Just opening discussion, haha!
I mean if non-proton conversation isn’t allowed, I’m just comparing, haha lol!
Okay seriously though.
The three services I’m exploring are:
- Email (with email aliases)
- VPN
- Cloud Storage
Just opening discussion, haha!
I mean if non-proton conversation isn’t allowed, I’m just comparing, haha lol!
Okay seriously though.
The three services I’m exploring are:
Historically, people have gotten caught with their hands in the cookie jar while using tor. Most of the documented cases have been from DNS leaks and the like through targeted attacks.
Theoretically it’s possible to own enough of the intermediate and exit nodes to collect meaningful data about who’s using it and where they’re going. It’s just very difficult and expensive.
I only give it maybe 50/50 odds let the feds have this power, but that’s not particularly rosey for a security product.
From the backbone perspective,VPN traffic absolutely gets monitored on the way out, and they can probably tell everyone that is on the VPN provider at the moment. But timing attacks are rough through a busy crypto tunnel. Your protection basically rolls down to whether they’re keeping logs, whether somebody’s monitoring the backbone around them, and if there’s any point in time where the traffic on the VPN is low enough that they can correlate traffic in with calls out.
Unless you’re pissing off the feds I doubt tor is any better off than VPN.
I don’t think I’m important enough to piss off feds. I have opinions, but I am not active in the ways I was 30 years ago.
I am no expert, but I am an avid and voracious learner and geek.
I do use a variety of vpns and proxies. I switch often. I also relay certain things to certain things permanently.
I am especially aware of DNS . one of the first major learnings of my Linux use was setting up a secure DNS proxy. It was a pretty intense learning curve. 6 or so years later, I’m fairly comfortable with most aspects of it and securing connections and avoiding data leaks.
I use anonymizing dnscrypt-proxy with local doh. I use other secure DNS protocols and servers when/where required, or desired.
I check for leaks often. I have a few scripts that I wrote to make sure things don’t. I use a few sites to do checks. I use nmap to scan all my things.
I use tor for some things. I use proton for others. Warp for others. Shadowsocks for others. Calyx and other services for other things.
I always use a trusted bridge or proxy to connect.
I run a snowflake proxy sometimes.
I don’t do illegal stuff.
That said, what is legal now may not be if/when some dictator decides. With that in mind, I appreciate my privacy and intend to keep it any way I can.
I’m beyond exhausted, so I hope I made sense.