Reply to post:

There's NordVPN odd about this, right? Infosec types concerned over strange app traffic

Lee D Silver badge

You want to VPN because you don't trust the third-parties who are transiting your connection.

So you VPN with a random third-party who is subject to those other third-party's whims.

Great idea! Thumbs up! Well done! Top security!

A VPN is for you to place OVER an untrusted connection to form a trusted connection between two computers / network. As soon as you insert a random third-party app, or indeed VPN provider, into that connection it's even-more-untrusted than it was before, and there's another party who you have to trust entirely with all your data which - as this and many other incidents show - is a really, really, really poor idea.

And, let's be honest, to do what? Watch YouTube or BBC past geographical restrictions? It's just not worth the effort, just stop consuming their media.

Anything more nefarious, you're really an idiot to trust that intermediary with that information, you're basically flagging yourself up and THEN handing them your data on a plate.

If you want to do something "private", insert as few third-parties as possible into the trust chain. Hell, the reason I run my TV from a RPi is so that I can dial into it from abroad and do that same kind of thing, rather than have to trust anyone not-to-dob-me-in (I used to use, but half the stuff is content-restricted still EVEN THOUGH I'm paying for it... and often with Irish local programmes and adverts... I can literally do a better job with an aerial and a Raspberry Pi).

And I'll tell you something else... rent a server and pretty much nobody cares what traffic you do on it, so long as you don't flag up. You can rent a VPS or dedi for next to nothing nowadays, in any country you like, and they'll often pre-load VPN access for you.

And if you value absolute anonymity, for anything more cheeky than a bit of British TV, you can't use any connection registered to your name, or your normal desktop browser, it's as simple as that. Paying NordVPN to offer you a VPN is literally just handing your name to the authorities if you're doing anything remotely naughty anyway. If you're gonna do that, Bitcoin a dedi (plenty of people doing that), Tor the connection, access it as a "desktop" from nearby public wifi (not your home connection) and use it that way.

You can't trust even the people you pay to give you a privacy-secure VPN.

You can't use any paying service to give you a "criminally"-secure VPN.

So stop trying. Either do it yourself (a VPN device at home and a VPN in a VPS somewhere), or actually do it properly with no association to yourself whatsoever.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019