lena

lena OP wrote

Reply to comment by lena in So, I created a netsec forum by lena

I'm somewhat aiming for something that might also have some offensive security research, too, not merely defensive/personal. Having a space for that kind of thing might hopefully help dispell a lot of the cargo-cult security practices that people tend to rely on for opsec, too.

2

lena OP wrote

Reply to comment by lena in Do not use VPNs for privacy. by lena

A hostile network IS a valid use-case, but the vast majority of corporations outside on the internet will still be able to identify you. Facebook, for example, will likely know exactly who you are and what you're doing on the internet, VPN or no. Same with Google et al.
I apologize if it seems like I'm spreading FUD; I'm trying to get people to have a more accurate threat model. I see a lot of advice about using VPNs, and honestly, in general, it's not very helpful, mostly because it's just shifting the exit point for your traffic. They are not the silver bullet people assume. Also, in all honesty, a truly malicious ISP will likely be able to spy on you regardless of the VPN. The reason I recommend Tor is because of the layers of crypto, preventing the entry node from knowing anything about your traffic.

3

lena OP wrote

Reply to comment by lena in Do not use VPNs for privacy. by lena

Why would a VPN minimize corporate surveillance? You're literally routing your traffic through an additional corporation. It doesn't anonymize you in any way.

6

lena OP wrote

Reply to comment by lena in Do not use VPNs for privacy. by lena

The German intelligence "report" that got leaked indicating they didn't trust/"could break" Tor was the babbling of an infantile intelligence agency desperately trying to be noticed by the big boys.
If the NSA can't arbitrarily decloak Tor users (and by all accounts, Snowden's leaks suggest that), then I find it unlikely the Germans can. The NSA has better contacts, cryptographers, machines, and considerably greater resources.

7