Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

I can see how they can open source their client side applications, and I guess they can open source their server code, but I can't wrap my head around how we can verify what exactly they are running on their servers. Like, can we ssh into them with root access and poke around running processes? I just don't get it. Anyone have a clue how else that kind of verification can happen?


it's not possible

and even if it was they could just configure their switches to mirror ports to send the traffic somewhere else for logging

this entire thing is snake oil designed to fool people that don't know any better

trust is earnt... and PIA hired Mark Karpeles, put him in charge of technology then later sold out to a malware firm

if you insist on having a VPN: there's plenty of other firms that don't have these "attributes"


What alternatives do you suggest? I just cancelled my PIA subscription and am in the market.


FoxyProxy offers a branded VPN service and the proceeds support its development: https://getfoxyproxy.org/order .

I can't vouch for it personally and all I know is that it supports an open-source extension I've relied on for more than a decade, but at least it beats contributing to Karpeles' paycheck, right?


I've heard good things about Mullvad and IPredator, both from Sweden. Generally you want to be looking for VPN providers that don't spend half their revenue on marketing.


I use Mullvad with the standard wireguard clients. Works much better than anything OpenVPN based. They are based in Sweden which seems like a reasonable jurisdiction.


Mullvad or (depending on if it has launched yet) the Firefox branding-over-top-Mullvad for the same price.


Yeah I think you're right




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: