# Reaffiliating



## Null (Dec 9, 2019)

I've been running a PIA affiliate banner for probably 3 years now and a lot of you have it so I feel sort of obligated to talk about why I swapped them out. PIA has a very, very generous commission rate of 33% and I've been using them myself for as long as I've advertised them. I also use NordVPN, a more recent banner I've put up, specifically for mobile devices. I give my friends who cannot afford these things access to my accounts so they can have some more privacy online. I have never advocated using a service I do not use and if I stop using something I stop advertising it.

Two big things happened lately that were brought to my attention and I can't ignore them.

*Nord got hacked - then didn't tell anyone*
I was initially unconcerned with the NordVPN hack because of how unimportant the leaked data was. Someone gained access to one of the hundreds of VPN servers that Nord owns and managed to do nothing with it. What I dwelled on in the weeks after was how they tried to cover it up. The Kiwi Farms was hacked and it likely would not have had such a significant and immediate impact on the site's userbase if I didn't say anything about it. However, over time, the obfuscation of such a thing would have inevitably eaten its way out into the light and done more significant damage to the overall trust of the site and people's confidence in my ability to communicate important things to them honestly.

The fact that my shitty little forum had a higher standard for communicating potential problems than an actual privacy service whose entire business revolves around trust and security is something I can't tolerate.









						NordVPN confirms it was hacked – TechCrunch
					

NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked. The admission comes following rumors that the company had been breached. It first emerged that NordVPN had an expired internal private key exposed, potentially allowi…




					techcrunch.com
				





*PrivateInternetAccess got bought*
PIA is good and has only gotten better over time but in the last month they were purchased by a conglomerate.









						CyberGhost owner buys PIA for $95.5m to create VPN giant
					

Private Internet Access will become part of a huge global VPN operation




					www.techradar.com
				




This is a $127 million dollar deal, and I don't believe such deals are made just to help make existing services better. The acquiring company has a poorer reputation than London Trust Media does by itself and will almost certainly consolidate its hardware, internet assets, and datacenters together to make the PrivateInternetAccess network a less atomized and private network altogether.


*I do not believe that PIA or Nord are at immediate risk of anything.* To existing customers, what I would advocate is continuing to use your subscription and then consider new VPNs when they come up for renewal.

One thing worth mentioning with Proton is that they've not published an independent security audit, though they've claimed for an extended period of time that they are working on getting those results out as soon as possible. If this happens I will promote the news visibly.


----------



## meinhausinneuberlin (Dec 9, 2019)

you'll never catch me behind my 7 proxies. Unironically though it seems like there aren't a lot of vpns that exist to protect you even the ones that are ok aren't run very honestly. I don't really have a solution for that either. It just seems like you have to constantly move vpns if you want to stay secure


----------



## Draza (Dec 9, 2019)

So it's best to stick with Proton for now?


----------



## Angry Shoes (Dec 9, 2019)

Nord always seemed like a scam anyways. Too many normie YouTubers were shilling for it.


----------



## No Exit (Dec 9, 2019)

Angry Shoes said:


> Nord always seemed like a scam anyways. Too many normie YouTubers were shilling for it.


That's probably the biggest reason I used PIA. I found it years ago after searching google for an actually good VPN and I never saw any advertising for it anyway. Niche things are almost always better for some reason. 

Seeing it shilled here only made me feel more reassured, it's a shame that's it's probably going to go down the shitter in a few years like the rest of them.


----------



## Null (Dec 9, 2019)

Draza said:


> So it's best to stick with Proton for now?


That's what I'm going to shill now, yes. I like their products. A manager I spoke to with some concerns was very knowledgeable and I have some confidence in them.


----------



## Mushroom Soup (Dec 9, 2019)

We appreciate your ongoing commitment to keeping us safe friend Null


----------



## Hal (Dec 9, 2019)




----------



## Floop (Dec 9, 2019)

I don’t trust them VPNs, always being advertised and mainstreamed.


----------



## Near (Dec 9, 2019)

Angry Shoes said:


> Nord always seemed like a scam anyways. Too many normie YouTubers were shilling for it.



I totally use those MILITARY GRADE shaving creams and razors, guys. Order now, Nord Shave Club VPN


----------



## OwO What's This? (Dec 9, 2019)

Angry Shoes said:


> Nord always seemed like a scam anyways. Too many normie YouTubers were shilling for it.


but how are you going to keep your data private while playing RAID SHADOW LEGENDS


----------



## Anonymus Fluhre (Dec 9, 2019)

Everyone I talk to in the tech side of things are more concerned about NordVPNs posts about the hack than the hack itself as everyone knows all the hackers got was near useless information. (Too many steps to actually make it worth your time and would only affect you if you choose that server and it was in some bumfucknowhere country no one used anyways unless you were doing something illegal. The new owners of Private Internet Access have said that they're going to allow the service to be autonomous so people are just waiting and seeing what happens. So far they're keeping their word but it hasn't been very long. Things didn't work out well for the other services Kape bought out though. Seems however the deal was made so someone else can payoff PIA's debt they've accumulated over the years.


----------



## Dante Alighieri (Dec 9, 2019)

For all you weirdos, if the spooks want you they'll get you VPN or not. If you're just concealing your IP from MPAA/RIAA for torrents and websites, pretty much any VPN listed on PrivacyTools.io will be fine.


----------



## Ellesse_warrior (Dec 9, 2019)

@Null you have a typo in the last sentence. Thanks for the info and transparency.


----------



## rape (Dec 9, 2019)

RIP PIA. Time to go "find" a new vpn provider account.


----------



## MysteriousStranger (Dec 9, 2019)

I've got months left on my pre-paid year of PIA, so it's watchful waiting. I've got it on a whole slew of devices and am happy with it so far. I went with them over Nord because they were substantially cheaper.


----------



## Product Intervention (Dec 9, 2019)

Thank you for this update. For better or for worse, I take your word seriously about VPNs and internet privacy stuff.

These posts are very very welcome. You should offer a subscription service to distribute monthly tips, Null. You've got a name in this field.


----------



## the khat quaffer (Dec 9, 2019)

Near said:


> I totally use those MILITARY GRADE shaving creams and razors, guys. Order now, Nord Shave Club VPN



This video seems relevant. It at least finally takes a jab at VPNs and their silly shills.


----------



## ⠠⠠⠅⠑⠋⠋⠁⠇⠎ ⠠⠠⠊⠎ ⠠⠠⠁ ⠠⠠⠋⠁⠛ (Dec 9, 2019)

Fair. At this point, anything but PiA is a good idea.

Proton is fine for regular VPN uses to stop the MPAA coming down on your ass. If you're doing anything sensitive, just use Tor as well. It's not exactly difficult. Support Null, you faggots.

If you want to be a real sperg about it, there are sites out there that give you detailed breakdowns of VPNs by characteristics of interest, though it should be noted that they do not provide information on some very important things like who owns the company that runs a VPN (PiA, CyberGhost, SaferVPN, Hola, and GeoSurf are very dangerous for example).


----------



## Sam Losco (Dec 9, 2019)

I still have about 1 year and 4 months on my PIA. Hopefully they don't get terrible before then.


----------



## Vlinny-kun (Dec 9, 2019)

I got PIA and I have no complaints so far. I'll consider switching over to something else but only if it's cheap enough.


----------



## AnOminous (Dec 9, 2019)

3119967d0c said:


> Proton is fine for regular VPN uses to stop the MPAA coming down on your ass.



And for shit like accessing the Farms, where if someone hacks the sessions and logs, they could otherwise get your IP address and a good lock on your geographic location, or your ISP to send a subpoena to, or whatever.  And if you connected via a VPN, any of that information that gets leaked is worthless to whoever stole it.


----------



## THOTto (Dec 9, 2019)

The paranoid fuck in me is always grateful for your transparency Null. You do more to protect your user base then any other ooperator I’ve seen.


----------



## Aib Ld (Dec 9, 2019)

I just use the Tor Browser after dropping a lot of tools that turns out to be selling out information, Duck Duck Go included. How fucked am I?


----------



## bippu_as_fuck_ls400 (Dec 9, 2019)

Thanks for keeping us up to date.  I've used Proton in the past for VPN and currently for paid mail.  All of my interactions with them have been positive and they are trustworthy imo.

There is a VPN thread in the Internet/Tech forum if anyone has questions about using/setting things up or discussing VPNs in general.


----------



## Product Intervention (Dec 9, 2019)

3119967d0c said:


> Fair. At this point, anything but PiA is a good idea.


Would you please elaborate on this? I'm interested in hearing more and, well...

I ask because, frankly, I've only ever seen you post contrarian things and I am not sure if you're being serious or if you're simply stating the opposite of what the nearest KF user said.


----------



## ⠠⠠⠅⠑⠋⠋⠁⠇⠎ ⠠⠠⠊⠎ ⠠⠠⠁ ⠠⠠⠋⠁⠛ (Dec 9, 2019)

Product Intervention said:


> Would you please elaborate on this? I'm interested in hearing more and, well...
> 
> I ask because, frankly, I've only ever seen you post contrarian things and I am not sure if you're being serious or if you're simply stating the opposite of what the nearest KF user said.


It's now owned by Kape Technologies, a Unit 8200 spinoff. They spy by default.


----------



## Takodachi (Dec 9, 2019)

I never trusted NordVPN, or anything that e-celebs shill for that matter.


----------



## Give Her The D (Dec 9, 2019)

If you have the knowledge to do so, setting up your own VPN might not be a bad idea too. Vultr allows you to setup a VPS for $3.50 a month if you accept having 500GB of bandwidth to use every month, which should be more than plenty for web browsing and ocassional YouTube play. It's even cheaper if you choose to use an IPv6 only server, in which case they take $1 off the monthly price.


----------



## Jump (Dec 9, 2019)

Ad Lib Moaning said:


> I just use the Tor Browser after dropping a lot of tools that turns out to be selling out information, Duck Duck Go included. How fucked am I?


I use the TOR browser a lot so I guess your just as fucked as me.  A little glow aint so bad.
 The KF .onion works great and I don't really notice any speed difference with my shitty internet connection.


----------



## Product Intervention (Dec 9, 2019)

3119967d0c said:


> It's now owned by Kape Technologies, a Unit 8200 spinoff. They spy by default.


How so? Could you give me a bit more than that.

Again, I'm not trying to be a dick to you. I do want your information. But you're giving it out in drips and the burden of proof is on you to prove your claims.


----------



## cjöcker (Dec 9, 2019)

It's amazing that Null gives more of a fuck about people that use NordVPN than NordVPN do.


----------



## James Smith (Dec 9, 2019)

3119967d0c said:


> Proton is fine for regular VPN uses to stop the MPAA coming down on your ass. If you're doing anything sensitive, just use Tor as well.


You shouldn't use a VPN with Tor as it reduces your security. It doesn't increase it. This has been said hundreds of times online by dozens of knowledgeable people.


----------



## BrunoMattei (Dec 9, 2019)

I just bought a year subscription to PIA.

FUCK.


----------



## AnOminous (Dec 9, 2019)

SoapQueen1 said:


> You shouldn't use a VPN with Tor as it reduces your security. It doesn't increase it. This has been said hundreds of times online by dozens of knowledgeable people.



I disagree with that.  Just connecting to tor at all is seen as suspicious in many jurisdictions.  There are valid reasons to use either TOR-over-VPN or VPN-over-TOR.  Unless you're doing something horribly wrong, there's no reason using both should make things worse.  There is no reason to disable a VPN just to connect to an onion service through TOR.


----------



## cjöcker (Dec 9, 2019)

SoapQueen1 said:


> You shouldn't use a VPN with Tor as it reduces your security. It doesn't increase it. This has been said hundreds of times online by dozens of knowledgeable people.


How does it reduce it? Wouldn't all shit that goes through tor go through the VPN aswell?

Edit: to be clear, what I mean is
your home net --> whatever fuckass VPN you use --> tor bullshit


----------



## Pissmaster (Dec 9, 2019)

I really do appreciate your honesty a lot, Null.  You are night and day when compared to an administrator like Lowtax.


----------



## AnOminous (Dec 9, 2019)

cjöcker said:


> How does it reduce it? Wouldn't all shit that goes through tor go through the VPN aswell?
> 
> Edit: to be clear, what I mean is
> your home net --> whatever fuckass VPN you use --> tor bullshit



The VPN may have records of your connection, and at least knows your originating IP address.  If you pay with USD, they have your payment information.  However, the first TOR hop could do the same.  But if someone gets a subpoena for your ISP and for the site you're connecting to with TOR, showing you were connected to TOR at the same time as the TOR connection to the site was made is at least consistent with you being that person, especially if they have other evidence to go along with that.

Anything involved with this site is likely to be civil, not criminal, unless you go massively full retard, so the standard of evidence would be preponderance, and they'd just have to prove "more likely than not."

If everything you do is through a VPN, and you also connect to TOR, at least the final hop will not be via the VPN where you (may be) known to have an account.


----------



## bippu_as_fuck_ls400 (Dec 9, 2019)

Product Intervention said:


> How so? Could you give me a bit more than that.
> 
> Again, I'm not trying to be a dick to you. I do want your information. But you're giving it out in drips and the burden of proof is on you to prove your claims.



This post has links which discuss the owners and their past activities.  The discussion continues on down the thread.


----------



## Jamal McGucci (Dec 9, 2019)

I don't get why you would use a VPN unless your using public Wi-Fi. Those VPN companies are just as bad as ISPs lmao. If you really need a VPN I would run one from home or on a VPS. Don't expect a VPN to really hide who you are.


----------



## Null (Dec 10, 2019)

Jeromeo said:


> I don't get why you would use a VPN unless your using public Wi-Fi. Those VPN companies are just as bad as ISPs lmao. If you really need a VPN I would run one from home or on a VPS. Don't expect a VPN to really hide who you are.


The entire point of a VPN is to hide where home is. When you share a connection from Switzerland that lasts a day and is shared with hundreds of people it also helps protect you from corporate trackers that sell your data.


----------



## Apteryx Owenii (Dec 10, 2019)

I've never quite understood how proton turns a profit off their free available service. I guess there are enough power users that exceed the limitations and pay but boy it's easy for simple browsing.



Jeromeo said:


> I don't get why you would use a VPN unless your using public Wi-Fi. Those VPN companies are just as bad as ISPs lmao. If you really need a VPN I would run one from home or on a VPS. Don't expect a VPN to really hide who you are.



It really depends who you're 'hiding' from. Your security needs for shitposting about a vindictive cow who likes to try and dox\sue people is a lot different than the security one would need hiding from a state actor.


----------



## Cedric_Eff (Dec 10, 2019)

Crazy stuff man, I avoided any of them and just went straight for TunnelBear. I just liked the whole bear motif.


----------



## AmpleApricots (Dec 10, 2019)

VPNs in my opinion are too big a target for not being very attractive for subversion by certain agencies. That said they're probably safe enough to protect you from random greedy copyright lawyers and crazy forum admins. I'm not entirely sure they're good enough when a place you were active in gets seized complete with logs just because somebody read a bit too much 8chan and went on a spree, or caves in when it gets some low level police inquiry as null has gotten in the past, and my imagination is it depends how much public interest/pressure is on them in such cases. People say this never happened as the truth would come out that a VPN logs and supplies data but when uniformed people show up at your house at 4 AM, take all your electronics and scare and imply to you that you're "in hot water now" and better shut up, you're not gonna talk about it. Most people wouldn't. In many countries "gagging" people to talk about such things is also a perfectly legal tool.

What I'm generally mostly worried about with them is subversion for passive data collection, and I just don't really trust them there personally. That data they collect for god knows whom might not even be valuable now, but with shifts in laws in some countries and technology in general (to sort through it) it might become valuable later. These agencies have a very long breath and love doing shit like collecting stuff for twenty years "just in case". Look it up if you don't trust me on that, even "just" law enforcement loves such strategies. I wouldn't even be surprised if this very post ends up in some agency archive. Not because it's of special interest, just because it was passively crawled with everything else.

What also gives me pause with VPNs is how utterly aggressive some of them are marketed and advertised, even with huge, often unlimited rebates when you do as much as just sign up.

I'd go with Tor for general browsing, the decentralized "no single place knows all, nobody's in charge" nature of it speaks to me more from a security standpoint. I also like how most places lock out tor exit nodes by default, it's a bit of a seal of quality regarding how anonymous it probably is. (barely any of the big players do this for VPNs, strange if they're "just as anonymous&safe" IMHO) Tor has gotten noticeably faster in recent years and places that do blanket bans on exit nodes are often not worth visiting to begin with. Normal stuff (e.g. shopping on eBay, online banking) I personally do without anything as that's tied to my identity anyways. ( = it makes no sense to hide my IP from e.g. Amazon when I do christmas shopping with my account. They know my address. It might even make me less anonymous as they might correlate that data with other browsing I do)

All this also won't help you if you have poor opsec or limited understanding how this stuff works. I for example push my tor browser instance in a network namespace in linux in a way where it can only communicate with the outside world via tor and can't even see my network interace(s)/local network, even if I wanted it to. If you don't get any of that and just want to push a button that makes you anonymous, you might be in an inferior position to begin with. This is not meant in an insulting or arrogant way (I hold privacy very dear and it should be available to everybody) but the truth is if you can't identify risks and plan your own opsec, you might have a problem. Even the kiwileaks have shown that people that found their way here are not good about anonymity and there was enough data in that leak to dox some of them. No fancy vpn/browser/technology is going to protect you if you can't do it by yourself.


----------



## awoo (Dec 10, 2019)

like I said before I do not care (not enough energy) if my VPN is doing some shady shit or doesn't resist a determined state actor who thinks I'm a terrorist or illegal weapons dealer or something. If a government really wants to track me down they can easily and I just can't put in the energy to be paranoid. I just don't want to see any ISP letters from watching an old movie or downloading music.


----------



## Jump (Dec 10, 2019)

AnOminous said:


> However, the first TOR hop could do the same.  But if someone gets a subpoena for your ISP and for the site you're connecting to with TOR, showing you were connected to TOR at the same time as the TOR connection to the site was made is at least consistent with you being that person, especially if they have other evidence to go along with that.


That is why its a good idea to use TOR when ever you can even for general web browsing.  You can't correlate a TOR start/stop time for something that happens on a site if you never stop TOR. Leave a site like drudgereport with it's autorefresh or a site like KF open in a tab and your connected to the guard node constantly. 

Use TOR 1 time in a month and it correlates exactly to the time something exceptional happens on a site. Ya that might be you. 
Use TOR 31 days a month and something happens its a lot harder to say that was you.


----------



## DoodleBerry (Dec 10, 2019)

Jump said:


> I use the TOR browser a lot so I guess your just as fucked as me.  A little glow aint so bad.
> The KF .onion works great and I don't really notice any speed difference with my shitty internet connection.


I got "hacked" in the big kiwifarms breach and literally have only seen an uptick in Nigerian Prince emails to the address associated.


----------



## bippu_as_fuck_ls400 (Dec 11, 2019)

DoodleBerry said:


> I got "hacked" in the big kiwifarms breach and literally have only seen an uptick in Nigerian Prince emails to the address associated.



I got scared and started following a tutorial I found on /g/.


----------



## Null (Dec 11, 2019)

AmpleApricots said:


> VPNs in my opinion are too big a target for not being very attractive for subversion by certain agencies


So are ISPs.








						Room 641A - Wikipedia
					






					en.wikipedia.org


----------



## a_lurker (Dec 11, 2019)

Apteryx Owenii said:


> I've never quite understood how proton turns a profit off their free available service. I guess there are enough power users that exceed the limitations and pay but boy it's easy for simple browsing.



People who use their VPN  to avoid getting nastygrams from their ISP from torrenting. Eats through the data caps on most free vpn accounts quick.


----------



## No Exit (Dec 11, 2019)

I only really use my VPN to hide from my ISP. I'm actually curious about good antivirus software. When you get most of your programs not from the main source like I do you have to worry about catching something.


----------



## selamat_pagi (Dec 11, 2019)

I run my own VPN on an EC2 instance, works wonderfully. Free for a year, and something like $7 a month at my current data usage after. Highly recommend.


----------



## Smug Cat (Dec 11, 2019)

DanteAlighieri said:


> For all you weirdos, if the spooks want you they'll get you VPN or not. If you're just concealing your IP from MPAA/RIAA for torrents and websites, pretty much any VPN listed on PrivacyTools.io will be fine.


The difference between shady and not-shady VPNs is more for general privacy concerns than anything else, imo. You're right - if the feds want you they'll get you, no matter what you do. However, the company that just bought PIA has an _awful _reputation. They're an aggressive tracking and advertising company, and they've also been involved in adware and browser hijacking in the past (you can read about that a bit here). The MPAA still won't bother to get your real IP, and the spooks will still get it if they want it, but if you're a general privacy sperg like me, the difference between that and a more reputable provider is absolutely critical.


----------



## Pepito The Cat (Dec 11, 2019)

Fucking Semper Fi. Thanks for the heads up, Josh. Little things like these are why I stick around. Every crazy motherfucker under the sun can suck my ball if they don't like my opinion, dox or not but a cover of a fuckup coming from a service or site admin feels like actual treason and a completely valid reason to bolt the fuck out.

No electronic service is safe but morals are a choice. If you compromise those, you're done.


----------



## a_lurker (Dec 12, 2019)

selamat_pagi said:


> I run my own VPN on an EC2 instance, works wonderfully. Free for a year, and something like $7 a month at my current data usage after. Highly recommend.


eh, if your the sort to use the vpn  to "hide among the crowd"  and an additional layer of CYA when your up to shady shit, this method does fuck all as the traffic coming out of it is directly tied to you and your billing info. 

However if you're trying to make a remote access tunnel to and from home, or just for a private pipe when on foreign networks, this ain't too bad of an idea if you've got the cash to do it.  Trusting yourself is better than some less than transparent company shilling "privacy services"


----------



## Safir (Dec 12, 2019)

AnOminous said:


> Anything involved with this site is likely to be civil, not criminal


Depends on the jurisdiction. I wouldn't trust anyone's who can type weird letters.



greengrilledcheese said:


> I got scared and started following a tutorial I found on /g/.
> View attachment 1045512


> park some distance away


----------



## José Mourinho (Dec 12, 2019)

Been using ProtonVPN even before the affiliation, and it was mentioned on the forum too several times when discussing about VPN options.

So far it's pretty good for me.


----------



## Null (Dec 14, 2019)

DawnDusk said:


> Can anyone using the basic version of ProtonVPN confirm that you cannot use it to access geographically-locked content?


I noticed that ProtonVPN uses very clearly labeled "ProtonVPN XX" ASN names which would indicate to a network administrator it is a proxy service.


----------



## L50LasPak (Dec 16, 2019)

> * got hacked - then didn't tell anyone*



Its the 2010s. Tell me something new.


----------



## TwinkLover6969 (Dec 16, 2019)

selamat_pagi said:


> I run my own VPN on an EC2 instance, works wonderfully. Free for a year, and something like $7 a month at my current data usage after. Highly recommend.


whats the most expedient way to transfer my data to the cia aws servers


----------



## AnOminous (Dec 16, 2019)

AmpleApricots said:


> VPNs in my opinion are too big a target for not being very attractive for subversion by certain agencies.



The kind of agencies that do things like subvert VPNs are not going to blow their whole operation to go after some shitposter on a lolcow forum.  They will save that shit for something actually important.  They don't care about you that much.

Part of the whole point of subverting a VPN is to keep up your surveillance operations.  If they blow the whole deal by actually using information they got, unquestionably, from raping a VPN, they've just driven away all their more valuable targets from using that.

So I "trust" TLAs to do what TLAs do, and what they do is not squander their most valuable resources.  They don't care about you, they aren't going to fuck with you.


----------



## Give Her The D (Dec 16, 2019)

selamat_pagi said:


> I run my own VPN on an EC2 instance, works wonderfully. Free for a year, and something like $7 a month at my current data usage after. Highly recommend.



I use Vultr and WireGuard. $3.50 a month for 500GB of monthly bandwidth, 512MB of RAM and 10GB SSD, which is perfect for a VPN.


----------



## Sondermemehandlung (Dec 17, 2019)

I don't use these particular VPNs, but I think they are enough to protect people from EU "hate speech" laws and muh online piracy complaints.


----------



## ScatmansWorld (Jan 5, 2020)

So uh, what happened to ProtonMail and ProtonVPN?


----------



## Vecr (Jan 5, 2020)

ScatmansWorld said:


> So uh, what happened to ProtonMail and ProtonVPN?
> View attachment 1084514



They got an angry mail and stopped dealing with @Null and the farms.


----------



## Null (Jan 6, 2020)

ScatmansWorld said:


> So uh, what happened to ProtonMail and ProtonVPN?






Feel free to contact them if you want to complain but companies like this generally undependable.

I'll look into alternatives in a bit. I would try Mullvad but they don't do affiliates.


----------

