've had a lot of trouble with financial and e-commerce sites in particular (which are also the situations I really care about using a VPN).
I think it might be that PIA is frequently used for DDOS and abuse since it's so inexpensive.
Just something I wish I had known before signing up.
As a developer, I would actually have to read up to know exactly what a VPN is and what I can do with it. I have a rough idea, but as it has never been something I have worked with, I have little knowledge of them. Now how would you expect the general public to manage, without someone giving them a decent explanation of them.
Private internet access (dot com) provide a point and click interface for windows and mac os x. On linux one has to manually config but it's not that hard. I have had non-technical people use it with no issues. I am sure there are others out there.
Where did you read this? I haven't check in in a while, but I remember doing research to ensure the provider I used wouldn't be logging - and I settled on PIA.
People are just not aware of these problems, and when you tell them they often downplay them, because they seem far away and until something goes wrong they think it can't happen to them. Also, it's not easy to convince people to pay for prevention rather than to fix an existing issue.
> Considering how ridiculously cheap an anonymous VPN service is
You're already paying for your Internet connection at home, why bother getting another VPN service? At least in our FritzBox (free from the ISP) you can configure VPN. And besides, I trust the established ISPs here more than RandomSuperVPN Inc.
Depending on where you are in the world, home/SoHo broadband might not have enough upstream (1 megabit is common in Australia) to support a VPN - however it might be enough to do your banking or whatever. Now to make it user friendly.
I'm not sure how much I'd be willing to trust people selling anonymous VPN services. Many of them are located in untouchable countries and knowingly provide services which violate various laws (e.g. one I used to subscribe to had a specific tab for copyright notices).
If you dig down into who operates many of them you come up quite empty handed. No address, no name, just a few more shell companies and then a dead-end.
HTTPS certainly makes you more secure while using them, however you leak a lot of information in general as a lot of stuff is still HTTP. You trivially build a full picture of someone (name, literal picture, DoB, et al) over a week of watching their insecure web-traffic.
Plus if you're depending on HTTPS then what is even the point of an anonymous VPN? Might have well just use the dumb WiFi and assume that everything HTTP is world-visible.