✨ Feature Suggestion | VPN criteria: Adding infrastructure provider/ownership info to trust #1439
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1439
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description:
Our VPN criteria for trust: https://www.privacytools.io/providers/vpn/#criteria currently is as follows:
Should we be also looking at whether the VPN provider is transparent about who owns their servers? We could probably put it under Best Case or make this point more obvious. (I'm under the impression that "or ownership" under Minimum to Qualify currently talks about company ownership and not server ownership.)
For example:
Mullvad had a recent blog post on updating their server list with provider and ownership details:
Do we know if anyone besides Mullvad does this? I would be happy to put that criteria under the best case but I don't think it needs to be a minimum requirement. Ultimately while the server owner does matter, the VPN provider is still 100% responsible for auditing the server/datacenter owners and securing their rented servers and networks. It should be on the end user to evaluate the VPN provider and their owners, which is why public ownership is a criteria. However, it should not be on the end user to evaluate everyone their provider rents from. That is the provider's job, NordVPN.
Yes.
I hate (but also love, of course) how Mullvad appears to be virtually flawless and solves any even potential problems they have with their service like this one incredibly quickly and transparently. It makes them easy to recommend but it also sets the bar very high so we can't recommend anyone else. Makes it look like we're shilling Mullvad 😅 — But we can't do anything about that I guess, besides shame other providers into being better maybe lol!