Proton
Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.
Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.
Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.
Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.
Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.
Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.
SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.
view the rest of the comments
Historically, people have gotten caught with their hands in the cookie jar while using tor. Most of the documented cases have been from DNS leaks and the like through targeted attacks.
Theoretically it's possible to own enough of the intermediate and exit nodes to collect meaningful data about who's using it and where they're going. It's just very difficult and expensive.
I only give it maybe 50/50 odds let the feds have this power, but that's not particularly rosey for a security product.
From the backbone perspective,VPN traffic absolutely gets monitored on the way out, and they can probably tell everyone that is on the VPN provider at the moment. But timing attacks are rough through a busy crypto tunnel. Your protection basically rolls down to whether they're keeping logs, whether somebody's monitoring the backbone around them, and if there's any point in time where the traffic on the VPN is low enough that they can correlate traffic in with calls out.
Unless you're pissing off the feds I doubt tor is any better off than VPN.
I don't think I'm important enough to piss off feds. I have opinions, but I am not active in the ways I was 30 years ago.
I am no expert, but I am an avid and voracious learner and geek.
I do use a variety of vpns and proxies. I switch often. I also relay certain things to certain things permanently.
I am especially aware of DNS . one of the first major learnings of my Linux use was setting up a secure DNS proxy. It was a pretty intense learning curve. 6 or so years later, I'm fairly comfortable with most aspects of it and securing connections and avoiding data leaks.
I use anonymizing dnscrypt-proxy with local doh. I use other secure DNS protocols and servers when/where required, or desired.
I check for leaks often. I have a few scripts that I wrote to make sure things don't. I use a few sites to do checks. I use nmap to scan all my things.
I use tor for some things. I use proton for others. Warp for others. Shadowsocks for others. Calyx and other services for other things.
I always use a trusted bridge or proxy to connect.
I run a snowflake proxy sometimes.
I don't do illegal stuff.
That said, what is legal now may not be if/when some dictator decides. With that in mind, I appreciate my privacy and intend to keep it any way I can.
I'm beyond exhausted, so I hope I made sense.