privacyguides/privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

Fix conflict with master

Browse Source
This commit is contained in:
Daniel Gray
2019-11-29 17:07:34 +00:00
parent 0c53ee1b63 475b033480
commit 1bee88b6f5
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
pages/providers/vpn.html
View File

@ -62,6 +62,7 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
<li>OpenVPN and WireGuard support.</li>
<li>Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)</li>
<li>Easy-to-use VPN clients, especially open-source. Even better if the Android version is also <a href="https://www.f-droid.org/en/2019/05/05/trust-privacy-and-free-software.html">available in F-Droid</a>.</li>
<li>Supports <a href="https://en.wikipedia.org/wiki/IPv6">IPv6</a>. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.</li>
</ul>
</div>
@ -124,6 +125,36 @@ description: "Find a no-logging VPN operator who isn't out to sell or read your
</ul>
</div>
<div class="col-12">
<h3><span class="badge badge-info">Marketing</span></h3>
<p>With the VPN providers we recommend we like to see responsible marketing.</p>
</div>
<div class="col-md-6">
<p><strong>Minimum to Qualify:</strong></p>
<ul>
<li>Must self host analytics (no Google Analytics etc). The provider's site must also comply with <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DNT (Do Not Track)</a> for those users who want to opt-out.</li>
</ul>
</li>
<p>Must not have any marketing which is irresponsible:</p>
<ul>
<li>Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know users can quite easily deanonymize themselves in a number of ways, eg:</li>
<ul>
<li>Reusing personal information eg. (email accounts, unique pseudonyms etc) that they accessed without anonymity software (Tor, VPN etc)</li>
<li><a href="https://www.privacytools.io/browsers/#fingerprint">Browser fingerprinting</a></li>
</ul>
<li>Claim that a single circuit VPN is "more anonymous" than Tor, which is a circuit of 3 or more hops that regularly changes.</a></li>
<li>Use responsible language, eg it is okay to say that a VPN is "disconnected" or "not connected", however claiming that a user is "exposed", "vulnerable" or "compromised" is needless use of alarming language that may be incorrect. For example the visiting user might be on another VPN provider's service or using Tor.</li>
</ul>
</div>
<div class="col-md-6">
<p><strong>Best Case:</strong></p>
<p>Responsible marketing that is both educational and useful to the consumer could include:</p>
<ul>
<li>A accurate comparison to when Tor or other <a href="https://www.privacytools.io/software/networks/">Self contained networks</a> should be used.</li>
<li>Availability of the VPN provider's website over a .onion <a href="https://en.wikipedia.org/wiki/.onion">Hidden Service</a></li>
</ul>
</div>
<div class="col-12">
<h3><span class="badge badge-info">Additional Functionality</span></h3>
<p>While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.</p>