Saying "just use a VPN" is such a cop out.
Discussion
Not that I know what else to do, but it is still relying on someone else to secure you
There isn't much of a better alternative. We are stuck with the privacy-poor design choice of IP that bakes in the physical source address of all your communications.
I have used an anonymous VPS as a "VPN". But the privacy is worse because privacy requires hiding in a crowd, not simply switching to some other fixed unique address. The trackers and fingerprinters will figure you out soon enough.
I think about this a lot and if there was a better solution, I would use it. Carl turned this into a product which is pretty cool but I hope he open sources it some time. Apparently it can't log your IP if it tried.
How so
Because "just use a vpn" will actually hurt privacy in a lot of ways.
I use VPN 100% of the time, I think it is a base requirement. I think it is great advice and of course choice of provider matters. Tor is basically unusable for daily type things. I do a lot beyond that but if I could only advise one thing it would be the VPN. What am I missing?
Which VPN provider are you using? How can you trust them? Do you use the same account over and over or cycle between? Free or paid?
For me I am only trying to protect myself from corporate surveillance. HTTPS does this well. My ISP will see which site I am on but nothing about what I am viewing. My communications are enctypted so a VPN isnt required.
I have been playing with Tor and find it very usable. On the lowest security settings especially, most all sites appear normally. Barely any slower I find.
Also, my ISP doesnt have my KYC so I am not worried about that.
"We kill people based on metadata" <- Actual CIA quote (I think it was Pompeo)
They don't need to see the content. Not saying you can hide from them anyways since they are fucking lawless but it gets the point across. Your traffic is encrypted in transit (if you even trust https, another topic), but even most small websites sell themselves out for some bullshit at the expense of subjecting their users to sophisticated tracking that deeply profiles you *across* sites. If they are sharing on the backend, who cares if it's encrypted on the frontend.
I can actually only recommend one VPN, and that's mullvad. And maybe obscura.io once it's out of beta and more available. Paying for anything with fiat is nearly full KYC. It gets slightly better with privacy.com but not really. Beyond that though, whether you have one account or 20, it doesn't matter because it's tied to your real IP.
Tor is definitely the best but it's slow as all hell.
Again, im only interested in avoiding corporate surveillance. The CIA and other agencies will see your traffic regardless if you use any VPN or not. If you are their target, they got you already. Tor wont even help you. If I was doing something morally wrong I would worry about my metadata. But the only way to avoid metadata getting tracked is to not create any. I think a more realistic goal if wanting privacy is to move toward not being online in the first place. Our internet isnt even available anymore. Its a censored cropped down version of the past. We dont need the internet really.
I mean, there are some decent free ones available. What is the use case?
Some? I know of one decent "free" vpn. ProtonVPN. I wont use them because I use their email. Best to keep these services serperate as possible.
Its annoying when VPN is the go to recommendation for privacy. Most VPNs created will offer you the complete opposite of privacy. And yes I know your ISP is worse. Thats why I say cop out. Because people just say things like "well would you rather trust your ISP?!" Not sure why people have trouble accepting your ISP and VPN both suck and now you're screwed. But instead of accepting that or discussing it they cop out with lame statements. This post wasn't directed at anyone specific.
Rant over. 😂
GM 🌞
Azirevpn might be an option for you. No ID required, BTC, XMR accepted.
Mullvad and IVPN are probably the very few I would recommend...
No personal info needed not even an email, you can pay with Bitcoin or Monero, open source, has servers outside of five eyes countries, RAM-only, multihop available, based out of good legal jurisdiction with strong privacy laws, they at least claim they're prepared to shutdown if ever forced to start spying on users
Of course this is all still not trustless, just as trust minimized and transparent as possible. Anything serious Tor or I2P, but I'm sure you already know this.
Not out yet, but this also looks interesting and it might have some potential:
obscuravpn.io