…because VPNs obscure a user’s true location, and because intelligence agencies presume that communications of unknown origin are foreign, Americans may be inadvertently waiving the privacy protections they’re entitled to under the law…
…VPNs might protect you against garden-variety criminals, but the intentional commingling of origin/destination points by VPNs could turn purely domestic communications into “foreign” communications the NSA can legally intercept (and the FBI, somewhat less-legally can dip into at will)…
Certainly the NSA isn’t concerned about “incidental collection.” It’s never been too concerned about its consistent “incidental” collection of US persons’ communications and data in the past and this isn’t going to budge the needle, especially since it means the NSA would have to do more work to filter out domestic communications and the FBI would be less than thrilled with any efforts made to deny it access to communications it doesn’t have the legal right to obtain on its own.
Since the government won’t do this, it’s up to the general public, starting with everyone sharing the contents of this letter with others. VPNs can still offer considerable security benefits. But everyone needs to know that domestic surveillance is one of the possible side effects of utilizing this tech.
In a letter sent Thursday to Director of National Intelligence Tulsi Gabbard, the lawmakers say that because VPNs obscure a user’s true location, and because intelligence agencies presume that communications of unknown origin are foreign, Americans may be inadvertently waiving the privacy protections they’re entitled to under the law.
Several federal agencies, including the FBI, the National Security Agency, and the Federal Trade Commission, have recommended that consumers use VPNs to protect their privacy. But following that advice may inadvertently cost Americans the very protections they’re seeking.
The letter was signed by members of the Democratic Party’s progressive flank: Senators Ron Wyden, Elizabeth Warren, Edward Markey, and Alex Padilla, along with Representatives Pramila Jayapal and Sara Jacobs.
There’s a saying in Poland: “Robić kurwę z logiki” Which simultaneously can be translated as “To make a whore out of logic” Or “To turn the logic into a whore”
Americans may be inadvertently waiving the privacy protections they’re entitled to under the law…
LOL what privacy protections? The NSA has proven time and time again that they don’t give a single shit about the law, certainly now more than ever.
What do I trust more: Legal protections nobody cares to enforce and could be a multi year battle in court, or well verified strong cryptography.
I don’t give a shit.
Oh nooo, we won’t be protected by the law they can’t be arsed to follow anyway? Whatever will I do when they surveil my encrypted VPN traffic?
Store now, decrypt later. Make sure your VPN is using quantum-safe encryption algorithms with perfect forward secrecy. They are storing ALL traffic that goes outside the country (probably domestic traffic too, realistically).
Don’t you think that would take too much storage space?
They can probably use heuristics to keep the 0.1% most interesting traffic (eg traffic that flows towards servers that isn’t too large, that’d catch everything you send to your bank without breaking the budget to store)
what in the anti-VPN fearmongering is this bullshit?
So, I am a remote worker in Healthcare. Obviously, I need to use a VPN to connect to work to ensure that communication is secure. But because I have a job that requires secure access, I am a suspected domestic terrorist?
No, because there are different types of vpn connectivity.
A point to point vpn is what employees use to connect to the office. The intention is to encrypt the connection so a 3rd party can’t access ithe data going through it. The FBI/NSA won’t care about this type of vpn because your work knows who you are and logs all traffic generated by you which could be subpoenaed by the government.
Connecting to a vpn server in another country to then access the internet hides your original ip address, gets around geo-location blocks and the traffic is typically not logged by the vpn provider. This is the type of vpn governments don’t like.
I think it’s somewhat naive to assume anything isn’t being spied on by the NSA. They don’t have a history of being picky.
Of course. I’m sure they are making use of plenty of bugs found in firewall software to access and monitor business traffic, but they can subpoena those logs at any time. It’s the private vpn clients where logs aren’t kept that they are most concerned about, hence why I was outlining the difference.
Yes.
I don’t get it.
Why should a Russian spy have to tell Americans anything?
They have been surveiling us for years. They just to maximize what they can collect.
Correct, and the FBI inadvertently admitted it publicly by releasing video in the Guthrie abduction case that shouldn’t exist.
Every device with a wireless connection and a GPS, camera, or microphone is surveilling you.
They’ve already collected your modal verb!
I’ve been pegged as one who serially modals online.
I connected to my VPN so I can see a video of that and now I’m on 7 government watchlists
Time to spread the free word of Tor to everyone.
Doesn’t that have the same problem?
but i2p
I wasn’t crazy about i2p. I really loved Freenet and Zeronet
Is it safe enough to use vpns based out of the US? I’m using nord which is non us.
Depends what you mean by “safe enough”. Every country on the planet can subpoena your VPN for traffic data. That’s why that data needs to be encrypted, regardless of what company.
Nord is owned by Tesonet, a data mining company which also owns SurfShark.
And Private Internet Access and ExpressVPN are owned by Kape, an Israeli firm.
ProtonVPN is owned by Proton, in Switzerland.
Mullvad is based in Sweden and is the main interest of its seemingly decent, also Swedish, parent company
Fan of Mullvad but just be aware its not what you want if you’re using a VPN for torrenting. They had to remove their port forwarding feature due to some bad actors ruining it for the rest of us.
What happens if you are torrenting via Mullvad?
they don’t allow port forwarding which nerfs the effectiveness of seeding, seeding is still possible, just not as effective.
TBH modern torrent works well even if majority of users don’t have ports forwarded
You’ll only be able to connect to certain peers that do have port forwarding setup.
Only if you disable uTP protocol. Or if you have an ancient client that doesn’t support it
If a friend was interested in that, what should I tell them to use instead? Asking for a friend, obviously.
I switched to AirVPN when Mullvad made the change. I think Proton, PIA, and Windscribe have it too.
Thanks. Sounds good
CyberGhost I believe is also owned by Kape or a subsidiary.
Thanks for the extra digging, no true privacy but at least there’s some transparency with the vpns.
Those are the ones that would cause them to surveil you.
The issue isn’t necessarily “the government will target you for using a VPN;” the issue is “if your IP makes you look like you’re outside the US because that’s where your traffic exits the VPN, the laws against domestic spying won’t protect you properly because you’ll look like a foreigner.”
Frankly, the headline is heavily spinning it to be anti-VPN fearmongering.
Yeah I reacted way too quickly. Then I realized half of X bot traffic spoofs everywhere. They’re intentionally doing a shakeup of everything and this one got under my skin cause I’m a daily user.
But before this was that outside US router ban that was pretty real. The DJI ban. So these types of news cascade and its worrisome.
Is it safe enough to use vpns based out of the US?
yes, just be aware that the gov could require the company to log you without letting you know, even if they have a no log setup. For the everyday person this is a non-issue, but if you are doing shadey stuff or have ties that may make someone super interested in your activities, you may wanna choose elsewhere.
The everyday person has political views that can be categorized as extremist. Freedom is more costly.
No. They will see that you’re using a vpn.
They might decide to record your traffic and save it until it can be decrypted.
In theory, I think all VPN usage is grounds to get you put on a list, but Nord is considered a relatively “normie” company by privacy aficionados. Everybody and their mother has seen an ad for it by this point. (The privacy aficionados will probably tell you it’s not good enough, but that’s a can of worms I won’t get into right now.)
Makes sense I should probably reframe it as is nord not going to sell their users out without a fight.
Only true privacy is like the tails stuff and some complicated routing stuff all the self hosting guys here probably know about.
AFAIK the one company that has been battle-tested is Mullvad, everything else requires (more) crossing your fingers.
Nord has subpar standards when it comes to logging now, and if that’s in line with recent Proton behavior, you might that interpret that as a potential willingness to cave to the US with minimal pushback
I’d say a large part of my day is looking for interesting links for the officers and agents in Bothell, WA that have my IP locale originate, so that they can have stuff to their show their spouses/prostitute that they are extorting/your mom after their shift.
Those Senators can gargle some uncooked nuts.
Giving you the benefit of the doubt, I think you misunderstood who is at fault here.
The senators aren’t asking the government to spy on Americans. They’re only asking the DNI to make it clear to the public that the US government already might be spying on them.
I think they’re being disingenuous, because the government has been spying on all of us via end runs around the rules like “five eyes” for decades. If they want to go all CIA on you they just ask an ally to do it, then return the favor and spy on the people of other governments for them. All legal and above board, it’s just “intelligence sharing”.
And the NSA isn’t even barred from monitoring you in the fist place.
