I’m shopping for a VPN providers, and really struggling to find a detailed and non-biased breakdown of the various options. A number of years ago, I recall finding an extremely detailed VPN comparison spreadsheet that had 30+ columns, which were contained criteria by which the VPNs were judged both quantitatively and qualitatively. I can no longer find that table, so I suspect it has been removed, but I did find the less-comprehensive table, below:

https://docs.google.com/spreadsheets/d/1ijfqfLrJWLUVBfJZ_YalVpstWsjw-JGzkvMd6u2jqEk/edit?usp=sharing

In the thread posted by the owner of this sheet, a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading. I too am suspicious that this table can’t be trusted, however I really am not knowledgeable about VPNs, so before passing judgement, I figured I should consult those who know more about it. I also recognize that a strong marketing team and an excellent product aren’t mutually exclusive, however I think that generally applies more in markets where economies of scale play a significant role, as does mass-adoption, which fuels loads of well-informed, independent research (ex: the car market and phone market.) That obviously isn’t the case with the VPN markets… but I’m still sorta holding out hope.

If I end up excluding this table, I’m not sure where to turn at that point. Shilling is extremely pervasive in the VPN market, so it’s tough to trust any one person or any one thread. It’s also well established that a few of the large VPNs actually own a number of review blogs, so I can’t really trust blogs either.

I guess I’m here hoping to be told that my suspicions about this table are unfounded, and / or that another excellent, unbiased resource for comparative VPN info exists. Any help would be appreciated!

  • HappyRedditRefugee@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I’d argue that deanonimation would be easier.

    In a VPN you have hundreds of clients and also hundreds of outbound connections, tho not impossible is way harder to find out which connection is being piped to which client. On you own hosted VPS, if you have a dedicated ip is easier, all the traffic will be redirected to only one address, then one of your client.

    Even with a vps with a shared ip the number of clients mantaning open connections is probably way lower on average.

    • auth
      cake
      link
      fedilink
      arrow-up
      1
      arrow-down
      2
      ·
      1 year ago

      I don’t know what size my vps provider is compared to your VPN provider but I’m pretty sure they would tell the US government to fuck off if they asked for data… They are from Russia

      • HappyRedditRefugee@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        You are missing the point, in this case the vector would not be someone requesting data but someone surveiling the VPS or VPN server’s traffic and drawing conclutions out of it

        • auth
          cake
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          the NSA sees all traffic… how is your VPN traffic not traceable?

          • HappyRedditRefugee@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            It is about the ability to trace back, not to be traced.

            Ws1------|----+++++++±–| Ws2------| | ----Client 1 Ws3------|. VPN |----Client 2 Ws4------| |----Client 3 … | | … Wsn------| |----Client m

            Since there are multimple outside conections (wb1…n), the traffic to the VPN clnent is encripted and each client can have multiople connections (thats why i used Client m and not Client n) you can not in a reliable fashion tell which connection will be sent to which client.

            Now your case:

            Ws1------|----+++++++±–| Ws2------| | ----Client 1 Ws3------|. VPS. | Ws4------| | … | | Wsn------| |

            You can in that case reliable say that all the traffic is being piped to Client 1, because ks the only client.

            From there a motivated party can trace back you traffic to you ISP, if you got a fixed IP you can be trace back to.

            If you are behind a CGNAT that party will need help from your ISP, to see where the fraffic went. Which tbf I neglected to mention before, but still changes the trust from you VPS to you ISP.

            To be REALLY fair this tho no wholly easy is also not incredibly hard given you have the right hardware in the right place, I just wanted to explain why mixing your traffic with others has an advantage over a single person VPN

            • auth
              cake
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              1 year ago

              “you can not in a reliable fashion tell which connection will be sent to which client.”

              You easily can if you can see all internet traffic like the NSA can

              • HappyRedditRefugee@lemm.ee
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                Not if going first through a MIMO ofuscator. Which is what the VPN is.

                Or could you explain how would you be able to tell which connection goes to which client?

                • auth
                  cake
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  edit-2
                  1 year ago

                  if you can see a server is sending 167 packets of X size and you can see a client is receiving the same, it doesnt matter that it goes through a VPN? You probably also could time the packets… or decrypt them if they are encrypted using a CA