PIA: Our Merger with Kape Technologies – Addressing Your Concerns

> I advocate somewhat strongly for paid 3rd-party VPNs, not because I think they're great, but because I think they are sometimes the least-bad option -- 3rd party VPNs address privacy problems that self-hosted VPNs can't

Well said. I would add that they're also useful in situations where you don't care about privacy at all. E.g. you don't care if your ISP logs that you're watching Netflix, you don't care if your VPN logs that you're watching Netflix, but you (and to some extent Netflix) have an interest in making it seem like your computer is located in a different country than it is.

Region-shifting and preventing non-government adversaries from discovering your real identity from your IP address are both valid reasons to use a commercial VPN. I suppose the reason why those who oppose commercial VPNs discount these two is that they're mostly used for IP infringement.

> But if you're currently a PIA user, it would be foolish to keep using them while you're waiting for them to prove that. Cancel PIA for now, and if a year from now they're still on the level, you can make a more informed decision about whether or not to go back.

how will they prove it in a year?

and what threat is it you think the shady guys are going to pose? they'll start spending more money to keep logs? i guess they could get in bed with law enforcement but i doubt that pays well. maybe the RIAA/MPAA will pay them off?

So what’re the recommendations for alternatives? It seems like quite a lot of VPNs play their cards close to the vest - and at the end of the day, all I want is a modicum of privacy and to safely torrent a movie for my PLEX server instead of having to dig up my Blu-ray reader and rip it myself once in a while.

If we're talking spending extra for switching flexibility, just abandoning PIA midway through your year-long subscription term and writing off whatever you paid, works too.

>and unlike Tor, VPNs actually scale well for regular Internet browsing

What is "regular internet browsing"?

Fully agree with all of the above. I've been a happy customer of PIA's for years now and, as such, they've built up relatively solid trust with me (for a third-party VPN company). Even still, I only renewed only a yearly basis because a) things in tech, especially security, change quickly and b) companies also change quickly and like today, that change can be greatly for the worst.

I can't personally understand buying in to such a service for a timespan measured in years.

I don't follow here. PIA is a paid third party VPN. So you're advocating to use one just like this, but not PIA?

Thanks for bringing this up commoner and really appreciate your patience. You are absolutely right that we are open sourcing our software - there were some delays as we completely rewrote our desktop application from scratch.

This was a major concern from our new partners as well, as they have been asking us to release the code as well - we are all on the same page here.

While I can’t give an exact date, I’m confident that the rest of the code will be released in 2 weeks or less. Along with our QT/CPP cross platform application, we will also be open sourcing our search engine, private.sh!

Hope this helps and sorry again for the delay, Andrew

The Go language subreddit had been modded by Google employees. They lost interest and decided to shut it down and there was a bunch of hubbub. In the end they thankfully decided to give the subreddit to the community.

It's not that uncommon. The stadia subreddit mods are all Google employees as well, for example. I agree it's not an ideal setup.

Happens a few times. For the Endless Space/Legends series of games, we made their community manager a mod (they are essentially running the subs, but don’t have founder status and technically we could intervene if they behave in questionable way). It usually depends on who created the sub. Some of them are set up as official channels, others are community-run but with good relationship with the company (an example for the latter would be the paradox subreddits, they are independent but have a good relationship with Paradox).

The Peloton subreddit is full of non-disclosed astroturfing accounts.

Whether critical or loving, we really appreciate any and all feedback from our users and the community. We accept all criticism with open arms and, furthermore, will not be censoring our subreddit as that would undermine free speech - the very thing we are fighting for.

I thought that was against Site Rules? To have employees be the mod's

the /r/pfSense subreddit also has a bunch of Netgate staff as moderators

r/bitcoin was taken over by Blockstream corporation and it's heavily moderated.

Open discussion of Bitcoin is at r/btc. https://www.reddit.com/r/btc/comments/9lfjrb/frequently_aske...

Did not know this

Care to explain in detail, please?

>I wonder what will happen to Freenode now

Well, they're already pushing this cryptocurrency scheme https://freenode.net/news/spam-shake

Thank you for bringing this to our attention mehhh. I will get into this PGP bouncing issue immediately. In the meantime, please feel free to contact me with PGP - my public key is pasted below and you can mail me at a at londontrustmedia.com:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBE28x2gBEACdADSTytv3SNIpOfwQqnWauesXCPgCrOar+Qjt9JITwxZLj/eiYtynG3HNwSo+ VZRQIQqTVO3mtov++Bx7/ZiQC7aylEr4l4g8cL1Y0KtVGWG5GtIBmbP7r4xHZaSlWf0mbNRrjEoT Bn4rQaLuGE8jvPDR9ZszXzgQmDjIXwx1/NJP2+XJ8MghJX3eH7nPyAjDMKM9TsF6KbYrKUPPsH4F jqINMW9Yo24RLdhHnJpLEJLDQNsvakUz8r+YqFTuKsiZcS7BrWWQODTCmWq//HoUUW7UfE76E8Qi mAh8CoRvJktY8cJoHK6fm9oVpKVMp2bhbnha7HbggOdcEnawUqsdjPMY6iA6gx9aqIZ32bjfBx6+ N/XLDh1cLjVLQonRov4DQAve0o4nxKBp6drozhUD8Yw4ROv+vJPxp1wxqq4L0+FEXpORB1rvNewn zyEXNGd8JX3YuStj87isGCytnzcYOc8wa1zhbmF+iM0YIi2DWu9EeWv80oNCA0i+aVcpr3jkARhf ii8w7vSHt3SzaT1TAqtgkH0i9LCXng8jieGgEGWMTXnjcMWeg0tNfAwsUd3ikLw77dN/o/6d0X5S JkDy8003XesclKoJgsVK3l/9yfFVTChHjWJNqx8By2OwRA8ITAaJHb1e/sbqiF+nf1B4A031SxLE xbESOszXuVtJjwARAQABtChBbmRyZXcgTGVlIChyYXNlbmdhbikgPGFuZHlzbEBnbWFpbC5jb20+ iQI4BBMBAgAiBQJNvMdoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRABYTG6kOhpIQAB D/9HMeFMIWMkYk6dY+039vxlQq2sGl93+/VyCrlgoGm0BFw3oV7xm/uAI1jxJHG2Slt34p7Vzi4w nGi+k65Tj5CwbuPy91zeSpIgh7FPszvZACxg4jR+Rza37sj9FV6CLYQsQ2JWyaiqPOVM4Ejr384a lFkJfItCXxpeGHo42BefIci4NNdCiIWB0xvg38i2y8m9w1/3IaMezjix5QZKfOrD50lQCW5i6M1H FjFwXrE/yL4esUnJamRCSwCfZmCa3PZi+5RWr4vNBXktiUc0Aum/zHsKLHLEKuGoB3bqn9TMEpVE 6akCZnKh4T7oCn3Ou+u5tyi6DFfHbM8qnORl2qf9siJ794+FOdmbrcmxis0MoMRtdCKHLZdYQAol 8X266nKWWm/JFLqM2CcmBuQKWLb4LfAUBhXklnc+606Si4rI02eBcsMEvc/pLB+gZ4eF9dM7n47O PuLTeS0W0khsXvspneDmWN5fYr5hkxsg7FKBjQX6nx4ImnwpBc/ZDCbCEDLvIIXPEDf0pUkNUmh8 6Zh7cx6JKdKgn3GPxHP3sLzOzP7UXsaMdet3/Vcm476nTnHwjDXF5pQJG3hPhcqG1vIjDS/k53xD TDXiK+Ll4oyyNnNhUkFOBhnV3TDUC8+AImoBMhkTRLRlBvmVI5Z45cpPQFx8TLXV52zpT10Q/swC TbkCDQRNvMdoARAAtp38Gnxna31fkzbdXPBlsw9khwHO2AUajJZoDh16HaovFMX4O+T5ILXJxz26 Cd3OD76yhl3mo7gLNiYB8hHjPkftXopGsEWMpsSuID58z7/vz90qvDPCSEGM0EEaI2YZcjgLPNIm KDAe3DDYy7bVkkQR47rzLmFC2HF5IwhwTnpBpYpW2ZjQkAx/H0zwPph1AdxozLHu/yzo+hUhmr8n z2G5B92u04CPhcm4VwCoaP6FSYvpO/12Fc0gN8jvjZgOfYvbhcsA76Snt3u5UtxW2cYx5xlJsRcE bRsowiajc15pZaPxEV/Od5yUFTun6NztGinRmWN0zIhoBaM3dwTDOV0cOuFP6TroYSTyvRAznvpe vqHnxJy42luAHyfc8SeBtVYtCV6dDMOi8ervfa8YWFIjiVpcYAXCkFga1gzNJu14yJkVDFHHEttv VqFids5AoscxyfvT2m46KCH85rHqm6jvkH1cQQkkB6/WiIj5aQhBv3cOJ3R3dsmdTk+/OdIPbVDr oHdrTbxQsmm3AnE4pex5WiGxDt7vh8hvdT272eV6vZaGNZcM9pfFDwQVab1wWamSJ/VGxKEOXckV 2hVzEfmXhe7nmHGQ1hUI0JAZiTREAoDqxYvTOLkKqhb8piVenThwqPoLZyvTLYuVd9daOVPrDDBb M49L0+HctG6Ite0AEQEAAYkCHwQYAQIACQUCTbzHaAIbDAAKCRABYTG6kOhpIQABD/0bH/nYM72c BnSZH/6nYVaT9/xVkFC4er7xhiDQosQlUwv+nwEt9jt6zt7R++jCAefsV2DwybtXo8l0ZXLTOCND Hvq5GEzt+C9lVJffcp8EFl4HGUyc42X3/XtGSiArp1LN7vH9T+BjW7BLhEgtpWYYozaaf5SslqeO EWHdU0hdjSabvD9i1H1JV78TL27WvNXBO5MyDnFiHAB3W8ANI6mtV6o0YrvJRyiuU+P27ML4EoDo ew0BR1kYnCq6zJk6cyGa+i47NrjiSewomAQVGvB8Wk986KiSASzYCkStlIA9Tau/yeLdUkhXk9XD f7ueOggPC4jhIknzGXEMgJgufIfHfXDqxHvKwibU3F9wM6pjB/NrH1Fx6SGruELZvNy4kvKd+L6B Ba5ZAiYtkx7ZcLx/bcfxMcu2dg+sRWW698Vb9KN05kwblXwUPkEw4+00G+OFHJZx9KpezrgnJ0pR Sbv5VscBHyFWsGtzsxRs5dh1OHgnSnqoLsXhP4cT5vYSyvUXKP8jFMqUItVljAt/E3ePXIffIRq7 sreHnGsdDp0DyGZXLW78HnJp6/1QXRzq/URlWarVc98YjPgEkXJviV1o5GAVLsuvN+xRC6Llz2rD bKOq/Tzb1SaHtJOPJomcRP6691h0CHMI4ind71KhyJD2vmHwBA/enYuh0ank5J4LTw== =P6L+ -----END PGP PUBLIC KEY BLOCK-----

Freenode is a non profit organization that benefits from support from Private Internet. It is not owned by Private Internet. We are serious fans of IRC and the open source community, so it makes sense for us to divert profits to orgs like freenode among others.

To be clear, we also donate to other orgs:

https://www.privateinternetaccess.com/pages/companies-we-spo...

Our new merged company will continue to do the same as we are in fact the same company going forward - just much better resourced.

Freenode and PIA have different parent companies, freenode hasn’t changed owners so nothing will happen to it.

First that costs too much for many.

Second, you don't just want to prevent MITM, you (hopefully) also care about site's tracking you. For example, you have a Linux/Firefox user-agent and you are browsing HN in private mode, you close the window and start over. No cookies or other artifacts of the previous session remains but your user-agent and IP combibation is unique enough to identify your device. Now if you are using a VPN service there might be at least a handful of Linux/Firefox users out of millions that share the same IP.

Third, most VPN users like the geoip flexibility it allows them (bypass filtering or access different content).

Fourth, a VPS dedicated to this one service means you are now the admin of one more server that needs to be patched and supported by you (admin overhead)

Fivth, some sites block you if you use cloud provider IPs

Sixth, some VPN providers specifically host their infra in privacy friendly jurisdictions and take precautions cloud/vps providers might not (legally and technically).

Seventh, reputation. No one will bat an eye if Microsoft let some country's law enforcement have logs of your traffic in Azure. But by design, outbound VPN traffic can only be logged on the VPN server and it would ruin their reputation if they disclosed logs or tampered with traffic which translates to monetary loss.

VPN services are far from perfect but they hardly have any replacement. Just pick one with a good reputation.

For example with PIA, they are incorporated in the great surveillance kingdom of the UK, which is why I avoided them. They did not take the neccessary legal precautions and their freenode aquisition made little sense from a profit perspective which all in all suggests a grand scheme/vision not obvious to customers.

If the reason you are using a VPN is to avoid potentially untrustworthy middlemen, sure. But if you are after the privacy benefits of sharing an IP address with thousands, then a self hosted VPN won't help you.

Isn't $13/mo quite expensive compared to the cheapest VPS on any cloud providers ?

The bandwidth on Azure might be better, but the first tier on OVH, DigitalOcean and Scaleway begins at 3$/mo and you still have 100mbps.

>Friendly reminder: Azure and AWS both offer a free tier of VM which are perfectly sufficient for a personal openVPN server.

No, it's not. Both have zero or very low amount of free egress (5GB max). After that you're paying $0.1 per GB of egress traffic.

>After the free year, a minimal always-on VM costs about $13/mo.

It's $5 at Linode, and that's not run by a company known for spying on users.

I think Vultr has the cheapest option at $2.5 for a VPS with allowance 1TB of traffic. Scaleaway offers similar options, too.

Also see a recent news.yc discussion on cheaper hosting: https://news.ycombinator.com/item?id=21172818

Kinda defeats the purpose though?

You lose the benefit of your traffic being aggregated with lots of other traffic.

AWS bandwidth is a killer though

Digital ocean would be $5 per month. I’m not sure what their logging/privacy policy though because I found their terms documents so broad and confusing