Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Whats your threat model, that a Digital Ocean droplet is a viable VPN host? It's trivially tracebackable to you.


How so? All you see is that a random DO droplet is pinging your service. You'd need a legal request to get any further info about the droplet. And in that situation, it's equivalent to any other VPN service that will comply with legal requests.


He is talking about government level threats, DO provides no benefit.

I'll add that rolling your own means you're the only one exiting that IP address, so if your threat model involves websites profiling you and/or alternative accounts that won't help.


Where did someone mention government level threats?

If the threat model is a government, Tor is the only safe solution, and only after extensive training and safeguards. Using anything else is actually-crazy.


If your threat isn't a government level threat, then a digital ocean based VPN probably gives enough protection.


A good VPN won't _have_ logs, so they _can't_ comply with legal requests (instead of won't)


Do you really trust that? With your life?

This is precisely the point that the threat model bares its fangs. You can ignore it, but you should be aware that you're putting all your faith in that service.

A hypothetical Good VPN doesn't exist in China, for example, because they're legally not allowed to do what you suggest. Many of us don't live in China, but some do. Even outside of China, is it really true that a VPN service will simply give LEO the finger when they ask "Who was downloading child porn off your servers?" I'm skeptical they can.


That's the thing though, not all legal requests get the same weight or priority. I wouldn't trust a VPN to not roll over for your example cp case, but I think a middle finger equivalent isn't unreasonable for the less severe and more common case of receiving a complaint that the IP was observed as part of a swarm seeding copyrighted material. For lesser things, where does DO sit on the spectrum of will rat you out (which ISPs do), and likely won't rat you out (basically any paid VPN because their reputation depends on not doing so)?


It's traceable with a US warrant.

If you are outside the US this is sufficient protection for many people. For example even close US allies (eg five eyes) have to go through the US court system to get this warrant, and that is a slow, annoying process when you aren't based in the US.

It raises the level of friction to meaning it will only happen for somewhat major investigations. If you are a major drug dealer, then yes, they'll do it. If they catch you with some small amount of some drug, then it's unlikely they'll chase it.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: