• Deloitte confirms PIA’s no-log claims, with servers running on RAM-only system for maximum privacy.
  • Independent audit verifies PIA’s infrastructure is not vulnerable to third-party exploitation, ensuring online activity remains private.
  • PIA offers full transparency with open-source apps and regular third-party audits, proving its commitment to data protection.
  • henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Biggest problem is that it’s free. That means you’ve got very little bandwidth that’s usable since it’s being supplied out of generosity for no direct compensation that could be reinvested into the network. There’s just too many users and not enough bandwidth.

    And because it actually works, it’s very difficult or impossible to police how it’s used. That means your precious bits are just as important as the 100,000 spam emails that another user is trying to send with the service.

    Finally, you might not want to use it because you’re sharing the same exit nodes with many other users. This means services tend to block those IP addresses outright, limiting what you can use it for, and if you leak and identify such as your name maybe you don’t want that tied to an IP address that actual terrorists might have used.

    I write this as someone who owns a bunch of official Tor merchandise.

    • db2@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Spam emails are about the tamest dark part of the dark web though…

      • henfredemars@infosec.pub
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        I’m trying to be nice for the general public that could be reading this post. But yes, there’s a lot of bad stuff out there, and VPN service providers aren’t just getting paid to invest in tons of bandwidth, but they are also doing some policing of their service. They just don’t talk about it. It’s bad for business. And yes, you can police a service without technically logging any data.