Tangential to this article, can someone clarify on what's good / bad about NordVPN? I've been trusting their services for 2 years now, and I signed up on some ridiculously good offer of 3 years for <$100 a year ago, so I'm locked in for 4 full years. I did this because I trusted the service from reading reviews, but places like reddit are always shitting on NordVPN, both due to their ads (obv not the issue for me) and because of some nebulous "concerns" that no one has been able to articulate properly for me.
I know about the recent hack, but it seems like all of their precautions actually worked in protecting the consumers, and no logs were ever shown to have existed or been stolen.
They showed with the recent hack that, to them, maintaining their marketing & reputation is a higher priority than informing their users of possible security incidents, and that they would rather try to cover stuff up than be upfront about matters.
Or at least that's what I gathered reading the recent HN threads.
> "but places like reddit are always shitting on NordVPN, both due to their ads (obv not the issue for me)"
It's a problem for me. Their ads use scare tactics and make deceptive if not outright false claims. Unethical ads come from unethical corporations. I can't see any reason to give such a corporation the benefit of the doubt by assuming their unethical behavior is limited to how they advertise.
And their US residential proxies do work very reliably for Disney+. There is the possibility that they're using services that obtain those proxies deceptively. But I tracked down one of them, and the guy confirmed that he's knowingly selling his bandwidth. And yes, it's just anecdotal.
I think, in reddit/HN NordVPN does not have great reputation, due to being owned by a data mining company - Tesonet[0], which is a red flag in my book.
IMHO, VPN makes sense for geo-blocking or for corporate use, but for privacy? No way.
Right, you can't trust any one VPN service. But you can use nested VPN chains. Sort of like Tor circuits. To distribute trust, so no one VPN can pwn you.
Orchid is a P2P VPN network that offers dynamic multi-hop connectivity.[0] Users buy bandwidth with supposedly anonymous Etherium-based cryptocurrency. But so far, it's only available on Android and (soon) iOS.
Some years ago, I wrote a guide for IVPN for doing static nested VPN chains (aka multi-hop connectivity) using pfSense VMs as gateway routers for various VPN services.[1]
And not long ago, published on GitHub about doing dynamic nested VPN chains, with recursive NAT forwarding within a single Debian router VM. There are iptables rules that forward one VPN through another, and restrict traffic to the chain. That's lighter, and easier to setup. And it's dynamic, more like Tor. But there's no compartmentalization between OpenVPN processes.
Unlike Orchid, that's not limited to smartphones. But there's are no ~automatic payments and reputation management.
I know about the recent hack, but it seems like all of their precautions actually worked in protecting the consumers, and no logs were ever shown to have existed or been stolen.