OpSecLevelBaNaNaS

3

OpSecLevelBaNaNaS wrote

The CNT wasn't perfect either, but many leftists, anarchists, communists, etc. all supported the anarchists during the Spanish Civil War about eighty years ago. Rojava is full of a number of different factions, some of whom are nationalists, others who are not, but the society that they are building is one that promises to promote a really positive direction in a region that has been mired in imperialist adventurism, authoritarian regimes, and reactionary religious quasi-fascism for an extremely long time.

It's the obligation of people in western countries to oppose nation-state occupations/military strikes in traditionally colonized areas, just as much as it is our obligation to support popular movements for our shared ideals. Their movements will not look like ours, nor should they-- they are in their own context, the discourse is different. What we should focus on is what is being built and what is being done. Women's empowerment, radical direct democracy, anti-imperialism and killing ISIS fash-- sounds like those are comrades to me!

2

OpSecLevelBaNaNaS wrote

So, here's the issue: the servers are not open source. It doesn't matter if the client software is open source, they could still be bulk collecting your data on their servers either intentionally or due to a security flaw. A VPN service concerned with assuring users of their privacy would be more interested in disclosing their server source code as compared to the client side software. In fact, any good VPN is using OpenVPN protocols, which there have long been open source client software for.

This issue of server vulnerability is also an ongoing issue in other projects that people in our community rely on heavily, and which are also almost certainly getting spied on by our governments too, such as Signal Private Messenger's servers. While they are open source, and try to avoid collecting or retaining too much metadata about the messages in the system, those servers retain the phone numbers of all current signal users in plaintext, and some additional info about the date of registration with the service and the date of their last use of the service. Signal developers have also not made it easy or intuitive to set up one's own independent servers, making the users dependent on a centralized service. There are some positives for these tactical decisions by the developers, such as increased utility and ease of adoption, but I also have no doubt in my mind that all of the above info is logged by the US government (and others, probably)

I would suggest scepticism of PIA's move here. Treat all VPNs like they are run by the CIA. never rely on only one layer of digital security, and recognize when a VPN will be a liability rather than a benefit to your OPSEC.

For torrenting movies? Yeah, this isn't a bad move. But for anything political? Forget VPNs!!