The major VPNs log, this has been shown in court cases. If they say they don't they're either using a limited definition of log, straight up lying, or about to run into problems with the government.

My source isn't an open one, but here is one (that sites different cases than I saw): https://restoreprivacy.com/vpn-logs-lies/

Okay but to be clear that's not a requirement for the problem being addressed here, which is attempting to get through censorship. Anonymous browsing is a more general problem.

I don't think the OP made a good argument that VPN is a suitable solution, but certainly introducing unnesccessary requirements may be disqualifying a possible working solution.

Now, if the censor has the power to invoke great harm to those attempting to bypass then anonymous browsing is the requirement.

If you only care about viewing censored materials and don't care about the repercussions of getting caught, then I agree that a VPN is a fine solution.

It's probably easier to use and faster for most customers, with the downside that you have to pay.

> The major VPNs log, this has been shown in court cases.

Some VPNs have proven no-log in courts, eg PIA.

The VPNs in your article are far from reputable.

Purely out of interest, how has this been proven?

When asked to provide logs in a legal case, PIA claimed it was unable to as it had none.

If you were to tinfoil hat, you could perhaps argue that this is to make PIA an even more viable honeypot.

Alternatively, if your conspiracies don't run that deep, this makes PIA more trustworthy than the Tor network.

I'm not so sure about your argument: the usual argument against a VPN is that you are trusting effectively somebody else's computer. They can have all the business incentives in the world, but we know that some states go knocking on doors with gag orders. A 5$ wrench (or its threat) can get a long way.

The point is that we can't easily know who is compromised and who is not. There's always a certain level of trust required. The argument is that if you host your own VPS and use that as exit-node, at least what you're buying is more generic and the VPS provider most likely wouldn't care. But again, it's a matter of trust.

The issue is that whether a VPN is reputable is hard to gauge and not fixed in time.

Take IVPN from example: from what I gather they are among the most reputable. They haven't fucked up yet (a-la Nord VPN), they support and fund anti-censorship activities etc. But all of this is based on a perception, that can be doctored if you're determined enough. And usually in the discussions about VPNs the level of paranoia is pretty high to be trusting others.

Furthermore, the real issue is that VPNs are not that widespread among the "general public" so compromising a VPN (or running a fake one) seems like a good target for those who want to get at the (current) typical users of VPN.

The idea behind onion routing is not to have to trust individual nodes.

This does not work in practice.

Milking the market as long as it is possible sounds like another financial incentive to me. A lot of VPN providers make a dubious impression to me.

> AKA a global observer

Between a single malicious node and global observer is the simple act of running many Tor nodes, which is comparatively much cheaper and much easier.

> Bad node owners largely not cooperate with each other, and this keeps Tor safe.

It does not. Nearly 10% of Tor nodes were run by a bad actor at a certain point this year. About 1 in 300 Tor users were completely deanonymized at that point in time. Much more if you use mobile Tor, which doesn't seem to pin a guard node.

"a 16% chance that a Tor user would connect to the Tor network through one of KAX17’s servers, a 35% chance they would pass through one of its middle relays, and up to 5% chance to exit through one." - https://therecord.media/a-mysterious-threat-actor-is-running...

I don't know about you, but a 0.3% chance of deanonymization on every route change is pretty unacceptable.

> I2P has been around for 18 years.

I2P is not well maintained, it is not a mixnet, and it does not have the same security guarantees as the Nym mixnet.

https://blog.nymtech.net/vpns-tor-i2p-how-does-nym-compare-8...

> Please do use HN to advertise cryptocurrencies.

Please do not accuse HNers of "advertising cryptocurrencies."

Merely mentioning the existence of a tokenized mixnet is not advertisement. We are allowed to talk about obviously relevant technologies, especially ones that improve on existing ones in novel ways.

> Between a single malicious node and global observer is the simple act of running many Tor nodes, which is comparatively much cheaper and much easier.

And very ineffective, compared to a global observer like PRISM. Tor makes no secret that real time traffic is vulnerable to correlation attacks.

It's not a "bug" in Tor, it's true for any data transmission. And VPNs are way, way more vulnerable to such attack.

> I don't know about you, but a 0.3% chance of deanonymization on every route change is pretty unacceptable.

"unacceptable" is as strange word to use when there are no practical alternatives.

Tor would be more resilient if a large number of organizations and individuals ran their own nodes. We can encourage participation. Other than that, the best thing we can do is develop store-and-forward systems on top of Tor that resist timing attacks. Briar is a good example.

> And very ineffective, compared to a global observer like PRISM. Tor makes no secret that real time traffic is vulnerable to correlation attacks.

I am not talking about correlation attacks, but total deanonymization.

Completely deanonymizing 1 in 300 connections is not "ineffective." You'd catch a lot of regular Tor users, which would likely be your target anyways.

> And VPNs are way, way more vulnerable to such attack.

I cannot run malicious VPN nodes for other users of my VPN. It isn't vulnerable to the attack at all.

> "unacceptable" is as strange word to use when there are no practical alternatives.

A trustworthy no-logs VPN is a perfect alternative.

Because most voters think it’s a shitty take. It’s a hell of a lot easier to identify a vpn user or compel a vpn provider than to perform timing/throughput/correlation attacks on the tor network. Correlation based attacks can take months of consistent observation assuming you control exit and entry nodes the victim is using. Even then you will only identify your victim within some probability.

In places where your government is this hostile and you’re doing something subversive you’re probably using an onion service or i2p which vpns cannot access.

In that case make the argument as you do above and the rest of us can decide whether it's more or less probable.

I'm still not convinced incidentally. State actors have very strong motivations to break Tor, regardless of difficulty, and have ample resources. They can also be very patient, as projects like Stuxnet demonstrated. [0] Doing something surprising is good military strategy as Guderian demonstrated in the Ardennes. [1]

[0] https://en.wikipedia.org/wiki/Stuxnet

[1] https://en.wikipedia.org/wiki/Manstein_Plan

Yea I’m confident the US military has the resources and expertise to fully compromise tor, but it would be extremely difficult/costly. I just believe it’s not worth their time to map every single tor user to an identity. Stuxnet was done to disarm the nuclear weapons program of a hostile nation state.

US intelligence already has plenty of surveillance capabilities and imo they’re not gonna waste their hand targeting non enemies of the state who just want privacy or even organized crime rings who are just chasing a profit.

Frankly it’s easier to catch high profile criminals with more conventional means.

And just to reiterate: my position is not that tor is bulletproof against the most powerful military force in history. I’m just saying it provides a much higher degree of privacy compared to using a simple VPN provider.

Anyone can help strengthen the network by operating nodes, donating money, or assisting with development/documentation!

How is that a shitty take? Tor is compromised, so are most VPNs, but there are some VPN providers that dont store logs (allegedly) like Mulvad. I would take a maybe-is-compromised think over a known-to-be-compromised , every day. Also Correlation based attacks are not the only Tor flaw.

It’s just my opinion on OPs argument. It’s quite a stretch to say that tor is compromised. The network is actively attacked sure. Nation states and sophisticated groups may be able to deanonymize users of high interest.

A single vpn provider would be way lower hanging fruit to powerful adversaries.

There’s a reason high profile criminal groups are able to operate over tor. When they DO get caught, it’s usually through some other unrelated opsec blunder.

I use tor, ProtonVPN, and mullvad in addition to self managed wire guard instances. There’s no reason to be binary and you should use the tools which fit your use case.

> It’s quite a stretch to say that tor is compromised.

1 in 300 connections were deanonymized at many points throughout this year.

For any given trustworthy VPN, 0 connections were deanonymized this year.

A truly trustworthy VPN is more trustworthy than Tor.

> 1 in 300 connections were deanonymized at many points throughout this year.

How do you figure? If you are referencing the bs “0.3%” chance figure. Please not that this assumes that each “peak” number of malicious nodes were used. If you actually look at that medium article, the peak exit, relay, and entry nodes do not occur at the same time. Those malicious nodes have since been removed. This also assumes tor users are not using any onion services.

> For any given trustworthy VPN, 0 connections were deanonymized this year.

Lol. I can’t believe I even have to respond to this. People use vpns to visit clear net sites with loads of fingerprinting JavaScript. They bring their google analytics cookies with them! There’s no onion services!