A friend wants to know what this is?
How long do ISPs store your browsing history and what is stored?
- Thread starter oxf77
- Start date
I hate absolutes like that, it doesn't mean we should be an open book, or should just accept it, or that it isn't possible to use some privacy.
Soldato
What is their free service like? I currently use a paid service, but honestly I don't really use it enough to justify paying.
All sweet looking with their pink icing and pretty little sprinkles, but underneath they are all the same - dirty, dirty sponges. Not even Victoria. Every one, just a trollop.
Last edited:
The number of countries they have is quite limited. For example the nearest free server is in the Netherlands rather than in the UK. They only have Netherlands, US and Japan in the free tier. You can also only use one device at a time on their free tier (although I assume you could create multiple free accounts to get around that). I think the speed is fine on those free servers but obviously there will be times when the servers become busy and it slows down. I used it for a while and even helped put a colleague on it for a while. It's really just meant as a taster for their paid offering rather than a fully fledged free service. But I guess that's the trade off when they make their money from paid subscriptions rather than selling your data.
I really do like their paid tiers and they now have a password manager too; their full suite includes VPN, email, calendar, password manager and online storage.
You are giving all of this data to a private company that specializes in obfuscation?
Defence in depth.......... eggs in one basket............. etc.
Nah, see, you are completely wrong there. I have three cats. OH DAMMIT! My VPN wasn't on. Now everyone knows.
I can confirm, your VPN wasn't on this morning when you were posting here
I'm not a privacy nut otherwise I would use an approach of defence in depth. I just use a few of their services for convenience and love the privacy they appear to offer. I don't even use the VPN a lot of the time. My use of their tools has grown organically rather than being a deliberate attempt at privacy. It started as a need to overcome region blocking and then went from there to a bit of privacy too. They have been audited several times and confirmed each time that they do not log any data about you. So even if there were a court order to release anything (which is not likely due to being outside five, nine and fourteen eyes) then there is apparently almost nothing they can hand over. They apparently just don't hold any of your data (yes that could change overnight at any time). If you're going to put all eggs in one basket then a company like this is probably a reasonable bet.
If you are a complete privacy nut then absolutely use defence in depth. But also get off of Windows, MacOS, Android and iOS too. There have been definite cases where Microsoft and Apple have handed over data on people. It has also been proven that Windows logs an extraordinary amout of data including keystrokes. That will absolutely be handed over if the US government requests it. Unless people stop using those main OS's and also stop using all non-privacy respecting search engines and free email such as Google then a VPN is only going to offer very slight protection. If it's free then they are taking your data. If it's not free then there is a chance they might not be.
Last edited:
lol defence in depth doesn't mean you are privacy nut. It is literally "dont put all your eggs in one basket". Managing my passwords through the same private company who sees all of my internet browsing just seems like bad sense.
I'm not sure how this is putting me at risk. Please could you help me out and explain the risk I am exposing myself to?
Proton Pass is open source and audited for security | Proton
Proton Pass’s code has been made open source and passed an audit carried out by the security experts at Cure53.
proton.me
Proton VPN’s no-logs policy confirmed by an external audit | Proton VPN
Independent security experts verified that ProtonVPN does not log user data or engage in any practices that might compromise your privacy.
protonvpn.com
Last edited:
Permabanned
- Joined
- 9 Aug 2008
- Posts
- 35,711
Soldato
I'm not sure how this is putting me at risk. Please could you help me out and explain the risk I am exposing myself to?
Proton Pass is open source and audited for security | Proton
Proton Pass’s code has been made open source and passed an audit carried out by the security experts at Cure53.
Proton VPN’s no-logs policy confirmed by an external audit | Proton VPN
Independent security experts verified that ProtonVPN does not log user data or engage in any practices that might compromise your privacy.
Hmmm - Encrypted-email company ProtonMail has faced criticism after handing over user details to the authorities.
Nord seems to get some shtick from people but they haven't has any reports like the above with Proton.... Again, Nord are independently audited and outside the 9/14 eyes (Panama based) It seems that any "hate" they get seem to be based n the fact they are a big company rather than anything concrete.
Last edited:
Permabanned
- Joined
- 9 Aug 2008
- Posts
- 35,711
I bet every company who say they don't log anything do. 
I'm not championing Proton as some amazing company, just one that doesn't appear to log your data and isn't in 5/9/14. In that respect they are similar to Nord. You can argue the pro's and cons of having a head office in Panama vs Switzerland. Perhaps Panama would be a better location.
I've just had a quick read of that Proton incident. From my limited understanding of it, no personal data was handed over (presumably because no personal data could be handed over). What appears to have happened is that Proton initially refused a request from French authorities for assistance, who then made a request at a Swiss court via Europol. They wanted to find out who was using a particular Proton email address which they believed was being used for illegal activity. Proton could not tell them who was using it or what the contents of the emails were (because Proton can't access those). So Proton were legally compelled by Swiss courts to start recording the source IP address of anyone accessing that Proton account. This does show that Proton were indeed not recording anything prior to being compelled by the court. Presumably the French police could then find out the identity of the person from the French ISP who provided that IP address.
As far as I can see there was no handing over of the contents of emails (Proton have made it clear in the past that if you lose your password and recovery codes they cannot recover your account for you because they don't have access to it) and no availability of historic data before the court ordered Proton to change their logs for this one user. If someone is that paranoid then use several VPN's based in several countries to make it even harder to get that IP address.
Last edited:
Soldato
Unless you're contributing to illegal activity then it's not likely to be flagged.
The flaw in all these tracking laws is it's bad for business reputation to highlight illegal activity. That is why isp generally don't pro-actively report people to the police. They wait to be approached, usually with a court order.
The flaw in all these tracking laws is it's bad for business reputation to highlight illegal activity. That is why isp generally don't pro-actively report people to the police. They wait to be approached, usually with a court order.
Caporegime
I would have thought that not logging everything is a substantial saving in operating costs.I bet every company who say they don't log anything do.
The rules are badly written because clueless MPs wrote them. They have to keep logs, but they don't have to be useful logs. They could just keep debugging logs. OFC some may keep proper logs.
That's how VPNs get away with "not keeping logs"
They will have to hand them over if a court orders, but good luck making sense of them.
But by proxying out of the UK you are outside of UK jurisdiction, so those servers don't have to comply with UK law.
That's how VPNs get away with "not keeping logs"
They will have to hand them over if a court orders, but good luck making sense of them.
But by proxying out of the UK you are outside of UK jurisdiction, so those servers don't have to comply with UK law.
Last edited:
I can't recall her name, but a few months ago an MP was being interviewed on the radio about the new online "safety" bill. She was insistent that technology existed to allow ISP's to check for illegal images without breaking end-to-end encryption. She was saying it was both 100% possible to ensure that a message was not interfered with or intercepted while at the same time being 100% possible for your ISP to be able to check the image against a hash code for known images. She also said that the IT industry was widely behind these new laws. Unfortunately the interviewer wasn't technologically savvy enough to challenge her on it.