I've been advised by a internet whiz kid acquaintance that one way to prevent your ISP from keeping a full record of all your internet activity is to use a VPN. Sadly the acquaintance is just a chap in the local pub who isn't the easiest person to have a meaningful conversation with, or ask questions of directly, as he's a bit of an odd bloke really (likeable enough, but what I think many might call a bit of a nerd).

Anyway, although I don't think I've done anything unlawful whilst browsing the web, I have encountered some odd effects from "adult site blocking" options from my mobile ISP. They block PPRuNe by default, for example, as being a "site that contains adult material". Having looked at the amount of tracking, privacy intrusion etc in newer operating systems and software, and the apparent ineptness of ISP blockers to work properly, I'm quite keen to keep what I do online my business, and my business only, purely for the reason that I value my own privacy highly.

The "Snoopers Charter" is going to make ISPs keep records of everyone's internet browsing, and frankly I consider that to be an intrusion into my privacy, equivalent to the state opening my personal mail. Having spent most of my working life in the public sector, I'm well aware that the government is pretty hopeless at anything that involves data and privacy...............

So, I've done a fair bit of internet searching, and found that there are loads of companies offering VPN services, at reasonable prices. I've read many reviews, but frankly I'm even more confused than I was when I started!

At first, I considered using my low-power, always-on, Linux home server as a VPN, using OpenVPN. The snag with this is the asymmetric speeds of my connection, where my upload speed is capped at only 2Mb/s, which I believe would make browsing through my own VPN pretty slow (happy to be corrected if I have misunderstood this).

My needs are modest, I rarely stream video, don't use peer-to-peer sharing, don't use music from the web (like Spotify or similar) and mainly use the web for general browsing, trying to start a blog (still going up the learning curve with that!) and occasionally using BBC iPlayer for radio and even less often for TV. I rarely exceed around 10Gb per month download in total, on all devices (PCs, laptop, iPad and an Android tablet). I have two internet services, one mobile on the Android tablet (which I sometimes use as a wifi hotspot) and a fixed FTTC VDSL2 home connection, that's not spectacularly fast, as we're a fair way from the fibre cabinet (around 27Mb/s DL, a capped 2Mb/s upload). If I REALLY want to communicate with securely (only with three former colleagues who are friends and paranoid about privacy, IMHO), then I very occasionally use the TOR Browser, but that's very slow.

The simple question is: "Has anyone got any recommendations for a reasonably affordable VPN, with a good track record for security and that won't slow my internet use down to any great degree, please?" I should add that I'm in the UK, so the VPN servers would have to be based somewhere outwith the reach of UK/US law.

I don't have a recommendation for you, but I would encourage everyone to seek a similar arrangement and to think carefully before acting. It's ok, I'm already on a list. Frying-pan and fire are words that come to mind.

No good is going to come from this new legislation. Mark my words.

You seem to have a good grasp of what a VPN will do for you, apart from the idea of using your own Linux home server - unless I have completely misunderstood your idea, it won't give you what you're looking for, unless you were thinking of using it simply as a VPN gateway for local devices, but many routers can do this too or you can simply do it on the device itself, in most cases - and you would still need a VPN service to get your traffic out of the UK.

You need to be very sure of four basic things when signing up to a VPN service:

1. The VPN provider is completely trustworthy - potentially they have full visibility of all your traffic and this may be even less desirable than the non-VPN alternative
2. The VPN service provider and their associated infrastructure is not within the jurisdiction of the UK, US, EU, Australia, Canada, New Zealand
3. The VPN service provider is unlikely to capitulate to demands from (or be coerced by) UK, US, EU, Australian, Canadian or NZ Governments or 3/4-letter agencies thereof even if not within their direct jurisdiction
4. The VPN service provider should be wholly located in a jurisdiction with extremely strong data protection laws, which are taken seriously in that country. Germany is about the strongest in Europe - for obvious historical reasons - but refer to 2 and 3 above. Some Far Eastern countries have even stronger laws.

This is not an insignificant challenge.

Thanks, much of what you say is what worries me, not least that no good will come from this new legislation.

I'd already dismissed the idea of running a VPN on either my Linux home sever or on a router, mainly because my limited upload speed would be a nuisance, but the point about it linking back to me anyway is a good one. The main concerns I have are over the trustworthiness of any provider, and their ability to withstand requests for data from governments with the powers to do so.

A large part of my wish to try and retain some privacy (apart from just the personal view that I think I'm entitled to privacy) is the reaction of three former colleagues who all have a good working knowledge of what our government, and other governments and commercial entities, do at the moment. They all take their personal internet privacy seriously, and in the case of the one former colleague that I'm still friends with, he goes as far as to only use TOR for email, simply because he doesn't want anyone else reading his emails. His just an ordinary retired bloke, who doesn't do anything untoward, but values his privacy more than most.

I would never do anything on the web that was unlawful, so the aim for me is primarily to add some additional obfuscation to just prevent routine data capture that is easily identifiable back to me, as happens here all the time at the moment, even before the new law comes in (right now they capture and check everything accessible, but can only look in depth with a warrant, or that's how it was explained to me by someone in the know).

It's the challenge in finding a service that meets the requirements you've outlined that caused me to ask the question here. From what I can tell, there seems to be a proliferation of VPN services, and my guess is that much of this is linked to the new law. I would guess that the "bad guys" are already smart enough to use a good VPN, and I know for a fact that our data collection people know this, which means that the "snoopers charter" can have nothing to do with countering terrorism, but everything to do with finding out what non-terrorists, who aren't bright enough to use a VPN, are up to.

That really is a bit too much like 1984, even for me, and I'm reasonably tolerant of laws that are needed to catch bad guys.

Right now I'm leaning towards KeepSolid or the paid version of TunnelBear, but I'm still reviewing services and trying to spot weaknesses.

It is refreshing to know that other people are able to see the real purpose behind the legislation. Everyone should care about their personal privacy.

The "bad guys" will not be using commercial VPN services. Their concerns are different to ours and in some ways it does not matter that much if they are caught in a surveillance dragnet. From an operational security point-of-view they know that is a risk and would be taking steps to minimise their risk.

I wanted to point out the biggest weakness in the two providers you are considering.

TunnelBearKeepSolidHave a look at the Wikipedia entry for Internet censorship and surveillance by country. The section on Current Enemies of the Internet makes particularly interesting reading. I would not consider that this represents a complete view of the current facts. Exercise caution.

Consider also the possibility that some VPN providers may be complicit in sharing information with intelligence agencies, possibly outside their own borders, or may even be front organisations of the same.

This is not an easy problem to solve.

My assumption is that the really bad guys will probably be using TOR, and making themselves damned near impossible to track and trace (unless someone makes an error and exposes an exit node, I guess). I have to use TOR Browser to email one of my former colleague friends, as that's the only way he'll use online communication, and having very briefly had a look around the chaotic world there, with what seems to be unlimited law breaking, it makes the "Snoopers Charter" seem completely pointless for its stated purpose.

Thanks for the heads up on those VPN providers, I guess I shall have to keep looking. I'll admit to being surprised that VPN providers could be complicit, but thinking about it, it does seem like an obvious way to create a honey pot trap, so I suppose that it was inevitable.

If TOR wasn't so slow, and the "dark web" so limited (or inhabited by some very unpleasant characters) then it seems to offer the most promise, but frankly it seems to me to be almost unusable for anything other than sending private messages, or buying guns, drugs etc, unless you're a lot more internet savvy than I am!

Still looking for a VPN provider?

Perhaps this might help you in your search for a VPN provider... https://thatoneprivacysite.net

I cannot vouch for the accuracy or authenticity of the comparison data shown, nor that of the VPN providers, but certainly the thinking behind it appears to be sound.

Some words about TOR, the TOR Browser and the dark web

TOR
TOR and the dark web are not one and the same thing. I'm sure you know this, but for the benefit of others who may not...

TOR is a way of obfuscating your real IP address (which is likely to identify you), and therefore your real location, by effectively bouncing your data off several different locations (nodes) before "exiting" the TOR network onto the regular Internet.

For instance, a typical transaction might look like this:
You -> TOR entry node (France) -> TOR relay node (Malaysia) -> TOR exit node (Guatemala) -> BBC web site

The server or system you are trying to reach, in this case the BBC, can only see the IP address of the TOR exit node and therefore your privacy is protected. As far as the BBC are concerned you appear to be a user in Guatemala (the location of the exit node).

Everything on the TOR network itself is encrypted, but may not be encrypted between the exit node and the system you are connecting to - unless you have chosen to use a secure protocol, such as HTTPS (SSL/TLS). It is possible for the TOR network to be compromised by "poisoned" nodes and it would be naive not to assume that some TOR relays and exit nodes are operated by various state actors.

TOR Browser
The TOR Browser (which is separate to TOR and is something that everyone should consider using) is a Firefox clone with privacy features turned on, some privacy enhancing plug-ins pre-configured (such as HTTPS Everywhere) and a TOR client built in. It permits regular web browsing but will bounce your traffic through the TOR network, giving you a very high degree of privacy. It also permits browsing of the dark web (these are sites with a .onion domain name).

Dark web
The dark web is a collection of web services that require special tools or protocols in order to gain access, i.e. not Internet Explorer or Chrome. The physical location and identity of both servers and users is hidden and there are many reasons that this may be desirable.

It is true that some unpleasant characters inhabit the dark web but they inhabit the regular Internet and our society also. There will always be some people who use tools for illicit purposes, but that should not make the tools themselves illicit. It should not be inferred that everyone on the dark web is a criminal or is up to no good - yet this is very much what the media would like people to think. Facebook is available on the dark web - how many times have you read that in the media? Probably none. The more people who use dark web services (I don't mean illegal ones) the better.

Finally, it has been documented that the use of TOR or even simply searching for privacy enhancing software will put you on a list. But then now we're all on a list, so one more doesn't make any difference, right?

Thanks, I did know pretty much all that and fairly regularly use the TOR Browser (so I guess I've been on that list for some time!), but it's a very useful post as a primer for those who don't know what this stuff is all about. My advice to anyone would be to download the TOR Browser (you can keep it and run it from a USB stick - no need to install it) and have a look around. Searching isn't great, as the search engines are no where near as effective as those on the internet, but Not Evil seems to work reasonably well, I've found.

I'd certainly agree that most of what I've seen on the "dark web" has been legal, but probably not available in many countries around the world, due to net censorship. Some is borderline legal, depending on your jurisdiction, and then some (only really a minority of the content) is very definitely not legal, pretty much anywhere.

My brief experience of browsing around the dark web has been that the stuff it seems renowned for, child pornography, just isn't really there,or if it is, then it's not easy to stumble across, as I've never seen a hint of it there, or any other pornography for that matter. I'd say there's far, far more pornography on the ordinary internet than there is on the dark web, and the dark web is more about masses of data and information that isn't readily accessible any where on the internet.

There's a lot of nerdy technical stuff there, whistle-blowing stuff, a fair few conspiracy-theory type groups, a fair few hacker groups and bit of rather nasty stuff, like the places selling any drug you can imagine, stolen credit cards, bank account details, guns etc. Even this isn't all bad though, as there are some substances that are not legally available in the UK, but are relatively harmless, and they seem easy enough to buy anonymously there.

Back on the subject of a VPN, thanks very much indeed for that link. Apart from the advice there, the comparison spreadsheet (link here to .ods version: https://docs.google.com/spreadsheets...ort?format=ods) is particularly useful, as I can rank my needs against the offering of each VPN provider pretty accurately, without having to wade through masses of stuff on loads of different web site.

No.

Just NO.

Spreadsheets can contain arbitrary code. You don't want to be downloading and opening spreadsheets from possibly unreliable sources.

Some discussion here on VPNs by someone who runs a small ISP.

RevK's rants: Evaluating a VPN provider

Thanks, very good tip indeed - I was (unwittingly) assuming the source was OK, not a clever thing to do.......

Thanks, I'm looking through that article right now.

https://torrentfreak.com/vpn-anonymous-review-160220/

...take the facts as fact or fiction...

For what it's worth, I lease a server in Canada from DigitalOcean which I use for VPN - obviously this does require a little know how and familiarity with SSH etc. but does get round the 'is the VPN provider trustworthy' issue...

I notice the OP suggested using their Home Server at one point; wouldn't that rather defeat the point as I assume said server is on the home network - thus all the traffic would be going out over his connection anyway?

Thanks for all the advice, and yes, I did realise after I'd posted that running my own VPN was daft!

After a fair bit of research, I concluded that Nord VPN was best suited to my needs, and also was on special offer, so was only $3 a month for a two year package. It's not perfect, but seems to tick most of the boxes for me, the main ones being that I'm now using OpenVPN through it and that it has a reputation for not keeping logs. Being based in Panama keeps it out of the hands of the main government players, too (and my concern is primarily just personal privacy and the soon to come into force "snoopers charter" law here in the UK). Nothing I do online would be of interest to the intelligence services, here or elsewhere, so frankly I don't think they'd waste their time doing any detailed scrutiny. I just don't trust large, supposedly secure, databases that are ordained by governments, so having records hacked and misused is probably of as much concern as government agencies realistically taking an interest.

Thanks for all the help and advice, from a few hours of working with Nord VPN I can say there don't seem to be any obvious issues. Getting things working under Linux was easy enough, but required a session with the command line. Getting it working under Windows was a lot easier, everything ran from a simple GUI installer.

Speed seems unaffected as far as I can tell, and right now I'm sticking with a UK server, simply because its easier and my main concern is just keeping the local machine connections and data reasonably secure. Interestingly, it seems my VPN IP geolocates to around 300 miles away from me, as as far as I can tell there's nothing tracing back to my actual IP and location.

I'll give an update in a few days if there are any significant issues, but right now I think $3 a month is a pretty reasonable price to pay for a bit of peace of mind regarding our own government's snooping programme.

Good to hear VP959! As you say, for most of us that are just interested in not appearing in large databases, off the shelf VPNs should be more than adequate.

What will be interesting is whether or not VPNs will be offered by ISPs here in the light of the snoopers charter. There are some indications that some are already making tentative offers, and if the price is reasonable then I can see a lot of people switching over to using a VPN just for privacy. Once a significant number of users does this it makes the snoopers charter a pretty pointless bit of law, quite aside from the fact that I'm sure the bad guys they want to catch are already using either secure VPNs or TOR, making additional public data surveillance laws pretty pointless for their stated aim.

I know my local (conservative) MP vaguely, and will be meeting with him about something else in the next few weeks. I've a good mind to point out that those of us using VPNs are effectively side-stepping the snoopers charter, and making the UK balance of payments problem worse, as all the VPN providers are offshore, so money is flowing out of the country to pay for them................

I have been using this provider for my VPN requirements for the last 8 years while living somewhere in the Middle East:

VPNUK VPN - PPTP L2TP OpenVPN IKEv2 VPN Smart DNS, Web Proxy VPN

I never had an issue in accessing external websites that were internally blocked.

I live in a 'Five Eyes' country which has internet logging by ISP's at the direction of the Government.

I've been using Tunnelbear for the last year and eventually gave up because it is absolute rubbish. Every aspect of it sucks.I'm now using ExpressVPN which I find very good.

No logs kept,and much more stable than Tunnelbear.Automatic 'kill switch' which suspends internet traffic until the VPN is re-established if it drops out.Registered in the British Virgin

Islands with plenty of servers worldwide (136 cities in 87 countries). I emailed support for the first time a few hours after I started using it and received a coherent,useful response in 2

hrs.Pretty good.

If you're looking for a secure webmail service, try www.protonmail.com ,brought to you by the people at CERN in Switzerland.Free to use (up to 500Mb) and requires 2 passwords.One

to log in,the other to enable the mailbox to be encrypted/decrypted.
mmmm
mmm
mmm
mmmm

I also came to the same conclusions as VP959, and whilst researching VPN`s and their location, I too have signed up for a two year deal with NordVPN. I`m learning how to use but find it difficult to know which area I should be using. So can anyone point me in a direction of a simple guide to do`s and don`t do`s.