How do you pay for your VPN provider?

[John Connor]

Come on man. LOL That is all hyperbole. I'm sure that website thinks Al Gore invented the Internet too.

BTW- To answer your OP question, Google Torwallet.

 

[sn8ke]

Plus the NSA compromised TOR long ago and likely continue to run a honeypot on the onion network to this day.

I use PIA and Peer Guardian. There might be a more up to date program than PG. I haven't done the research in a couple years as the combo seems to keep me "notice free".

Edit: It's actually Peer Block now. Same people just updated.

TOR is not compromised. Gov had to rely on exploiting javascript and flash (or the users' actual stupidity, as was the case of Silk Road) in order to track users to clearnet as it was left enabled on an older browser bundle, or wrongly configured by users. Flash should have been uninstalled by everyone long ago, and noscript is a good thing. Their own internal docs call TOR "catastrophic" to their missions. They have and do operate honeypots though, and have used those to bust people creating CP and there is a big debate right now about whether or not it was legal for them to host and distribute it.

While running Peerblock certaintly won't hurt, it is largely a false sense of security. It relies on assuming that governments or MPAA are connecting from registered government/military or Sony/Fox etc networks. They can just as easily hire outside companies to do their tracking and logging, and they do.

OP might find this interesting:
https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/
https://torrentfreak.com/vpn-anonymous-review-160220/

 

[Bardock]

Tor was created for governments spying, and the more people use it the more innocuous their traffic appears.

“The United States government can’t simply run an anonymity system for everybody and then use it themselves only. Because then every time a connection came from it people would say, “Oh, it’s another CIA agent.” If those are the only people using the network.”​

—Roger Dingledine, co-founder of the Tor Network, 2004

@OP: bitcoin of course

 

[Loser Gamer]

If I was you I wouldn't worry about privacy anymore. In the coming years they are going to make us get a log in just to use the internet. And an ID will be attached to your tracks with your name.

 

[rchunter]

n/m

 

[Charmonium]

If I was you I wouldn't worry about privacy anymore. In the coming years they are going to make us get a log in just to use the internet. And an ID will be attached to your tracks with your name.

That's already true now if you don't use a VPN and your ISP tracks and logs your browsing behavior. Granted they might not be able to get some of the information on encrypted https pages but that's probably insignificant compared to what they can get.

 

[Red Squirrel]

Bitcoin seems to be an option, but arn't all those transactions public? What if I mine the coins myself vs buying, is that safer? That way the coins are not attached to a credit card transaction. It may be cost prohibitive to do that though with the current difficulties.

Or what about those visa gift cards, do those act like a normal credit card when you use it online? I remember getting some as a gift and it was very limited where you could use them, some stores would not accept them because the machine would not work. But never tried to use one online.

As for giving up privacy, never. That's submitting into the abuse. Not about to do that. We need to fight this tooth and nail. Not let them win. At very least we need to make their lives harder. Stuff like TOR and VPN does this. Not too sure about HTTPS but it's obviously better to use it than not use it, when you can. From what I hear that's pretty easy to crack with MITM attack though. HTTPS is more to protect against script kiddies at public wifi places etc.

 

[Bardock]

Even if you have vpn you could still be leaking dns or have it misconfigured on the server or client end. And if any sensitive info has ever touched a windows machine forget about it. There is a program on major geeks called Disk Investigator. You can put any string of text and if it has ever existed on the drive you get to see it. Put in an old password and if you ever copy and pasted it windows keeps a plaintext log. Going back as far as windows xp.

Hardware is also set up to id you with hard drives and even laptop batteries reporting a unique serial number to the os. I guess it's not really safe to talk about here but any vpn or proxy I would pay with bitcoin. How to purchase / obfuscate bitcoin transaction is a bit off topic and can be found with a little searching.

 

[Charmonium]

DNS leak test - https://www.dnsleaktest.com/

I think this is mainly a problem for IPv6 rather than v4. That's why most vpn's I've used turn v6 off.

 

[John Connor]

but arn't all those transactions public?

There are Bitcoin laundering services for this purposes. In fact, I read that you could be held liable if you have a Bitcoin that was used in nefarious purposes. So I have read from a Bitcoin laundering service. But that's why I mentioned Torwallet.

 

[John Connor]

Even if you have vpn you could still be leaking dns or have it misconfigured on the server or client end. And if any sensitive info has ever touched a windows machine forget about it. There is a program on major geeks called Disk Investigator. You can put any string of text and if it has ever existed on the drive you get to see it. Put in an old password and if you ever copy and pasted it windows keeps a plaintext log. Going back as far as windows xp.

Hardware is also set up to id you with hard drives and even laptop batteries reporting a unique serial number to the os. I guess it's not really safe to talk about here but any vpn or proxy I would pay with bitcoin. How to purchase / obfuscate bitcoin transaction is a bit off topic and can be found with a little searching.

The better VPN providers make sure there are no DNS leaks. Another factor is JS and WebRTC. For JS NoScript would work. For WebRTC check here: https://www.browserleaks.com/webrtc#webrtc-disable

 

[Red Squirrel]

Is DNS leak simply your browser or other program sending a DNS query outside the VPN tunnel? The way I want to setup VPN is have a vlan dedicated to it, and my firewall will only allow connectivity to VPN server in outgoing traffic. So any attempt to go on clearnet won't work. Would that solve the DNS leak issue? I figure it would also prevent any other type of leak, like some crafty javascript page that tries to send a query and try to bypass VPN or something.

 

[Bardock]

I would never use an online wallet such as tor wallet. They can take your coins whenever they want and it makes you dependent on their site for your funds. Also noscript stops javascript from running but it still loads and that is enough to de anonymize you.

 

[Red Squirrel]

What about my suggestion of forcing all traffic through the vpn at the firewall level, would that protect me from any stray JS that happens to run? My goal is to also run P2P and other "questionable" stuff on that vlan, so I want it to be protected at the firewall level so I can run pretty much what I want without worrying. Being a separate vlan, it of course will not have any kind of access to my main network, and I will not use any login credentials that I would otherwise use on clearnet. Common sense stuff mostly.

As a side note, any dangers of hosting a TOR node (not exit, just relay) on my connection? Since I have the bandwidth I figured I should do that. Heck can proably put one on my dedicated server too. The more nodes the better it is for the overall security of the TOR network.

 

[John Connor]

I would never use an online wallet such as tor wallet. They can take your coins whenever they want and it makes you dependent on their site for your funds. Also noscript stops javascript from running but it still loads and that is enough to de anonymize you.

You could block all JS, and the TOR bundle comes packed with NoScript.

I don't think you have to worry about Torwallet ripping you off. Pretty sure the Russian ransomware creators use Torwallet.

 

[John Connor]

What about my suggestion of forcing all traffic through the vpn at the firewall level, would that protect me from any stray JS that happens to run? My goal is to also run P2P and other "questionable" stuff on that vlan, so I want it to be protected at the firewall level so I can run pretty much what I want without worrying. Being a separate vlan, it of course will not have any kind of access to my main network, and I will not use any login credentials that I would otherwise use on clearnet. Common sense stuff mostly.

As a side note, any dangers of hosting a TOR node (not exit, just relay) on my connection? Since I have the bandwidth I figured I should do that. Heck can proably put one on my dedicated server too. The more nodes the better it is for the overall security of the TOR network.

Some VPN providers support DD-WRT, etc. You would need to block JS at the browser side since that is at the application layer.

I would run a TOR bridge. If you use the VPN for a TOR node you might get kicked from the VPN so I would ask the VPN provider about doing that. If I were to ever host an exit node I'd buy a VPS. But as always, check the host's TOS.

Note that using a VPN means your connection will appear to come from a cloud/host provider and that could suck for Google searches and other things where the website will always throw you a captcha since there is so much traffic from that server.

 

[Bardock]

I would recommend cold storage wallets as opposed to anything where someone else holds the private keys and the coin itself, especially on a clearnet site. I would rather have mine on my person and controlled by me. https://www.reddit.com/r/Bitcoin/comments/1z9jmy/just_noticed_my_tor_wallet_emptied_a_couple_of/

 

[mauiblue]

I looked into buying bitcoin. Not as easy as I thought it would be. Might be easier just to buy gift cards with cash and use that to pay. But for me just looking to utilize the benefits of using a VPN service, why even bother going through the trouble of paying anonymously? I don't do anything illicit. I am on the road a lot so I use my smartphone to get on the Internet. I just don't want my phone company or ISP or search engine see what I search for or have interests in. I just want privacy and security. The ISP already knows I go through a VPN connection.

Sent from my HTC6545LVW

 

[Bardock]

why even bother going through the trouble of paying anonymously? I don't do anything illicit.

OMG, please read: http://www.wired.com/2013/06/why-i-...is-the-wrong-way-to-think-about-surveillance/

 

[Red Squirrel]

The reason to pay anonymously is so you keep the anonymity throughout the whole process. If I pay for a VPN using a standard method, there is now a transaction saying I gave money to XYZ company that happens to be a VPN provider. Said VPN provider eventually gets seized by the government, and even though they said they did not log anything, perhaps someone did a configuration error, or it was in debug mode, and it was indeed logging, now they can tie that credit card transaction with my VPN account, and perhaps get the VPN keys and such that way.

I may just lean towards the gift cards though. Can buy those with cash, then they are pretty anonymous. You will show up on CCTV, but so will everybody else that bought gift cards - do it around Christmas. If you don't use it right away it's pretty much near impossible to track. Most stores don't keep CCTV footage forever either. The odds of actually being tracked that way is slim to none, but still stuff to consider.

 

[mauiblue]

Thanks guys for sharing. I never realized the issues we face on the Internet until recently.

Sent from my HTC6545LVW

 

[Bardock]

Thanks guys for sharing. I never realized the issues we face on the Internet until recently.

Sent from my HTC6545LVW

Glad to hear it, this made my day. Be safe. There isn't really any privacy any more

Gift cards and bitcoin can both be purchased in cash and are solid options. I would rather do bitcoin simply for speed and ease of use but I admit the learning curve is steep. Good explanation @RedSquirrel. I have a tendency to copy paste articles but your response was to the point. Another recommendation is to use one with servers in non friendly countries such as Russia, that way the odds of USA gubment getting their mitts on the server and your data are mitigated somewhat.

 

[sn8ke]

What about my suggestion of forcing all traffic through the vpn at the firewall level, would that protect me from any stray JS that happens to run? My goal is to also run P2P and other "questionable" stuff on that vlan, so I want it to be protected at the firewall level so I can run pretty much what I want without worrying. Being a separate vlan, it of course will not have any kind of access to my main network, and I will not use any login credentials that I would otherwise use on clearnet. Common sense stuff mostly.

As a side note, any dangers of hosting a TOR node (not exit, just relay) on my connection? Since I have the bandwidth I figured I should do that. Heck can proably put one on my dedicated server too. The more nodes the better it is for the overall security of the TOR network.

There's always the option of browsing only via text/CLI. Lynx is the old school king, but Links is actually nice and pleasant to use. I use it quite a bit when I'm doing research/studying and need as few distractions as possible on the web. It has optional image support too. Or for added security you could always wget fetch websites and read/modify the code to remove things before you run it.

As far as the TOR node situation, nothing illegal in itself (depending on country of course), but I'd be worried about it creating more tracks connecting real-you with tor-you. Again, nothing illegal in itself but just something to consider.

 

[John Connor]

OMG, please read: http://www.wired.com/2013/06/why-i-...is-the-wrong-way-to-think-about-surveillance/

Yet another asinine website that blocks ADblockers.

Synopsis?

 

[John Connor]

Or for added security you could always wget fetch websites and read/modify the code to remove things before you run it.

I haven't used this in ten years, but it's an option. https://www.privoxy.org/