How many more VPN leaks/hacks are needed to stop people from advertising them?

[lambrosgg]

I just watched the latest Techlinked and to no one's surprise, another vpn made the news for having user data leaked. Not long ago, Nord VPN got hacked, Tunnelbear got acquired by mcafee. These are just the big ones. Smaller vpns also make the news all the time for doing something shady, almost always for keeping data when they were not supposed to. These are the ones that actually MAKE the news. Imagine what could be happening behind the scenes that we never learn about, because they managed to hide it. 

 

Here is the average VPN sales pitch, translated from PR to plain English:

"Why trust your goverment and isp with your data? Trust us instead! a company you never heard before, because it didn't even exist a year ago! and while you trust us with your data, you will also have the pleasure of paying us a monthly subscription so we can delete them, until they get leaked/hacked/acquired, then we say ooops my bad and move on"

 

I really can't understand why people ever trusted any of them. At least my isp doesn't charge me extra to sell my data to advertisers or my goverment to spy on me... At some point, youtubers should realize the responsibility they carry for their sponsors. Linus had to apologize for Tunnelbear, Jay for NordVPN. If memory servers correctly, linus also did a poll on wanshow if he should continue to trust/advertise PIA (I don't remember what the issue was). Isn't it obvious already that all VPNs will eventually get hacked/exposed? Instead of having to apologize every time and move to the next VPN to start over the same cycle, give up and say no. VPNs are constantly being proven to be scams and tech youtubers should be protecting their viewers from AT LEAST the tech related scams (since they should know better right?)

 

I know many of you will side with VPNs (since you use them) or say "if you dont like it dont use it", but this is not just any product (lttstore.com), its about privacy. They get way too much exposure and its time to stop. I don't think its a coincidence that Steve (tech jesus) never sponsored a VPN. Jesus ALWAYS knows better...

[straight_stewie]

To bluntly answer the question in your title:

Enough attacks to make enough people stop using them such that advertising them is a waste of money.

[Samfisher]

6 minutes ago, lambrosgg said:

I don't think its a coincidence that Steve (tech jesus) never sponsored a VPN. Jesus ALWAYS knows better...

He also doesn't do any sponsor spots for ifixit anymore, cos he has his own tools.  Doesn't mean ifixit is a scam.  You don't approach companies for sponsor spots, they approach you.

 

Also, what has being hacked gotta do with storing information?  Nothing is unhackable, and most either do not keep anything or only keep them for 24h as advertised.

[WereCatf]

11 minutes ago, lambrosgg said:

VPNs are constantly being proven to be scams

Um, no. A company keeping logs that they claim they aren't keeping is a scam, yes, but a company getting hacked isn't. I'd also argue that a company getting hacked or having some sort of an unintended leak can be a beneficial thing as it may prove that the company has actually been doing this mostly correctly, like e.g. having all passwords hashed and salted properly, and thus one can make the assumption that they'll learn from the mistake and be even more vigilant in the future, thus making them an even better choice. The "make even one mistake and I'll immediately abandon you" - mentality is ignorant.

[Hackentosher]

At least three.

 

This message brought to you by LTT VPN, the only VPN that doesn't get hacked for the low price of 1 Canuckistan Copek per anum.

[PeachGr]

It's not only for safety. People in Greece (my country) use it to watch Netflix from USA, cause ours is empty. People in China to bypass the great firewall of China UAE for same reason

[lambrosgg]

6 hours ago, straight_stewie said:

To bluntly answer the question in your title:

Enough attacks to make enough people stop using them such that advertising them is a waste of money.

Pretty much. Not blunt at all, just the sad truth.

6 hours ago, Samfisher said:

He also doesn't do any sponsor spots for ifixit anymore, cos he has his own tools.  Doesn't mean ifixit is a scam.  You don't approach companies for sponsor spots, they approach you.

 

Also, what has being hacked gotta do with storing information?  Nothing is unhackable, and most either do not keep anything or only keep them for 24h as advertised.

"Anymore" being the key word. He did before, but NEVER a VPN. You see VPN ads even in non-tech channels now, do you really believe GN was never offered a VPN sponsor? No way. Getting hacked is basically getting caught on keeping user data when they promised (lol) they dont.

6 hours ago, WereCatf said:

Um, no. A company keeping logs that they claim they aren't keeping is a scam, yes, but a company getting hacked isn't.

If they never kept the logs, there would be nothing worth hacking/leaking. That's the issue with every VPN, they claim they don't keep user data, but always do. The hacks/leaks just prove it. Being scammy makes you scammy, not getting caught.

5 hours ago, PeachGr said:

It's not only for safety. People in Greece (my country) use it to watch Netflix from USA, cause ours is empty. People in China to bypass the great firewall of China UAE for same reason

Doesn't matter what you are using the VPN for. As long as its active, its logging your data (allegedly) when its supposed not to.

[WereCatf]

1 minute ago, lambrosgg said:

If they never kept the logs, there would be nothing worth hacking/leaking.

One could still leak e.g. the login-credentials database, so yes, there is always something to leak.

2 minutes ago, lambrosgg said:

That's the issue with every VPN, they claim they don't keep user data, but always do

Projecting and exaggerating won't make your argument any better.

[Samfisher]

2 minutes ago, lambrosgg said:

 

If they never kept the logs, there would be nothing worth hacking/leaking. 

Untrue, payment info and email/usernames are obviously still stored.  User browsing data is not the only thing that is of value in a hack.

[Sauron]

5 hours ago, PeachGr said:

It's not only for safety. People in Greece (my country) use it to watch Netflix from USA, cause ours is empty. People in China to bypass the great firewall of China UAE for same reason

That is, in fact, the only good reason to use a VPN on a personal device.

[Dravinian]

2 minutes ago, Samfisher said:

Untrue, payment info and email/usernames are obviously still stored.  User browsing data is not the only thing that is of value in a hack.

I would imagine it is the least valuable thing in a hack outside of very case specific examples.

 

I mean, who really cares that I come here and go to youtube - which appear to be the two things I do on the internet between work.

 

Who is going to make money off of that? I think even Google might struggle with that knowledge, what they going to sell me an LTT Store bottle?

[Samfisher]

1 minute ago, Dravinian said:

I would imagine it is the least valuable thing in a hack outside of very case specific examples.

 

I mean, who really cares that I come here and go to youtube - which appear to be the two things I do on the internet between work.

 

Who is going to make money off of that? I think even Google might struggle with that knowledge, what they going to sell me an LTT Store bottle?

Indeed.  Although I don't see regular VPN users just using it for daily browsing. It's not my use case at least.

[Dravinian]

13 minutes ago, Samfisher said:

Indeed.  Although I don't see regular VPN users just using it for daily browsing. It's not my use case at least.

I use it for watching programs out of my region.  Is anyone under the belief that a content provider is going to try and sue someone in a foreign country, for a piddling amount for which they are unlikely to be awarded costs as it would be disproportionate to the value of the claim?

 

Really? You worried the BBC is going to come get you?

[Samfisher]

2 minutes ago, Dravinian said:

I use it for watching programs out of my region.  Is anyone under the belief that a content provider is going to try and sue someone in a foreign country, for a piddling amount for which they are unlikely to be awarded costs as it would be disproportionate to the value of the claim?

 

Really? You worried the BBC is going to come get you?

That is my use case as well, and some sites don't load even when using non-ISP DNS, so VPN is the only way.

[lambrosgg]

1 hour ago, WereCatf said:

One could still leak e.g. the login-credentials database, so yes, there is always something to leak.

Projecting and exaggerating won't make your argument any better.

I am talking about user data leaks and that's the problem. Even twitter got hacked, so you can't accuse VPNs for "not being secure enough". My initial argument was that they keep browsing data logs when they advertise they dont.

If my arguments is not good enough about how many VPNs actually get caught, here are some google search suggestions: VPN leaked, hacked, VPN scandals etc.

1 hour ago, Samfisher said:

Untrue, payment info and email/usernames are obviously still stored.  User browsing data is not the only thing that is of value in a hack.

Thats true, everyone gets hacked. Getting hacked is not the issue, what hackers find is. emails/payment info is ok, browsing data is not. 

1 hour ago, Samfisher said:

Indeed.  Although I don't see regular VPN users just using it for daily browsing. It's not my use case at least.

I have also used a VPN for this purpose 2-3 times in my life. Recently to get a discount on uplay that was only available in the French store. I installed a free vpn, did the thing, immediately uninstalled after.

 

Seems everyone is missing my point: Every VPN's marketing is "private browsing" "no logs" "security", convincing people that their browsing is private and not logged, to use them indefinitely (monthly subscriptions) and keeping them active constantly. That's what they are pushing, not use our free trial once for region restrictions. When they get exposed for keeping user browsing data (for advertisement purposes obviously) nothing happens to them! legal action or otherwise (shut down?) They just say oops we are sorry we are not going to do it again and move on (most probably still keeping data). If that's not scam enough for you, what is? Every business has the right to be scamy ofc, but youtubers shouldn't be sponsoring something that could even  POTENTIALLY be scam, just to be safe and protect their name/integrity.

I think we are at the point now, with so many VPNs getting caught for keeping user data, that we can safely assume that most of them do. PIA even had in their pitch that they are being audited by a "3d party" to check that they are legit... I mean who was that 3d party? what are their credentials? Are they even competent enough to discover if they are keeping logs? Was the "inspection" done randomly, or did PIA had a warning to disappear the data before getting audited? Does that 3d party accept bribes? Come on guys...

[WereCatf]

9 minutes ago, lambrosgg said:

that we can safely assume that most of them do.

Alas, you are loudly claiming that they all do.

[RejZoR]

8 hours ago, Hackentosher said:

At least three.

 

This message brought to you by LTT VPN, the only VPN that doesn't get hacked for the low price of 1 Canuckistan Copek per anum.

LTT VPN, only costs 2 Maple Schillings per month, till end of your life!

[lambrosgg]

1 hour ago, WereCatf said:

Alas, you are loudly claiming that they all do.

I guess the word "assume" means nothing these days...  When the small ones make the news constantly and even the biggest ones get caught "its safe to assume that they all do". That's what I said. I am no "3d party auditor" to be able to prove my suspicions, but I know when something smells like BS and yes, all VPNs smell like BS. Everyone is innocent until proven guilty, is not really applicable when customers don't have the means to even attempt to prove them guilty. If none of them ever got caught for keeping logs, I would be using one myself, but here we are. How long you think until the next VPN makes the news for having user data leaked/hacked? "dont trust your ISP/goverment with your data, trust us" Thanks but no thanks, at least my ISP/goverment existed last year.

1 hour ago, RejZoR said:

LTT VPN, only costs 2 Maple Schillings per month, till end of your life!

Throw in a pair of those unties and I am sold!

[Blue4130]

10 hours ago, lambrosgg said:

... At some point, youtubers should realize the responsibility they carry for their sponsors.

Their only responsibility is to their employees. It may be courteous to vet their sponsors, but you as the consumer bares responsibility for doing your homework. (and I say "you" as a general non-ltt team member term.)

[NeuesTestament]

YouTubers don't really care, they advertise everyone that pays. It is really rare to see them reject a sponsor.

[RejZoR]

48 minutes ago, NeuesTestament said:

YouTubers don't really care, they advertise everyone that pays. It is really rare to see them reject a sponsor.

JayzTwoCents rejects certain companies. And so has LTT afaik. Same goes for GamersNexus. Integrity matters among viewers. I don't expect them to be personally responsible if things go bad, but I do expect them to act accordingly, like LTT has about PIA in the past. Showing you actually care what you advertise, even if things are out of your direct control.

 

People for example generally have a hate for RAID Shadow Legends ads, but it's not that bad of a game though. If you don't mind grinding, it has some interesting elements. I haven't spent a single cent on it (yet) and I have the Gem mine fully upgraded, Market fully upgraded and on my way to fully upgrade 3rd slot in Sparring Pit (have unlocked all of them already). I like fiddling with heroes and unlocking them through "hard work". There is no way I'm gonna pay for their ridiculously priced virtual items. Anyways, so they are aggressive at advertising it, but no one forces you to spend money on it or hate it just because they are aggressive at it. So they are. Big deal. This segment is NOT sponsored by RAID Shadow Legends lol. Just want to say I ended up liking the damn thing quite a lot while a lot of people are hating on it for their marketing tactics.

[kpluck]

12 hours ago, lambrosgg said:

I really can't understand why people ever trusted any of them.

So, in your world, if any company does something wrong, all companies offering the same service or product are doing the exact same thing? That would pretty much make it impossible to buy any product or service. I doubt any industry would be unaffected by such a mindset. Ted Kaczynski? You finally got internet access eh?

 

-kp

[straight_stewie]

I have to agree with OP here.

It is highly likely that any given VPN-as-a-service provider, at least those that exist in countries that like to levy the men in suits, is keeping connection logs.

Otherwise, when their servers get caught doing various nefarious things, they can't pass the buck. In the US, it would probably stick in court, or at least that's probably a risk not many are willing to take.

 

The whole point of internet security is that you assume the worst and never trust anyone...

The safe assumption is that your VPN service provider is keeping the most detailed connection logs they can, and to behave as such.

Beyond that, if your VPN service provider is using a cloud service provider, it is also likely that the cloud service provider is keeping connection logs, whether or not the VPN service provider is. Of course, for billing reasons, the cloud service provider also keeps logs about who's services were running on what hardware.

Beyond that, a VPN service is the perfect place to run covert MiM attacks, so you have to trust every other person on the internet when you use a public VPN as well.

[Marbo]

I think we have to accept that anytime we're online someone somewhere is logging our details. As stated what's the point of paying someone to do it. 

 

The only use I see for vpn is as others have pointed out, to bypass geographical restrictions. Then it doesn't always work, for example bbc iplayer won't work even if I have the vpn set to somewhere in the UK. 

[Teddy07]

Donˋt care, still happy with nord vpn