(no title)
x220
|
6 years ago
The ISP retains records. It's not uncommon to get letters from your ISP telling you to stop torrenting that blockbuster movie you torrented last week because some law office reported your IP address at the time. So clearly someone can ascertain your identity through legal discovery if you just use your ISP.
danShumway|6 years ago
- Rolling your own VPN (control your own infrastructure)
- Using an existing VPN service (crowd-based anonymity)
- Doing nothing (privacy nihilism)
Each decision has their own benefits and tradeoffs. If you're someone who torrents, you should probably be using crowd-based anonymity. If you really dislike the trust relationship you have with your VPN and you're technically inclined, you can roll your own VPN. If you don't want to spend the time worrying about this stuff, setting up a VPN on its own and doing nothing else won't make you private anyway.
I (very cautiously) lean towards advising people to use an existing VPN service, but that's not a strong opinion. I do think people who argue that rolling your own VPN is the only sensible choice are either full of crap, or haven't thought through the actual threat models real people face.
There's a big movement in some portions of the security industry to say that moving trust around isn't valuable, and that doing nothing is better than centralizing your trust. I'm not going to mince words, I think that's a really dumb perspective.
x220|6 years ago