Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
hellcat707hp

PIA Announces Transparency Efforts, Including Open-Source Desktop Client

Recommended Posts

Posted · Original PosterOP

In a blog post on the PIA site, PrivateInternetAccess VPN co-founder Andrew Lee announced several measures aimed at improving the company's transparency and trust in the community. Transparency and trust which has seemingly withered since the Kape acquisition was announced.

 

The biggest initiative is open-sourcing their clients, starting with the desktop client. A new Github repo has been started here.

 

From the blog post: 

Quote

We encourage everyone NOT to trust, but instead, to verify. In order to deliver a verifiably secure infrastructure and ecosystem, we are embarking on a journey which will lead us to a fully verifiable infrastructure to our community; this will require a number of steps which we will share with you as we progress starting with the following:

  1. Open Sourcing the PIA Clients, Starting with the Desktop Client – Your machine is your private space. You deserve to know what you’re putting on it, and what it’s doing. With the open sourcing of our clients, you can now verify what you’re installing. Please check it out!
  2. Verifiable Zero Access: Start! – We’re building an internal roadmap to create a transparent and verifiable infrastructure, in which no one, including ourselves, is permitted access to the servers through which VPN traffic flows. We will keep you abreast of all progress, and moreover, this will be a community-led effort.  Verifiable Zero Access proves that we cannot log or monitor your traffic.
  3. Random Audited Truths (I smell a rat!) – We have begun reaching out to external auditors and, in tandem, are opening up our operations to review by our users. This allows you to verify with your own eyes, whenever you want.  WYSIWYG.

 

Link: https://www.privateinternetaccess.com/blog/2019/12/dont-trust-verify/

 

Love to hear everyone's thoughts on these efforts. I know many people are waiting to hear what the company has planned to do in order to make a decision on whether to switch VPNs.

Link to post
Share on other sites

I think this a very smart move from them, it should help to silence the "spyware" issues that were discussed a while back and generally make everyone feel a bit easier about trusting them, of course we will need to wait for a while to give people time to look through the code and verify, but overall a very smart business move IMO!


System/Server Administrator - Networking - Storage - Virtualization - Scripting - Applications

Link to post
Share on other sites

I like this. Although investing into a VPN is more than just about today. Its is also about the future. And the future is still at risk with the company under extensive control by a questionable entity.

 

Corporate action like takeovers are done on a long term view. They get their returns into net profit over the long term. And if Kape is after much higher profit than what PIA can produce right now, that could be an intention to eventually exploit otherwise private data.


Awareness is key. Never enough, even in the face of futility. Speak the truth as if you may never get to say it again. This world is full of ugly. Change it they say. The only way is to reveal the ugly. To change the truth you must first acknowledge it. Never pretend it isn't there. Never bend the knee.

 

Please quote my post in your reply, so that I will be notified and can respond to it. Thanks.

Link to post
Share on other sites

nice but this dosnt make me trust them any better. Kapre are still shady as shit


I spent $2500 on building my PC and all i do with it is play no games atm & watch anime at 1080p(finally)...

Builds:

The Toaster Project! Northern Bee!

 

The original LAN PC build log! (Old, dead and replaced by The Toaster Project & 5.0)

Spoiler

"Here is some advice that might have gotten lost somewhere along the way in your life. 

 

#1. Treat others as you would like to be treated.

#2. It's best to keep your mouth shut; and appear to be stupid, rather than open it and remove all doubt.

#3. There is nothing "wrong" with being wrong. Learning from a mistake can be more valuable than not making one in the first place.

 

Follow these simple rules in life, and I promise you, things magically get easier. " - MageTank 31-10-2016

 

 

Link to post
Share on other sites

Correct me if I'm wrong but even if we get clean open source VPN client with nothing shady in it, the data is still collected on the VPN provider servers right? So this is pretty much meaningless besides "good" PR? 

Link to post
Share on other sites

That's my take on it too. Open sourcing the client is nice but what people worry about is what happens on their servers.


Desktop: i7-5960X 4.4GHz, Noctua NH-D14, ASUS Rampage V, 32GB, RTX2080S, 2TB NVMe SSD, 2x16TB HDD RAID0, Corsair HX1200, Thermaltake Overseer RX1, Samsung 4K curved 49" TV, 23" secondary

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB NVMe SSD RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

Dell XPS 2 in 1 2019, 32GB, 1TB, 4K / GPD Win 2

Link to post
Share on other sites
8 hours ago, hellcat707hp said:

Love to hear everyone's thoughts on these efforts.

An open source desktop client is great and honestly should be baseline for any service like this, but it doesn't help in terms of trust - I already know all my traffic is going to their servers, that's just how the service works. The question is what happens to that traffic once they have it.


...is there a question here? ?

sudo chmod -R 000 /*

What is scaling and how does it work? Asus PB287Q unboxing! Console alternatives :D Watch Netflix with Kodi on Arch Linux Sharing folders over the internet using SSH Beginner's Guide To LTT (by iamdarkyoshi)

Sauron'stm Product Scores:

Spoiler

Just a list of my personal scores for some products, in no particular order, with brief comments. I just got the idea to do them so they aren't many for now :)

Don't take these as complete reviews or final truths - they are just my personal impressions on products I may or may not have used, summed up in a couple of sentences and a rough score. All scores take into account the unit's price and time of release, heavily so, therefore don't expect absolute performance to be reflected here.

 

-Lenovo Thinkpad X220 - [8/10]

Spoiler

A durable and reliable machine that is relatively lightweight, has all the hardware it needs to never feel sluggish and has a great IPS matte screen. Downsides are mostly due to its age, most notably the screen resolution of 1366x768 and usb 2.0 ports.

 

-Apple Macbook (2015) - [Garbage -/10]

Spoiler

From my perspective, this product has no redeeming factors given its price and the competition. It is underpowered, overpriced, impractical due to its single port and is made redundant even by Apple's own iPad pro line.

 

-OnePlus X - [7/10]

Spoiler

A good phone for the price. It does everything I (and most people) need without being sluggish and has no particularly bad flaws. The lack of recent software updates and relatively barebones feature kit (most notably the lack of 5GHz wifi, biometric sensors and backlight for the capacitive buttons) prevent it from being exceptional.

 

-Microsoft Surface Book 2 - [Garbage - -/10]

Spoiler

Overpriced and rushed, offers nothing notable compared to the competition, doesn't come with an adequate charger despite the premium price. Worse than the Macbook for not even offering the small plus sides of having macOS. Buy a Razer Blade if you want high performance in a (relatively) light package.

 

-Intel Core i7 2600/k - [9/10]

Spoiler

Quite possibly Intel's best product launch ever. It had all the bleeding edge features of the time, it came with a very significant performance improvement over its predecessor and it had a soldered heatspreader, allowing for efficient cooling and great overclocking. Even the "locked" version could be overclocked through the multiplier within (quite reasonable) limits.

 

-Apple iPad Pro - [5/10]

Spoiler

A pretty good product, sunk by its price (plus the extra cost of the physical keyboard and the pencil). Buy it if you don't mind the Apple tax and are looking for a very light office machine with an excellent digitizer. Particularly good for rich students. Bad for cheap tinkerers like myself.

 

 

Link to post
Share on other sites
Posted · Original PosterOP
1 hour ago, Sauron said:

An open source desktop client is great and honestly should be baseline for any service like this, but it doesn't help in terms of trust - I already know all my traffic is going to their servers, that's just how the service works. The question is what happens to that traffic once they have it.

I'd agree that open source should be standard with VPN clients.

 

Now, point 2 on their list is the most important,"verifiable zero access". I just don't know how they plan to make that provable or how to make their customers see that for themselves.

 

I got PIA a year ago and still have 3 years left so I'm still using it unless something more comes out. Granted, I use a VPN very infrequently, but for those using a VPN regularly, I think part 2 of their plan, whatever it means, is critical. 

Link to post
Share on other sites

While this doesn't address 100% of all concerns, it's at least an effort and some good PR. I'll be keeping an eye out especially for the LTT video coming soon.


PLEASE QUOTE ME IF YOU ARE REPLYING TO ME
LinusWare Dev | NotCPUCores Dev

Desktop Build: Ryzen 7 1800X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 32GB Corsair DDR4 @ 3000MHz, RX480 8GB OC, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×