Privacy - How Your VPN/Private Mail Service could be leaking your identity
There is a new wave of awareness about privacy and personal freedom. Censorship by governments and remote work has increased the usage of digital privacy services.
In 2020, users from 85 countries downloaded a VPN product over 277 million times. By 2021 – only one year later – that number had risen to a whopping 785 million downloads
Source: Altas VPN
VPN bought via Paypal/Credit Card - Anonymity Broken!
Netflix is not showing you US-based shows, or you realize that you do need better privacy when browsing websites. You buy a VPN service subscription using a Credit Card. It is fast and everything works and you are anonymous now. A little caveat here - your identity has already been released when you made the payment to buy the service!
Privacy Stack - It's all connected
The important thing here is that all these services on the internet are connected. Let's say you are writing an anti-government article on a blog platform. Obviously, it is important to stay anonymous. Here is what you do:
- Connect to the internet via VPN
- Register to blog platform using your email
- Start writing
- Make occasional payments to the blog platform via Bitcoin
If you are using an email service like Gmail, an establishment could easily request Google to hand over your identity and all your email history which it will do 70% of the time
Privacy Business - Unmasking a Few White Knights
The digital privacy market is currently worth 1.6 billion and growing exponentially. Lots of services claim to be the white knight of privacy, however, it doesn't take a lot of effort to uncover the skeletons in their closet
Tutanota
Tutanota is the world’s first end-to-end encrypted mail service that encrypts the entire mailbox. It claims
Tutanota is the world's most secure email service
Let's try it out. Looks like the most secure email service requires your real IP address and doesn't allow registration via VPN.
Telegram
Telegram routines claim to be a privacy-friendly version of WhatsApp. The reality cannot be further than the truth. Few points:
- Telegram routinely hands over data to authorities
- Telegram’s usual private and group chats aren't end-to-end encrypted, only secret chats are. This means that your conversations and personal information can be stored on Telegram’s servers and accessed by staff and third parties [Source: NordVPN]
It's amazing to me that after all this time, almost all media coverage of Telegram still refers to it as an "encrypted messenger."
— Moxie Marlinspike (@moxie) December 23, 2021
Telegram has a lot of compelling features, but in terms of privacy and data collection, there is no worse choice. Here's how it actually works:
1/
ProtonVPN
ProtonVPN routinely features among the best VPN services in the world. They claim on their website
Unlike other VPN services, Proton VPN is designed with security as the main focus, drawing upon the lessons we have learned from working with journalists and activists in the field.
Recommendations
Here are some services that we recommend on various levels of the web stack:
- VPNs - Express VPN, Nord VPN, Private Internet Access [If you are looking to buy a VPN service subscription you can find out more at Privacy Journal]
- Secure Email - CounterMail, ProtonMail
- Search Engines - Brave, StartPage
- Communication - Signal
- Blog Platforms - WordPress, Ghost
- Payment Methods - Bitcoin, Bitcoin Cash, Monero
Stay Safe, Stay Private
Comments ()