I'm a little unclear why I would trust that there is no logging. With root access to the VPS, I'd be able to determine that the OpenVPN service on the VPS is not logging the connection between my device and the VPS, but I obviously don't have any access to the infrastructure beyond the VPS. My ISP might not be able to see my traffic, but the ISP of the VPS would, and I'd be just as identifiable if there are logs matching my dedicated IP to my account.
I don't have control what goes on outside the VPS, but root access is my proof to my customers that I am not logging. Certainly no VPS is the magic pill to internet security or anonymity.
This is what makes this no better than any other VPN service. I still need to completely trust that the provider is not watching me. Even with full hardware access, there could be an invisible sandbox or hardware DMA to some chip I can't see. There is no easy scalable solution to avoid this in a technical level. But you can be one anonymous user in a sea of many others and hope for the best, which is why I'd advise to go to a trusted mainstream VPN provider.
Yep. I have heard stories of people that setup a Streisand VPN on a digital ocean droplet, and then got sent DMCA letters for torrenting. Digital Ocean turned over their identity and banned their account.
If you're just doing it for privacy, then cool. If you're doing it to mask potentially illegal activity, don't. Use PIA or something like that.
I think it depends on threat model. If you’re looking to do anything illegal, probably no VPN is a good idea.
But if you care about privacy in general, a VPN is always a clear win. No VPN will ever be perfect. But for a VPN, this is pretty good with regards to security.
All depends on what you're doing and threat model.
Some may just be avoiding local isp surveillance. Some are just getting a vpn to access a site blocked on their country.
For what you said,it really matters what country it's in and who is hosting it. For example, switzerland and finland means no dmca cooperation (not easily at least). If the owner is publicly known and had a lot to lose outside of the vpn business in the event of a reputaional loss, that would be even more preferable (for me it's freedome or protonvpn due to the risk they take by associating it with f-secure and protonmail respectively)
Isn't one of the main selling points of VPN that you can't be tracked by IP adress when multiple people are using the same VPN server as you? GhostiFi can't provide that as far as I can tell.
It would be kinda cool to build something like this on top of https://github.com/Nyr/openvpn-install. It's a single script that generates the .ovpn client side files.
Readit News
And with root access to the VPS host, you can just extract private keys from the VPS ram and proxy the connection, logging it all the while..
so no, this claim is not tenable even at the VPS level.
If you're just doing it for privacy, then cool. If you're doing it to mask potentially illegal activity, don't. Use PIA or something like that.
But if you care about privacy in general, a VPN is always a clear win. No VPN will ever be perfect. But for a VPN, this is pretty good with regards to security.
Some may just be avoiding local isp surveillance. Some are just getting a vpn to access a site blocked on their country.
For what you said,it really matters what country it's in and who is hosting it. For example, switzerland and finland means no dmca cooperation (not easily at least). If the owner is publicly known and had a lot to lose outside of the vpn business in the event of a reputaional loss, that would be even more preferable (for me it's freedome or protonvpn due to the risk they take by associating it with f-secure and protonmail respectively)
How can you claim no-logging if you are running on someone else's servers?
Discussion: https://news.ycombinator.com/item?id=17815352
https://github.com/angristan/openvpn-install
The fork is maintained by someone who lacks a basic understanding of networking, system administration and security. I'd suggest against using it.