This is a fantastic project. I've played around recently with late-90s/early-00s PCs, and have used Plop 5 on CD to boot off the USB disks. If you use older hardware, keep a copy on CD - booting off USB is much faster than CD!
They're what I have access to (for free; I don't buy this stuff), and what I grew up with. I used Pentium IIs and Pentium 4s (and some PowerPC Macs) in my early days. Exploring the limitations of older software or trying to cram newer software on to these machines is fun.
I don't get nostalgic feelings from a C64 or Apple 2 or TRS-80 because I've never even seen one IRL before. For my leisure time I want to play with something I'm mostly familiar with, because that's relaxing. I would jump at the chance to score a free Amiga or other hardware older than I've ever used, but just haven't had any presented to me.
I still go and repair computers for people who have older systems, and there are plenty of these still around. Many people either don't want changes (usually older people), or they can't afford newer systems.
Trisquel is based on Ubuntu like other operating systems (Linux Mint, Pop!_OS, Zorin OS, etc.) but they do something unique - they rebuild the Ubuntu packages from source, instead of just including the Ubuntu repos in their software sources.
Trisquel is quite a usable distro for laptops that are 3-4 years old if you have an appropriate wireless card - Atheros 9xxx series cards tend to work well as the ath9k driver is FOSS. That's really the only blocker most people encounter. Why run this over Debian Stable (without adding "non-free" sources) I couldn't tell you. Debian tends to be more up to date than Trisquel since it's usually based on the previous Ubuntu LTS.
> Debian tends to be more up to date than Trisquel since it's usually based on the previous Ubuntu LTS.
Agreed with most of what you wrote, except this last bit ... it's a funny way to put it :)
Ubuntu is based on Debian, it "forks" from Debian "unstable" aka "sid" every 6 months (with a fair amount of additions and modifications). Debian stable is released roughly every 18 to 22 months, so it has similar age, on average, of Ubuntu LTS (uniformly every 24 months). But sometimes it's a year newer, sometimes a year older, etc.
It's important to understand that you can't go by major version numbers in most fixed-release, long term support Linux Operating Systems, like RHEL, Debian, or Ubuntu. There is often deeper investigation needed.
Lost count of how many times I’ve had to fix software that checked kernel version numbers instead of wether a particular symbol exists. It often breaks when compiled on Redhat because they backport so many patches to old kernel versions.
It's been clear for a long time that every single commercial VPN service is a waste of money. At best, you replace trusting your ISP with trusting a different group of unknown people with similar motivations. At worst, it's a government agency honeypot or someone like Facebook.
If you think you want a VPN for "privacy", use Tor Browser. If you want a VPN for any other reason that "normal people" think they want a VPN, you're probably wrong.
Why do we even give these companies the time of day?
(Small clarification - Most people who want VPNs should use a proxy instead. It fits the use case better. Those still exist and don't route ALL of your device's traffic over the tunnel.)
It's far from a waste of money. They help with things such as skipping geoblocking, able to deceive ISPs that send mail warning users about pirated content, can in some cases help with gaming ping, allow users to trick sites that rely on IP logging and many other applications besides cybersecurity and privacy.
The main issue is that they all seem to advertise themselves as these privacy and cybersecurity services first, while ignoring all the other added benefits.
Meanwhile, a lot of users really can't trust their ISP: your "ISP" might be coffee shop, or someone renting on AirBNB, or your friend (as you are at their home or office). If you are in any of these circumstances, I would probably first recommend "tether off your phone or something", but if you are finding yourself needing or merely wanting to use someone else's internet connection (maybe for speed or because you don't have a good cell signal), it totally makes sense to use a VPN.
(Also: I don't think anyone has mentioned this yet, as maybe it is somehow "gauche" to do so, but one of the top reasons people use VPNs around the world is because they want to browse porn and they don't want people around them to know. At some point, the people in the apartment next door to me figured out my wi-fi password and seemingly felt the correct solution to this issue was to use me for their porn browsing, but it was then all the more awkward when I figured out why my network was slow and knew all of the porn sites they were browsing. Most people seem more OK with the idea of paying a company like ExpressVPN--even if they are legitimately run by "spies"--to be their dedicated porn access point than hoping that someone else more locally won't find out what sites they are browsing.)
> Meanwhile, a lot of users really can't trust their ISP: your "ISP" might be coffee shop, or someone renting on AirBNB, or your friend (as you are at their home or office).
Or your ISP may be one of the big ones - Comcast, Time Warner, etc or whatever they are in other countries, and you may legitimately not trust them either.
My wi-fi password was loudly spoken often and our windows were open constantly. Honestly, if they had asked one of us for the password, I am sure we would have given it to them also (and for all I knew at the time that was how they got it: I am just saying they figured it out, not that they stole it). (It wasn't designed to be secure or anything... is yours? I do not even think I changed the password once they started using it... I just upped my cable modem plan so I wouldn't get affected by it ;P. I might have, though... this was like 15 years ago (I have been using the same wi-fi password at least since right after that, certainly?)
I leeched off my old neighbors’ WiFi for a few years until everyone in the complex upgraded to routers which weren’t vulnerable to the pin key attack (or whatever it was called).
Totally agree. The geoblocking is the most common reason a lot of people use VPNs, even if that isn’t always how they are directly marketed. A friend’s mom asked me a few weeks ago for VPN recommendations so she could watch British TV easier. She’s 70. Her concern isn’t about safer browsing stuff but watching GBB more easily.
*Disclosure: ExpressVPN has sponsored my podcast in the past (tho I don’t handle ad sales fwiw) and I’ve always chosen to do the “this is how I watch X service in X country” use case in ad reads, b/c that’s the value in it for me vs rolling my own Wireguard/Tailscale setup (I actually have Tailscale setup for my home network).
It’s funny express has you advertise as being able to watch X service considering when I used express I couldn’t watch Netflix because they throw an error saying they know I’m using a VPN. Same with Amazon prime. I’ve switched to nordvpn but they are no different I can’t even use fast.com to check the speed when the vpn is on.
Netflix has been particularly vigilant as of late to combat VPN usage so it is a cat and mouse game. I haven’t had an ad from them in months but last time I did, it worked with the services I’ve used without a problem. For all VPN services, the geoblock stuff is a moving target so what works one day or week, won’t necessarily work the next. It’s unfortunate but it is what it is.
Browser fingerprinting works much better than checking IPs. With multiple devices being behind the same IP, it's necessary to distinguish between users.
I'm not saying VPNs are worthless - I'm on one right now for work. Commercial VPNs, for most people who purchase them, are completely worthless.
And I very much doubt that tunneling your connection through a VPN can improve ping.
Just for a moment close your eyes and imagine a world where you have to fill-in a mildly complicated form before you visit a website (or blindly sign away whatever rights you might have had).
A world where every second funny video you might have found on Reddit leaves you with a cryptic message that some "rights holder" doesn't permit you to see it (and denies you from joining the fun everyone else seems to be having in the thread).
A world where you cannot buy half of the cool stuff you want (and everyone else seems to be having) because you cannot even see the online store where it is sold.
A world where you're even denied access to old and seemingly public domain e-books.
Open your eyes. This is the world most of us live in.
We're not on commercial VPNs because we love to, but because often there is no other way. They are in a sense invaluable when it comes to geo-restrictions, even though I agree with you that they are worthless for many of the reasons they claim to exist.
Ok. Use a proxy, or set up your own Proxy/VPN on a VPS? Then you also have a VPS - you can host your own website there, use it to download stuff and rsync it back to your local machine, deploy nextcloud, etc., all for less than the cost of ExpressVPN. And bonus points, you can use unlimited devices.
Less of the cost sure but you are saving a couple bucks a month tops and replacing that with work on setup and maintenance instead. Moreover that way you get a single IP rather than the 40 different countries with multiple IPs my provider gives me.
Set up your own Proxy/VPN on a VPS, is bad for fingerprint perspective. You get static IP in rare IP range for consumers. Pirating is also meaningless unless you use special hosting provider.
Browser fingerprinting does not work for geofencing. Browser fingerprinting and IP geotags work, but fingerprinting just tells you if a user is the same person, on a different IP address. I run a website to monitor bot traffic, and really all something like a Picasso fingerprint can get you is visibility into who's spoofing their IP.
You get a hash value that's roughly unique to the browser-device configuration. You don't know from that hash where the user is located. You have to pair the hash up with geolocation services to get that info. Once you do that though, you get a decent idea of if the person is changing their IP, but there's still no way to tell what the 'real' IP is. You just end up with a unique ID that's associated with a handful of different IP addresses.
As a frequent international traveler, using VPNs as a method to change routing absolutely can improve the results. Routing is not always done to get your specific packets someplace as fast as possible, particularly when submarine cables are involved.
Yup, I was going to say the same thing. I’m also a frequent international traveler (tho not in the last 20 months, alas, but before pandemic I averaged 2 international trips a month) and one of the benefits, security or not, of a commercial VPN service is the access to different nodes that can drastically improve speeds vs whatever routes the network you’re on is using. It’s not a guarantee but I’ve had it come in handy quite a few times.
> And I very much doubt that tunneling your connection through a VPN can improve ping.
Surprisingly this can be the case as long as the combined link to VPN + target is better than the direct link to target. Keep in mind that the target might be geo distributed.
Like driving, going over 2 highways might be fasted than going over a direct dirt road, or a longer road might be faster because the direct road is congested.
One case where I saw this was a friend who for some reason was being routed to game servers around the world when trying to connect to an Overwatch game, and a much closer server with the VPN.
Was this a bug in Overwatch? Almost certainly, but the VPN was an effective workaround.
I've seen it happen. Blizzard is quite notorious for having some weird network links, where a VPN is known to be a workaround. Example [1], and I've heard the same from WoW players.
It can improve bandwidth too! Network operators LOVE to mess with traffic based on service type: prioritize it, throttle it, cap it, the games don't end.
"Turn on VPN, network performance improves" is a regular occurrence these days.
Yeah, but unless you are blowing the VM away all the time (and maybe you are, but that takes a certain amount of effort, even if you try to automate it), you’re still going to have a fingerprint tied to that VM and browser(s). Will it be linked with your other devices? Maybe not, but depending on what accounts you are signed into (Google, Facebook, etc), there could still be a more robust profile associated with your various locations and devices, even if the fingerprints are different.
And no wonder! All of those things you listed as benefits sound shady and illegitimate to people who aren't very tech savvy or have a poor understanding of their rights to a free web. Notice you're using words like "Trick" and "deceive" good luck selling that!
This. I'm an occasional customer of ExpressVPN because they're pretty good about getting past the Great Firewall. When we go visit her family I want access to the same things I have in the US. It's not going to be any real protection if the government is after you.
True. I use VPN to get behind the geoblocking on my banking app which is prohibited to work in my African country. Also viewing movies banned in my country.
> you replace trusting your ISP with trusting a different group of unknown people with similar motivations
I've always seen this argument but it's never made sense to me.
For starters I absolutely don't trust my ISP. I know they are collecting, storing, likely selling my data and that they are 100% going to comply with any government requests from my government (I don't even trust that they would only respond to legal requests).
Years ago I used to use AirVPN. They claimed:
> AirVPN started as a project of a very small group of activists, hacktivists, hackers in 2010, with the invaluable (and totally free) help of two fantastic lawyers and a financing from a company interested in the project and operated by the very same people.
Maybe they're lying but at least there's some chance they actually care about privacy.
But even if they don't care about privacy at all and are lying, at the very least they are based in Italy and have their servers spread throughout Europe. Additionally you can pay via crypto (which gives you more anonymous payment options than your ISP). Simply being in another country then the one I live in makes it much harder for my government to arbitrarily request my data.
Yes if I want to do highly illegal activity that is going to get my government interested in me I absolutely don't think that would be enough. But if I want privacy from routine surveillance this seems like a fantastically better option that 100% giving up.
Use an alternative DNS server, Firefox/Brave/Ungoogled Chromium, uBlock Origin, and disable JavaScript everywhere you can possibly help it. As far as reclaiming some privacy from routine surveillance, this is probably better advice than "Pay Unknown Company X $9/mo to maybe be slightly better than your ISP in terms of privacy".
Well, except that disabling js doesn't prevent you from having a browser fingerprint. In fact, it will make it even more unique and therefore easier to trace.
So not sure what you are referring to
>*are collecting, storing, likely selling my data and that they are 100% going to comply with any government requests from my government (I don't even trust that they would only respond to legal requests).*
The first one would know that you are talking to the second VPN. The second VPN would know that VPN1 User is talking to facebook.com. In principle, neither of them has the full picture. In practice, you may leak enough information that both of them could get the full picture.
That seems like a great technique if it is correct.
Seems obvious to me that many of the top VPN providers are operated by intelligence agencies or have ties to data brokers: they can afford to operate the services at an initial loss for the benefit of information learned later.
For example, touting that a VPN is operated outside of a country with ties to the “five eyes” doesn’t seem like a benefit, it likely means they can operate with impunity on your data.
But VPN A has to relay the request for facebook.com to VPN B, meaning that VPN A has to be aware of the user's final destination. If my interpretation of this is incorrect, then how does VPN B become aware of the request for facebook.com?
VPN A knows there was a request to VPN B, that's it. The request is encrypted on twice the client. VPN A removed it's encryption but is only left with an encrypted request to VPN B. VPN B then removes it's encryption and then forwards the request to fb.com.
VPN A only sees a request to VPN B. Because of that they don't need to know anything about the final destination or even that there is a final destination beyond VPN B.
VPN A receives a packet that says "carry this (encrypted_ payload to VPN B Gateway IP". VPN B Gateway receives that packet and decrypts the payload. The payload says "send this (encrypted) payload from VPN A customer IP to facebook.com".
> At best, you replace trusting your ISP with trusting a different group of unknown people with similar motivations.
When one party with auditors says they will protect your privacy, and the other openly spells out in their stated policies that they will run roughshod over your privacy, cataloging and trading your data as much, as long, and as insecurely as they like...
You don't have to trust the former party a lot to recognize the lesser evil.
> At best, you replace trusting your ISP with trusting a different group of unknown people with similar motivations. At worst, it's a government agency honeypot or someone like Facebook.
My ISP is required by law to be an informant for government agencies, so the VPN can only be equal or better than my ISP.
Honest question: it's still a consensus that they do have value in situations such as airport Wi-Fi, correct?
Separately from that, I still do wonder whether, if you subscribe to a VPN that has well-examined security practices and whose reputation depends on such practices, whether it still may have value over relying on the security over a local ISP which may not have as much expertise or reputation investment with respect to security.
I'm not arguing, just trying to understand the issue better.
Argument is the spice of life! An argument doesn't have to be angry. But nonetheless I appreciate your earnest kindness.
It's less of an issue when every site you connect to uses https, and every app you use employs ssl/tls for its connections. That is common practice these days. Getting man-in-the-middle'd on airport Wi-Fi is less feasible these days than it was 10 years ago. The attacker would have to also install a certificate on the user's device. I welcome corrections if I'm wrong.
VPNs aren't obligated to tell you the truth. They don't have to have good security or even honor what they say on the front page. People trust marketing, not actual policy or actions - just look at Apple. Still waiting on "HMA" VPN to go out of business because they handed over users to the FBI. They're still around and claim No Logs just like everyone else, just like ProtonMail did until this month.
> Honest question: it's still a consensus that they do have value in situations such as airport Wi-Fi, correct?
No. I don't think this was ever a consensus. When is the last time you've used a (sensitive) website that is not run over HTTPS? Unless the CAs (or the certs) are compromised, you have no reason to use a VPN when on public Wi-Fi, because it is encrypted with this so-called "military grade encryption" that VPN providers love to mention.
Edit: forgot to add, if the CAs or the certs are compromised, VPNs won't help anyway.
Same here with multiple different VPN providers. Once I get through the TOS screens I can activate the VPN and have no issues. At one hotel chain (rhymes with a moldy British cheese), I have to activate my VPN first since my DNS provider won't resolve their login page.
> At best, you replace trusting your ISP with trusting a different group of unknown people with similar motivations. At worst, it's a government agency honeypot or someone like Facebook.
You're starting with the (completely correct) observation that any VPN is not guaranteed to be secure, confidential, or private, and then making an argument as though it were the case that every reputable VPN is equivalent to every untrustworthy ISP. I think that's why your argument doesn't make sense to me: I don't think there's an equal chance that a VPN provider with a good reputation is going to sell me out as my ISP.
It's axiomatic in risk management that there is no way to completely remove all risk. Running a proxy and Tor is not a guarantee of security any more than running the world's shadiest VPN is, though it's obviously more secure by far. But, it's a question of what the acceptable level of risk is, and what the marginal cost to reduce that risk is. For many people, a $5-10 (non-shady) VPN is a perfectly reasonable step to take.
They are, it's just in very rare circumstances (monitored public wifi + possibly unsecured connection, for example). Most people should do fine and thanks to https, public wifi is far less of a threat than it used to be (plus, some started blocking VPNs).
Essentially the only valid use of a VPN. That, or masking your location from other users online.
I find YouTube in my country is just filled with content being pushed because it's local to my country. Some VPN exit points have less local content pushing, which gives me more options. Eastern European content is really good, but also completely missing from American YouTube suggestions.
Then either do without (because, come on, nobody's gonna die if they can't watch reality TV), buy it on disc, or pirate it? Netflix is blocking IP ranges so hard that residential space is getting caught in the blast radius. It's a cat and mouse game that you'll only win by refusing to play.
https://torrentfreak.com/netflix-intensifies-vpn-ban-and-tar...
I'm convinced that you can get most of the privacy "benefits" of a VPN with an encrypted DNS, which a pihole can be configured to provide for your whole home network.
Your ISP could still figure out which sites you are visiting by what IP addresses your traffic gets pointed to, but I'd be willing to wager that the bulk of their data collection for the purpose of advertising comes from logging DNS requests, since it is far easier to do and captures 99.99% of their customers habits.
This won't do anything to protect your IP from being sniffed out by media companies when seeding copyrighted torrents, but that has never been a major concern in my house. This is probably also meaningless if you are being targeted for surveillance.
It is - they know their market and they serve them well. One of the few VPNs that actually don't log traffic.
That said, I've had websites flat-out refuse me because of using Mullvad (not just because it's a VPN, but a supposedly "disreputable" VPN). Meaning blackhats love it. Meaning it works.
> One of the few VPNs that actually don't log traffic.
How can one be so certain that this is the case? The only thing that's for sure is the claim they do not keep any evidence. I don't have anything against this VPN, it's really just an inherent trust problem with any provider. You take their word for it and be smart/ethical enough not to have any sketchy activity when you use it because there's a pretty good chance logs are being kept.
I don't mean to make this personal to you but it's weird seeing a tech-literate crowd like HN act naive when it comes to VPN usage, based on arguments like "oh X is shady you should use Y instead, it's 100% private!".
My point being, don't expect that doing extremely dumb shit online means any service, no matter how reputable, that may aid you do so will have your back.
The only ones you can trust are the ones that have actively fought court orders. That is a reasonable show of certainty that they do what they say otherwise there are real legal consequences.
You still don’t know if they’re feeding your data to an intelligence agency or data broker.
For example, why wouldn’t China run a few top VPN companies — or at least compromise them? The benefit would outweigh the costs. So they shield you from piracy lawsuits and the like, they gain data to blackmail and compromise key figures later on.
Tor is practically unusable in 2021. Tor is blocked or is very difficult to use for a growing number of sites. Google is the big one (whether one should use google at all is a different story).
Plus ISPs can detect tor use by its customers just from packet patterns. I don't want to be flagged as a tor user by either my ISP or the sites I visit.
The only other option is to set up your own ISP either in a colo rack or on a cloud VM. That's going to cost $50-$100 month plus your time fiddling with it and any network overages
I think there’s been good criticism of your arguments so far and I don’t want to pile on; but I see _a value_ in commercial VPN companies.
I, a tech savvy person, have no issue creating an SSH proxy server in any country in seconds.
But I also make online video games, and the US sanction system means I must block people from accessing our services; even if they have a copy of the game.
They did nothing wrong, my company isn’t even US based: we just used a cloud provider and all of those are US based.
So, I encourage those users to use a vpn if one is available to them.
> If you think you want a VPN for "privacy", use Tor Browser.
What about Tor over VPN, so that your ISP can't see that you're using Tor? That is, the VPN hides your usage of Tor from your ISP and Tor hides your browsing from the VPN (and since many VPN services even advertise Tor support, its not like it would be suspicious, plus you can pay for many VPN's with cryptocurrency while I definitely can't hide my identity or location from my ISP).
> It's been clear for a long time that every single commercial VPN service is a waste of money.
This is nonsense. It depends entirely on your goals. It's important to me that my ISP doesn't know what I'm doing while I couldn't care less if my VPN provider does. I also need to circumvent geoblocking from time to time.
> At best, you replace trusting your ISP with trusting a different group of unknown people with similar motivations.
I'm not sure what country you live in, but in the US, all the big ISPs might as well be run by the government, at least when talking about privacy. Private VPN companies are far more trustworthy, all else being equal.
I believe Mozilla's contract with Cloudflare to provide Firefox Private Network provides great value, and I've been happy with it service for quite some time. Mozilla and Cloudflare are both well known organizations, and Mozilla acting as a buyer's agent is a good position to be in.
1. my threat model is not my government. It seems that the TLAs have thoroughly pwned our privacy for a long time now. (please note that I am in no way advocating for this mass surveillance, but I don't see that I have much choice in the matter)
2. My threat model includes my ISP. I am forced to use a scummy ISP who would openly steal my data if I let them. Same with my mobile provider.
3. My threat model includes the data thieves who have obvious business models built around selling my stolen data to the highest bidder.
4. My threat model includes black hats and script kiddies.
5. Do I trust my VPN provider? Eh. A little. For now. The thing is, I trust them more than #s 2,3,4 above. What other choice do I have?
I wouldn't say commercial VPNs are waste, It depends for what purpose do you want to use the VPN. Privacy? Yeah maybe not the best for that but these are extremely useful to bypass geoblocking of content. Moreover, many ISP do not like you downloading content via torrent. How do you propose we solve it? User experience with Tor is not always the best as well. Tor network does not have lots of bandwidth, It is okay for browsing but the moment you want to download something using Tor you'd notice that its actually very slow. I'd bet my money that using Tor would attract lot more attention by your ISP than using a regular VPN.
To make it slightly more expensive for the adtech industry to spy on all my internet traffic. I have little illusions that any tech measure whatsoever can thwart government entities.
We use a commercial VPN at our company because it provides a mechanism for traffic encryption for employees who might be connecting from insecure networks. Sure most sites use HTTPS but there is still some unencrypted traffic like CDN or similar.
It’s not a cure all or some privacy guarantee, it’s just that for us, the risk of our employees browser history being stolen by that VPN for some nefarious purpose is just less than the risk of information leaking via insecure network.
The main reason that I use (and many around here) VPNs is to access sites blocked by the government. And these blocked sites even included Wikipedia until recently.
The utility in a VPN is in travelling, not at home. I’m not sure if I trust ProtonVPN more than I trust my ISP, but I sure as hell trust them more than I trust the little hotel I stayed at in Brooklyn.
Long term I’ll probably just solve this by setting up a VPN server at home, so I can tunnel through to my local services and protect myself from wifi endpoints I use on the go.
> Why do we even give these companies the time of day?
My understanding is that most people use a VPN to either watch the foreign catalogs of streaming services or insert a third party in a foreign country to make themselves less tempting targets for random enforcement of copyright laws.
Obviously they don't advertise like this because these activities are illegal.
Kevin Poulsen's book Kingpin, about the takedown of CardersMarket, describes how the FBI ran a VPN service as a honeypot for quite a while as part of the operation, logging everything that passed through it. As you say, it could be anyone on the other end of that connection.
> VPNs do not effectively solve this issue. Most modern browsers can detect the geographic location of a device based on data from GPS, available Wi-Fi networks and GSM/CDMA cell IDs and will submit this information to websites requesting it.
Did I miss something? Even the ad-tech browser will ask the user before sharing that?
I block the Mozilla positioning trackers. They were getting over a million request per month from my household. It’s just a regular API call from any website and doesn’t need any browser permissions.
Everything you mentioned goes back to my point that it's an anonymity service, not a privacy service. Tor exit nodes don't know who sent traffic, but they do see all the traffic that passes through them.
HTTPS can mitigate some of that, just like it can for VPNs, but the site you're going to is still very much visible.
Don't get me wrong, Tor is a very useful service if anonymity is your goal, but it requires a solid understanding of what can go wrong, which torproject provides a decent list for: https://support.torproject.org/faq/staying-anonymous/
> HTTPS can mitigate some of that, just like it can for VPNs, but the site you're going to is still very much visible.
Not in a sense that defeats privacy, since the exit node doesn't know the sender.
With Tor and HTTPS, no Tor node sees the cleartext data, and no node can associate me with the server I'm contacting. That sounds very much private to me.
With Tor the site you are going to is visible, but not who you are (there actually are some quibbles with this, but those don't seem to be your better argument); that someone--somewhere out there--is accessing a specific site doesn't seem to be particularly secret information. I think Tor might tend to use a single circuit for all of your traffic, which allows for correlations, but that is trivially fixable (you can hash the websites you are accessing to multiple circuits that egress with separate exit nodes, so you don't provide the attacker that information).
Diversification. Theoretically most of the nodes are owned by different people, and every connection will randomize your node list route between them, making it difficult to track, unless most of the nodes were owned by one organization. With VPNs, all of your connections are through servers owned by one company, identified by an account ID.
Tor is almost certainly a government honeypot, but if you're just trying to hide from Google and other ad companies, it'll help. Except that it's cripplingly slow.
You are right that most people are just signing up with the same credit card and details as their isp and even if they claim they don't keep logs the vpn needs to link the use of their service to your details for billing just like your isp.
That said if you live in the UK the government logs your internet history to be used against you at their convenience. Using a vpn like mullvad.net that you can buy with bitcoin and no details prevents the government logging my history, thats worth the £5 a month.
Accounts can be completely decoupled from the payer. As long as the account is paid for, it should work. If there are no speed or time limits imposed, then why worry about who is using the VPN? If you allow a reasonable number of connections to the account at any given time, the rest shouldn't matter.
Consistency. All the Google hardware forever has allowed easy factory unlocking without a fuss, easy ways to restore to standard OS images without jumping through hoops, and are widely available. Plus they allow re-locking the booloader and the phone equivalent of enrolling your own custom secure boot keys. They also provide firmware updates for a long time so you can get platform/hardware patches too. CalyxOS does provide these in their images.
The 3a/4a are cheap and have headphone jacks and good cameras. What's not to love? Until they change their policy on unlocking bootloaders and installing custom OSs they're great devices. I still have a Nexus 5 that runs PostmarketOS and Ubuntu Touch, and if it completely breaks I can always use ADB/Fastboot to flash the Android 6 images that are still on Google's website. Don't even have to log in to get them.
dvgrab is awesome! I used it quite a bit recently, transferring old tapes on to more reliable media. Sometimes it the tape had an error and I had to rewind a bit and restart capture, but it mostly just worked.
Be warned, it does produce pretty large raw files, though, so after import, I ran ffmpeg to convert them all to mp4 files. No visible loss in quality, and about 90% size reduction.
I own one of these. Using it is the physical manifestation of delayed gratification and I love it.
- Getting new music or Podcasts requires plugging it in to a real computer, transferring files, and updating the media library. It takes a while.
- Without a touchscreen you can't "scrub" through files and must fast-forward with the buttons. Fast-forwarding to your place in a 90-minute podcast takes a while.
- If you plug it in while in the middle of a podcast, or reboot it, it will lose your place many times. It has a setting to not do this but it is unreliable.
- Due to the above two points I really got in the habit of ensuring I had enough time to listen to a full show in one shot, and that made me subscribe to less podcasts. This is a plus.
- You cannot view show notes for a podcast or click on links in those notes. You must sit down at a PC to do this.
- This device helped me to not take my phone with me everywhere. That's a plus.
- It doesn't "fast charge" or anything. The battery indicator is imprecise so sometimes it will shut off while you're using it. The battery lasts forever so that's OK.
You have to want to use something like this. It is better for you brain than a smartphone. I encourage everyone to try it. It is high quality, built well, and inexpensive, so very much worth a shot. If you want a bluetooth and USB-C version, the Fiio M5 is also good.
I'm not in sales. I'm a devops/sysadmin person. And I didn't mean to do a sales pitch, sorry.
The downsides all wind up being worth it to me because I'm starting from the premise of "I want my smartphone as far away from me as often as possible". It allows me to decouple the primary reason I'd carry my smartphone, and carry something less unwanted instead. I'm guessing you can figure out the reasons; feeds, notifications, alerts, an operating system built for annoyance/addiction that is not Free Software, etc.
Really, though, I encourage you to try it out. Think about how much more time you had to think while walking your dog or something 20 years ago.
> Think about how much more time you had to think while walking your dog or something 20 years ago.
This is an excellent point. I recently mused about how all my ideas for writing articles come in the shower, and your comment made me realize it's because I have nothing to distract me.
I'll try removing distractions/being bored more often, thanks!
I use an old iPod classic with a flash memory upgrade for offline audio listening and was considering this device because of perceived audio quality. From your description it sounds like this device is in the class of alibaba junk. It sounds like the software was an afterthought, fair enough. How does the audio quality compare to things like an iPhone/iPod etc?
The sound quality (via Sony MDR-7506) is comparable to an iPod. Detailed and clear. It can get very loud and drive much nicer headphones than mine. It loads and plays FLACs and other large files much faster than the iPod can because the iPod is 20 years old and doesn't have the horsepower.
The software, honestly, is not nearly as bad as "alibaba junk". It is just fine. The iPod's software is more thought-out and consistent. The Fiio software is much more user friendly than Rockbox though. It responds well and hardly ever crashes. It has all the settings you'd expect and then some. It will be annoying if you expect perfection, but it never skips tracks on its own, the buttons always do what you want, settings aren't reset on you. The M5 is more fiddly than the M3K but I usually use the M5 anyway. I'm willing to tolerate the less-than-perfect software.
In Tor browser I want every request bundled and bounced through Tor. It is a special exception. Non-special-case software should respect my OS and network's DNS settings. Simple as that. I shouldn't have to fiddle with network settings in each application to get it to behave the way I want. Seems fine that it's there, if people want to turn it on, but it should not be on by default.
