Hey, what are your thoughts on Invidious?

How many times NordVPN got hacked?

I thought Orbot was considered a honeypot or some such these days??

Network Chuck? More like Fedwork Chuck, amirite u guys?

Iam behind 7 proxies iam protected

Is this actually the ultimate honeypot

​@@49531they've been in buisness for a long time now, either they're really commited (honeypots usually aren't (as far as we know)) or they aren't honeypots

They also now run everything in RAM officially

@@49531 Tor is, it was compromised in 2013 in preparation for Operation Onymous. The download had all the security settings set to low by default when previously they were high and for months when security settings were changed to high, scripts were running on every site to assist law enforcement. I even downloaded a exe from the site that contained a profiler trojan, but tor project ignored complaints. Many exit nodes are compromised. Don't use a VPN, they provide all your data to law enforcement and manipulate it. The reason people use a VPN and Tor is because they connect to a bridge to hide what they are doing. Tor is not secure, not private and you can be uncovered at any time. Remember the DEFCON talk that was going to show how this worked - it was pulled and they went quiet. VPNs might not directly log, but hosts that own equipment have to by law. I recently found WeVPN was a honeypot, they vanished once people realised and the police operation was shut down. One server was on a UK police IP. If you connected in to Manchester, UK, the police were watching. Some say these Encryption In transit email services like Proton are honeypots.

@@49531 Imagine.... - Hopefully not

Yeah, I've been thinking the same thing. It was just a one big VPN provider commercial masquerading as a tutorial.

I can't stand that soft spoken shill.

Almost every video is "And to do that, we'll be using our sponsor..." and then some service that collects all of your data

@@danielrobinson3654For real, thats why I stopped watching him. Also he doesn't really care about questions on his comment section at all. His Instagram OSINT video has millions of views, but Osintgram doens't work anymore, because the author didn't update it and lots of people don't understand that. I tried to tell them and got blocked from his channel. He could atleast like make a pinned comment or something where he tells, that the video isn't up to date.

You know that production quality doesn't come for free, right? I don't blame people for wanting to make money by legitimate means. Some of his sponsors are genuinely useful.

Won't the government ever chase after the people there? Or are the VPNs located outside mainland china?

Im laughing at the image of the CCP playing whack-a-mole with VPN companies.

Same in iran. Basically everything but porn used to be accessible without vpns but after people protesting and using social media to coordinate them everything got filtered i personally have 2 vpns

@@ainz2579 which ones do you use? also by using VPN, your ISP/government wouldn't actually know that you are using VPN?

@@zahiddigital8301 they don't care if use vpns its not illegal they oppress for the sake of doing it

Its like the dirt in the corner of that barbershop that gives you the cleanest fade. If there is no foldable table behind someone talking about edge traffic I dont want none of what he has to say lol

@@SolsticeSH you get it lmfao

So he can quickly pack up and leave if needed.

looked at that table at least 3 or 4 times i would say this video maybe even more idk but i agree lol

I agree

💀😭

Good for him, honestly

@@zaremol2779 I mean if he can afford it then - sure.

It’s cuz he’s crazy religious

He's weirdly religious, so yeah, condoms are evil, etc. It's the reason I don't support his channel.

They probably also get your name, payment method, email,...

You're missing the fact that you are standing out from the crowd of folks that use tor browser as usual. What's the point of slightly overburdening the law inforcement if they otherwise know where to look?

Nord says they do not keep logs about users' timestamps and traffic destinations

They need to subpoena your IP too. Vpns have your payment options. Once at the vpn, they have you. Once at the ips, they have you. Ofc there is a case for this or that, what are your local laws and how are the local laws of your vpn. Which agencies are interested in tracking you and so on. But it ain't that simple

You're missing that feds already monitor vpns

Bro fears nothing

What KGB?

@@lolotrololo2275FSB

I think it's a joke. Also, the KGB is dead, the FSB is the current iteration. FAPSI seems to be their equivalent to the NSA. KGB seems to be mostly famous due to western movies using them as the other evil spy group, etc. Which, yeah, they, the CIA, they are all super evil.

@@lolotrololo2275 KGB is like a soviet FBI

We do a bit of federal trolling.

Vpns sell your data to the feds

@@ainz2579 oh no my datat

@@fluffy6818 lmao😹

Just to have ads from random countries

new media is literally garbage. interesting that the guy in this video has something most new media lacks which is basic literacy and the slimmest margin of effort in actually making content. it's not common.

Yup 🙏

But all the points he brought up weren't valid for the vast majority of people using a VPN + Tor, most people watching this video aren't doing it from China or a middle-eastern country that have hijacked VPN providers. If you don't trust your ISP, use a VPN with Tor, that way your ISP won't know you're accessing the Tor network.

​@@wiredfox3451good point

Popular opinion what the fuck may be popular with the troglodytes remember to update your windows proprietard

never use Windows, always wipe any PC completely after each use with Privazer, a shellbag cleaner and bleachbit. I spent years testing file and PC wiping software by running it and then examining PCs with EnCase. Evidence Eliminator was really good, but so is PrivaZer. Many others left multiple traces of activity. Your ISP records a lot about you and can provide police with access to your router as ALL of the commercial ones have a backdoor built in.

I'm forgetting what an RDP is in this and frankly I think there's probable to many definitions out there for me to look ghrought

@@casev799 Remote Desktop Protocol

Remote Desktop Protocol@@casev799

Remote desktop protocol lol

That doesn't actually sound safer. If you want to track tor connections and all of them route through a smaller list of nodes that doesn't often change that's the first target. Is there more to the system? It sounds like it's just "trust me bro"

@@DERADI30 You have a point, I would assume that small group of nodes are from trusted sources and probably some other characteristics which would make it less susceptible to spying, but then again if one of those trusted nodes get breached, this would probably eventually get discovered and it would no longer be a trusted node, but until that happens you still have 2 other relays which are very very likely to not be controlled by mutual organisations which keeps it relatively safe, but it still all comes down to chance really And by trust I don't mean each node has an assigned reputation because that would definitely make it an easy target but rather I would guess it comes down to heuristics on volunteer nodes.

@@joopie46614 It would be concern from privacy point of view, but TOR is based on theory of "you can't trust ANYTHING at all". Your connection to between each node is encrypted with different encryption and only 1st node you connect to, knows your real IP or what comes from your computer. This means every node past first node, knows only from which node this traffic came from and what is next destination, if someone tries to track you from one of those never changing nodes, they would have to know what traffic from which source out of thousands of others they would have to follow. More simply, even if someone tries to trace you from the first node your connection is going to, they would have to know at least the country you are at, ISP you are using and public IP address your computer is using, since they would have to screen through hundreds if not thousands of different connections coming all over the world at the same time, unless you are using something like a VPN to raise eyebrows, won't reveal anything other than you are just 1 among many people who use TOR. Now even TOR isn't able to keep you 100% anonymous, I'm pretty sure there are ways to trace TOR users, it's just extremely resource and time consuming, so unless you do something that puts you under someones radar in the first place, your traffic is seen just like any traffic, regular encrypted traffic and hardly worth the time and effort to look into that deeply.

@@joopie46614 Here: www-users.cse.umn.edu/~hoppernj/single_guard.pdf

Guard Node: Sees your IPS's IP address, not the content requested Middle Node: Can't see shit, just moves traffic from Guard to Exit Exit Node: Sees your requested content, cannot see who you are

To be fair a lot of the time (or at least when I last him watched a couple years ago) he would often have two tutorials, one which shows running it on your own device and one running it is a cloud based server. At the very least if you have a bit of an understanding of it anyway, you can likely use the section of the cloud tutorial post-setup to have your own go at it

you are spot on...bro 😉😉

Why is this news or even interesting? Of COURSE he's monetizing. He is a KZbinR. LOL

@@alfredcam5213 you missed the point. It's one thing to monetize, but it's another to monetize while not "adding" anything to whichever subject the influencer is talking about.

i completely disagree with him but why would nord sponsor a video about not using vpns? :q

Damn, you're an online bunker! I used just Orbot occasionally with mobile TOR, on my stronger phone untill it recently burned battery from all the work. And a simple free VPN for PC. How would you rate these?

I would love info on what this browser extension is and if it takes away major bandwidth or whatever

@@xaxa-0x3F Just Google "tor snowflake" and you'll get all the info.

Snowflakes to jest drobnostka dla ludzi żyjących w wolnych krajach, nawet nie zauważą że ta usługa działa w tle. Jednak jest to bardzo ważna usługa dla ludzi którzy nie mieli tyle szczęścia i żyją w krajach objętych cenzurą. Każdy z nas powinien dołożyć cegiełkę do tej inicjatywy i przynajmniej zainstalować oraz włączyć rozszerzenie Snowlakes na swojej przeglądarce.

What else could we possibly use... softether?

​@@qlippoth13been forever since i've used softether, any new developements on it or anything interesting happen?

dawg no one uses Tor with good intentions its entire purpose for most is to be used safely for BAD intentions

@@qlippoth13 i2p

​@@DOG_EATER_1887yep normal folk use Windows. Might use VPN. Some normal folk might use MAC OS. Linux or Tor. Normal folk do not. Only players. You are 100percent correct.👍

everyone i try to follow chuck tutorial they never work and make me go down a rabbit hole 😂

@@obm_jay100% -Dude speaks in bullet points. Interesting topics but makes me cringe when he say “hacking” over and over and over.

​@@obm_jaythere always seems to be stuff missing between steps needed for them to work. At least that's been my experience

Dunning-Kreuger syndrome, where you think you know everything because you don't know what you don't know. Best way to be "confidently incorrect" lolz.

I think he probably knows more than you think, but its also a business for him not a platform to educate people about cyber. Which imo just makes it worse because he KNOWS he is giving bad information but that's the only way he can make as much money so he does it anyways.

Yeah, I felt that too! Also, there are a few other statements in there which I feel are demonstrably wrong ... or, at least, that there's some narrowing context for his statements that isn't coming across. They're certainly not universally true. Even mentioning the experts statements about not using VPNs with TOR were clearly aimed at those using commercial services based on the false claims those services make... it's a rather broad assumption that only naive people are using VPNs in a certain way for a certain reason, and not getting what they expect. I can give real world counter examples, including how VPN use can be indistinguishable from HTTPS use (even under a protracted state investigation) ... when using actual web services as the cover. For example, my Chinese friend owns a European VPN (running on a cheap cloud VPS) that gets used daily by several users, from China, and has not been blocked once (in a decade of use) despite having had a lot of 'strange' hits to investigate the nature of the 'web services'... even after one of those users came under a three year state investigation for protest activities. This is because the traffic can be switched seamlessly from the HTTPS service, to an unexposed VPN service, without any perceivable change in protocol. Anyone investigating the server gets the HTTPS content, they see no other ports or protocols... and the content being served is credible and benign. So, there's a strong use case... China! I don't think Mental Outlaw actually groks what the youths are doing over there. Sure, there will be some chasing endless public VPNs and open Proxy services that keep getting shut down or blocked... but the savvy kids are certainly not doing that. Private VPNs are a strong tool when properly set up for the threat model you live with. They can be made indistinguishable from bulk traffic, made highly credible and be given a verifiable cover ... TOR traffic cannot, even with obfuscation, as all the entrypoint IPs can be harvested - even the temporary helper nodes! So, no... VPN services for TOR access can be essential, credibly deniable and outstandingly secure. and they absolutely have their place in the security/privacy landscape. anyone that says otherwise should be challenged, as they're almost certainly making assumptions about either the way VPNs are used or the threat models people live under. Personal VPN, as a flexible technology, can be damned useful for privacy, anonymity and credible deniability! But I certainly wouldn't shill for NordVPN or similar commercial services. Not when a VPS running Wireguard, OpenVPN or even just PPTP costs as little as $5 on an unadvertised IP, and can be configured to look like a benign web service from the outside. We should be educating users to do privacy properly, according to their threat models... not flatly discouraging them from using certain tools simply because those tools can also be used poorly. Hopefully Outlaw will revisit this topic with more nuance.

My god the “read more” option didn’t prepare me enough

Totally agree. It’s just wishful thinking on the part of Mental Outlaw - He wants to believe “tor makes us all look the same.” Naw dawg, tor makes you look like a criminal, that’s the world we live in

Yeah, "if you don't have anything to hide, why worry about your own privacy?"

Yes, but you can add private mercenaries, scammers and black-hat crackers to the list. Internet is fckd though, big time.

Or he's making you a victim. Claiming a VPN doesn't necessarily add to your privacy and makes you stick out more than just using tor.. are not valid reasons to not use a VPN imo and I actually find it suspicious he's claiming they are. I clicked on the video thinking he was going to give me some actual technical reasons of how a vpn breaks the privacy of Tor but I should have known better.

@@cooloutac He's wrong : / Well, not entirely wrong... but he's looking at all this from a very western perspective. A perspective where just visiting an entrypoint won't get you tortured or imprisoned without trial. Unfortunately TOR use is visible... Many of the TOR 'Helper Addresses' can be harvested... and that's a problem for SOME people in SOME countries. The solution, currently, is obfuscated VPN's that are set up to hide within HTTPS traffic in such a way that no VPN use can be ascertained and the public content offers full credibility. I know some Chinese examples of this, that beat the active state blacklisting attempts and the potential persecution of users. TOR-over-VPN can be absolutely essential. But it has to be set up properly according to the specific threat model and thus commercial VPNs often just don't 'cut it'. General handwaving based on the general western case, just pollutes the information space unnecessarily : ( I hope Outlaw one day revisits this topic with some, much needed, nuance.

@@garychap8384 eh, he's just repeating what most people say unfortunately. Its probably a narrative put out there by the government, who want to monitor our every little action through our isp's, whom as has been revealed the past 4 years are possibly under the control of the axis of evil.

​@@garychap8384 "set up properly for the specific threat model" Yeah, we hear that fluff all the time, but what does that even mean? lol. and while you at it what do you even mean by "western case"? I think the truth is discouraging vpns is only in the interest of government surveillance no matter how you cut it. Tor is just not practical for most people and as you say maybe even less safe to use than a vpn. The problem is picking out a trustworthy vpn that won't cave to government backdoor pressure.

If they compromised Tor, they might as well have compromised your VPN provider. At this point you are f-ed anyways. How far would you take this logic? There also is a chance that all 3 nodes, and the vpn are controlled by the feds, so should you always chain 2 VPNs together? Or 3, just to be sure?

and i hate this stupid fucking assumption that all vpns will just sell yo shit. Multiple vpns have been subpoenad and had NO evidence to hand out, im aware of PIA and Express currently, as for the "they can get your payment information" is only applicable if a single person is on the server, how would the feds distinguish me from the other 16 people routing through the server?

VPN isn't recommended because four relays would make the connection uncomfortably slow, i guess... Plus, as Kenny mentioned, four-relay would just stand out in the Web. There is no point of the feds to hope for the whole Tor connection to fall on their servers if they can see a four-relay, subpoena the VPN provider on the end of it and sit hard on that connection.

@@СтасСтафеевhow does a 4 relay stand out? how would the feds actually know it was 4 connections without investigating data from each individual node until they realize there is 4? isn’t it encrypted again at each node to prevent investigating one node from revealing which connections data was sent to which node?

@@СтасСтафеев it doesn't "stand out", there isn't even a way they can count the hops. And on the VPN, that same IP is shared by a high number of users. The only thing they know on the VPN is that you are using Tor When/If they do get the specific IP that is using Tor that is yours, they STILL have to request your info from your ISP

Also kenny doesn't understand that "unnecessary" VPNs/proxies/tunnels are what keeps tor usable in countries where direct connection and connection through bridges is blocked. + In some countries it matters whether you connect to the tor network through VPN or directly, as it may grant you plausible deniability when giving answers to some questions from local authorities.

@@TV-vz8kv Could be true. But I can't really speak to that experience. I can only speak of the good ol' US of A where ISPs keep lists of everything their users are doing on the internet, and will hand them over to the feds at the drop of a hat if asked. And it's a question of when they'll ask, not if. When that day comes, the less your ISP knows, the better.

How do you set something like that up?

@@OceanicManiac That's a lot to type out and I can't post links, so hop over to your search engine of choice and search 'setup pfSense VPN client' and you'll get a mix of official documents and third party tutorials. pfSense is a FreeBSD firewall operating system that I run on an old gaming PC (with a few extra NICs) as a router. During setup you can leave a NIC un-mapped to LAN or WAN and instead map it as a hardware VPN interface so that anything you plug into it will have 100% of its traffic go straight thru the VPN instead of ever touching LAN/WAN Pfsense is a lot of work at first, but once configured properly, it's very rewarding and low-maintenance

@@Ginfidel so then since your so concerned might I ask what your home network looks like

It makes a huge difference because your VPN provider is preferably located in a country with much stricter data privacy laws. VPN providers are also financially incentivized to legally fight against handing out data while ISPs mostly don't give a shit.

Might as well just use a Proxy for hiding your IP to get around restrictions with less overhead and latency than VPN's. Also simpler to set up and cheaper too. VPN's used to be useful before HTTPS/TLS encryption of 99% of modern websites.

I see the arguments here, but for me it comes down to corporations. In the USA only a handful of corporations control ALL internet traffic. Often you are lucky to get 2 options for a provider here, some places literally have one choice. Larger places have multiple choices but they all tend to become ATT/Comcast in the end. So, here, a VPN does sort of replace the ISP, but it replaces a corporation that is so willing to sell you out they are monitoring organ prices for a COMPANY that has a vested interest in your privacy for their profits. When you r business model is "we won't rat you out" you have a strong incentive to fight any attempts to access your customer database. Can it happen? Sure, they have to follow laws that keep getting more draconian but they also have the means to work every legal angle first. For the enforcement side, an ISP is a no-brainer to ask for information on any little whim. A VPN company is going to take some solid reason to go after them because it won't be cheap and unless they get a conviction that's money wasted. I LIKE that the sellout YTber recommended dual layer to his viewers. He is popular, and well liked and trusted so that means it is more likely that a bunch of new VPN+Tor connections pop up making the argument that it is enough suspicion to pursue weaker for enforcement. Again, this is for the USA, where money and power are the arbiters of reality so that's where you will see the most pressure. Your country has some ultimate structure as well that decides things for the masses, and that is where you should invest your effort in security. I do nothing interesting online, haven't for decades, but I use a VPN always and am switching from Vivaldi to TOR for most of my browsing just to add to the noise floor. Remember, if we are all doing it, no one stands out enough to be a threat. I'd rather protect a hundred illegal users to make sure the one journalist or protester doesn't get ganked to silence them. It is not our job to stop crime, and they need to step up their skills not rely on our passivity.

@@EdmondDantèsDE is nord vpn safeish?

Nord will share your information if they're asked by the US government. Whether that's an issue for you or not is your own answer to solve.

vpns in russia are dpi banned too

😂😂😂

This is literally the reason Tor bridges exist...

Did you even watch the video....?

Tor works for me and i in Russia lol And my isp uses dpi too

Very excellent critique.

Yes! Tor has been PROVEN compromised since 2013! When Freedom Hosting was shut down. The NSA made a whole speech about how they can de-anonymize Tor users, a tor darknet hoster was discovered and prosecuted, and it happened again in 2015 as well as 2020 just off basic googling. Tor is NOT safe! The NSA (and thus the rest of the US government if they ask) can and will find you if you get on their radar. Tor will not protect you.

yes but network chuck use nord vpn and has 7 kids

Network chuck was paid to fo that video in that way. Completely insecure.

people have said in the past that there is a high chance that mental outlaw is a glowie, after all he is literally subtlety advertising illegal activities and has not been blacklisted by the algorithm, and has even gotten sponsored, he also talks like alot of CIA type people.

It is, but you also need to be mounting an unicorn with rainbow coming out of his butt

lol VPNs are useless in the hands of 90% of the people who use them, but we need those people to keep using them. It normalizes VPN traffic. If 1000 more normies started using a VPN to keep themselves safe from the hackermans, that's 1000 more connections for the feds to waste their time decrypting. The more idiots who use VPNs because they think it encrypts their heckin wifi, the better. They're subsidzing those of us who actually use them properly, both financially through normalization.

@@Thurgenevthis is incorrect. The rainbow is optional.

Those sponsored ads for VPNs are bigger liars than infommercials for Testosterone boosting supplements 🤣

Same people that say tor is 100% hackerpoof.

Estonian government (or specifically Estonian Police & Border Control) has performed network correlation attacks against local darknet vendors by sending a succession of messages to their messaging app and then requesting ISPs to disclose info what region received their sent succession/pattern of packets. They repeat this action to narrow down from region to city, street and finally address, where they get the final end user. Similar case I know was when some government employee's credentials (or username) was seen by co-workers who thought it'd be funny to log in to her account. So they downloaded Tor and tried to log in via Tor Browser. They used TOR because they didn't want to get caught and thought using Tor would guarantee their safety. Government checked who, what IP in Estonia had downloaded Tor installer in the past few days. IIRC this was enough proof, that they downloaded TOR just recently and as the ISP also could prove they connected to Tor network around that time, but I could be misremembering that case, plus those guys went with a plea deal in the end anyway. Source: public record court documents

If they had a lot of evidence on this person already, then this case is nothing to worry about. Police can't arrest you over circumstantial evidence. Unless you're the kingpin of Silk Road or a mf international terrorist, chances are police aren't gonna have enough to prosecute you.

Silk Road ?

@@sultanhanga too long ago for me to recall now. I don't think it was.

I definitely remember a story about a college student using TOR to make a bomb threat so he could delay an exam. The college quickly flagged him by checking if anyone was using TOR on the campus network when the threat came in, and it was only him, in his dorm room. That's only circumstantial evidence, but he also fessed up instantly when asked. This _is_ a circumstance where a VPN would have helped him, because his adversary was looking for something very specific that was out of the ordinary, and if he always used a VPN, his traffic would be disguised as his own traffic. The college knowing he always used a VPN and was online at the time still might have put him on a list of suspects once they saw no one was directly using TOR, but he'd have had a compelling alibi. But given the fact that he thought this was a good idea in the first place, the outcome isn't really surprising. I think good OpSec requires a basic understanding that actions can have consequences, and this guy clearly did not. Also, he can go to hell.

Nah. Lol

@@wetfart420 It is region based, and some VPN's will work, but thats not the main issue. The issue is payment. Almost all online payment is tracked in China, and as such, can easily be blocked. Crypto is also banned in China which doesn't help.

I do confirm what you say. For this reason, some VPN providers use innovative tactics (base64 in plain HTTP requests. The base64 is encrypted and does contain TCP traffic) instead of famous VPN protocols like openvpn

The vless proxy protocol's xtls feature can detect whether the traffic is tls encrypted and avoid double tls.

@@woodingot Yeah, XTLS is just difficult for people to set up without proper know-how. You need a client and a server. Setting up a server is quite hard while being in China, so usually you will purchase access to an XTLS server.

As you've just proved in your comment: there's no additional protection

And another: 3) An ISP is most definitely keeping your logs, either to sell your data or for legality purposes, whereas a VPN isn't *necessarily* keeping your logs (as long as it's a good one!)

This is true. Also, hundreds to thousands of users may share the same IP on a VPN and, despite Kenny being a doomer and believing all VPN's are fed honeypots logging and sharing your info, a good VPN provider probably isn't logging (whereas your ISP definitively is for some countries).

​@dedhorse5720correct me if I'm wrong, but your isp may know you're connecting to a vpn, but it has no knowledge of what's being transferred between

​@dedhorse5720 How do you know the ISP would be able to tell using this setup? Shouldn't it only be able to see the first layer of connection?

Newer DD-WRT firmware's have a TOR mode for a relay setup. I'm thinking about it since I have two of the same router flashed and capable. I'm also in the process of rebuilding my entire network to something more secure. Looking to start with a new hardware firewall (PFsense) first. Between the plugins.

Let me get this straight (and correct me if I am wrong in my understanding), you are PAYING Tor so that people can USE YOUR bandwidth? What do I get in return?

@@joer8386 it's about giving back, not just taking. When you use Tor, it's because volunteers are paying for the bandwidth you use. So, knowing that you're indebted to the kindness and generosity of anonymous volunteers, you want to pay it forward, if you find it affordable. You do it to help others, not just yourself.

​@@joer8386are you one of those script kiddies. Open source is one of the main thing we defend and live for we don't get anything but 5$ donation will help t0re

@@joer8386 that's the point, you won't be paid for a good cause, like you don't pay for using tor but you help millions (and eventually yourself), as hundreds of others help you

what if i turn my pc off then back on again

@@Akac3sh same public ip 🤣

I worked in cybersecurity for 5 years and you cannot analyze net flow, has to be a national threat. And still tracking has to be signed off by higher levels.

If you try to analyse netflow on encrypted traffic then you'll only see the header information but the payload is secure. Try showing me a tool which can decrypt traffic in real-time.

Lmaoo I didn’t realise until now

​@@Incidius It's a joke

The vpn connection at the same times does though, that has been used in a court case before to compromise one guy.

​@@EwanMarshallWhat court case exactly?

Holy Unabomber

I think there are many more trustworthy third parties (like Mullvad, and IVPN) than ISPs, many of which have very questionable privacy policies.

More like using tor with a VPN is like entering into a place in a disguise and having a friend who stops the other guy from coming into the building who knows your real ID.

😅

hope you at least spoof your MAC if you're doing that

ANY AGENT WILL FIND YOU , THAT IS A RED FLAG MOVE .@@polinskitom2277

Normally just looking on the lab proctor's desk for a sticky note will yield a password for elevated access.

The admin password at my school was just the name of the school with no caps or spaces haha

I like your funny words magic man

@@qlippoth13 Well it was mostly bring your own device. But the network had those ports disabled for students, teachers and even the inhouse IT manager. So it didn't matter if you were on one of their computers or on your own computer plugged into the network with cable. Or connected to WiFi. Only ports 80 and 443 were open outgoing.

@@GameCode64 Ah yes, things have come a long way since the days of the PDP-11/70

Technically this would work right? But the internet speed would be slow as a snail or no?

If a threat actor can gain complete control of a Tor relay node and deanonymize you, then gaining access to your VPN service is a walk in the park for them. If anything, it'll just provide more evidence they can corroborate against you.

@@williamrutherford553 How will the VPN service provide more evidence than just connecting through your isp?

@@williamrutherford553 that's not how this works. Or at least if you're not shouting your private data out there.

@@williamrutherford553 The thing you are forgetting is a simple cost/benefit analysis - These things can take time; The challenge how difficult it is to bypass 1 layer; It's how difficult it is to bypass SEVERAL layers. Resources, Manpower and Time is limited - if you're just some random Joe looking at memes over Tor, it's not worth the cost in time to crack every single layer. What benefit do they gain? However - If you are on the powers'-that-be's list, they are much more willing to incur a larger cost, as the benefit justifies the means. With that in mind, consider the following two scenarios Scenario 1 - No VPN, using Tor to buy drugs on your favourite onion plug. In this case you are one mistake/leak/disclosure away from total exposure. 1 Tor relay cracked, 1 failed bridge, a DNS leak, or any other leak of your traffic for that matter. Scenario 2 - VPN, Using TOR In this case, for your true IP to be exposed, they must gain info/crack traffic from your VPN provider, AND additionally get your TOR traffic. On a final note - consider this; Not all users who want to anonymise themselves do so to avoid scrutiny from their local powers; It's additionally a solid option to protect your traffic from Cyberattacks, such as a Man-In-The-Middle attack (in the case of unprotected networks). It could be for say, KZbin Stars/Streamers who want to keep their identities private from their fans. Perhaps you don't want advvertisers going "Oh, this IP just bought a 18 inch dragon shaped dildo, Let's add "Sex Toys" and related tags to this IP and sell it to other advertisers!" when you live in a house share, student accomodation etc etc etc The use cases are vast, varied and wild - But let's put summarise it in simpler terms: When it's cold outside, do you go outside naked, because your skin should protect you from the elements? Or do you add socks.. a t-shirt.. perhaps a jacket, gloves., or a hat? I think you get the idea :)

@@TheTweaker1 Your ISP likely only has your bank account number for the Direct Debit, Your name, and whatever email address you used to register with them. In the case of people trying to remain anonymous, they likely have a "Normie" email address, and a "Dirty" email address - usually several. If you register for your VPN using your dirty address, as you're trying to remain anonymous, if the VPN service handed that over, or it got hacked and leaked... then that address is burned, alongside the payment method, tying that payment method, bank account to that dirty address

Super-Cookies? Wanna cite that, friendo? How is the ISP embedding this? Through the router they provide? You know, the one people should never be using if they care about security? Through the ONT? You know, the media translation box that has less CPU power than an arduino board? If they're waiting until the backbone to do it, they're gonna have a bad time appending anything customer-specific without bottlenecking it into oblivion.

@@Ginfidel it's an much older thing, some ISPs don't do it anymore. But yeah the ISP embeds the 'super-cookie' on the packet when it leaves your network, if i remember correctly it's after it leaves your home network it's done on the ISP level through their infrastructure.

If the super-cookie is embedded in http headers, using a vpn or even just https will prevent it from being added. If the super-cookie is added at the transport layer, it would still be stripped at the vpn provider since it can only be applied to the outside of the tunnel, not the data contained within. That means at most your vpn provider will be able to see the ID, which is irrelevant because they have your IP, which is already more than enough for a capable adversary to identify you. The same risk applies to renting a cheap vps since your vps provider can see this ID along with your IP, but this option is far easier to track via externally monitoring their network, since you are the only one connecting to it.

how the hell can a super cookie be placed into HTTP headers, if the HTTP request itself is encrypted with TLS? Please explain.

@@ModPapa The supercookie is placed after it leaves your network, you would need a external server for it. The full packet is not normally encrypted tho, as the WAN needs to be able to read the IP, and a couple other headers to know where it goes.

lmao, every single time

Nord isn't monitored. They make that their biggest advertising pitch

@@aronm5329 LMAO

But the fed runs tor. They own it. They already know everything within tor

​@aronm5329 nord lies. Fine print says they do and they've already given information over before. They're required by law to keep logs and give them over

@@LuciferArc1 Tor is open source, so everyone knows everything in tor. Feds doesn't run tor nodes though.

This feels like a question Doc Mitchell would ask at the beginning of New Vegas

Using a vpn blocks tors own hob changing so u basically have a permanenr hob that can be tracked while using vpns

​@nottifps but tor is literally ran by the feds

A VPN is another person's PC, there's nothing particularly special about it When a cop see's an IP from a VPN, they can ask the VPN provider for info When they see a Tor IP, they cry and run to their mom, because there's no way they will directly identify you or your traffic

@@nottifps All your Tor traffic would pass from the VPN first, but there isn't a relevant difference from all Tor traffic passing from your ISP either Do you trust your ISP more than your VPN provider? If so, change your VPN, because it isn't doing anything for you

@@user-xl5kd6il6c"they can ask the VPN provider for info" And that "info" would consist to things: source addr will be the IP your ISP gave you and the destination IP will be the IP of the circuit guard. I don't see the problem here with VPN to be honest.

Meshtastic, Skycoins Skywire meshnet look these up.

Only right wing extremist snowflakes keep complaining about Lula after their openly fascist former president lost the election.

the vps gonna expose you

the issue is that you are the ONLY person routing traffic through it, so they theoretically have an infinite amount of time to slowly figure out who you are by habits, a public (paid / no log) VPN is much safer as its much harder to distinguish who is who

Did you even watch the video?

@@ToeTV247 give me a timestamp.

bro watched 1 minute of the video and says you haven't convinced me

​@@ToeTV247if you think the answer is mentioned in the video why don't you actually cite it because it was not mentioned

​@@vincenthills5024im 5 minutes in and i already got an answer. VPNs and tor bridges offer the exact same service except tor bridges are free and not run by a company approved by the government.

Okay, now you're in China... ... your threat model has changed, and now you need some nuance. TOR nodes are known and may get you tortured... TOR 'Helper Addresses' are harvested... if one turns up in your traffic logs... again, you could conceivably be tortured. VPN services are actively blacklisted... repeated attempts to find/use them can get you a visit from men with heavy boots... and, again, torture isn't off the table. Short story suddenly got long, eh? I'm guessing you live in a western country and security seems so easy. It's all about endpoint concealment and content privacy, yes? After all... there's _"due process protections"_ and the right to a _"fair trial"_ ... maybe you have the _"fifth amendment"_ and so, you're here to tell everyone just how simple it all is ... ... well, good for you : ) Sadly, some peoples lives depend on getting this stuff right. Their threat model doesn't include 'due process' and so making blanket statements about your _'just kinda good enough'_ OpSec merely pollutes the information space and can put people at risk. Y'see, not everyone is just trying to download the latest movies or searching for questionable porn. Some live in a country where just being found to have accessed a privacy service can get your whole family pulled in for questioning. Want to try the long story? Y'know... the one that actually holds up : )

What would the duck up be? It seems like a generally good practice as long as your fine with maybe some sites erroring, or some stuff still getting sent to your normal non plus email

@@internetrules8522 Impersonation is alot easier for a bad actor to pull off if you use the plus symbol. It comes down to how certain servers internally would interpret the characters. There's alot more to it but thats the safest simple explanation I can offer.

What would be the issues with that? I use it all the time with proton to filter my emails into folders.

@@revelmonger I replied to this question above ^ ^ Better to err on the side of caution. My point really is simply the fact Chuck only states the pros and doesnt mention the cons, and thats not good imo.

for some reason you first reply to me was hidden so i had to find it by sorting comments in the newest first method. but ok ya if we assume the server treats plus like a dot or something, then there might be some potential attacks you could do to like reset password or some other things. any reccomended further reading or watching like a defcon or something? @@apIthletIcc

Except half of this comments section thinks TOR is also a fed operation. 🤣

Are ya winning son?

Who can be 100% sure who their Dad is? 😮

​@@Kappasan69Lana Rhoades🤣🤣🤣🤣🤣

hell nah, lana roads

@@sdgc543df If you go back in time and fuck your mum, you can be 100% sure that you will be your own dad.

I saw him in an agent suit just this morning

Don't forget if you're in a dark room with him he has a glowing outline

Hush.

Okay fed.

Dumb brazilian

Oh noes, are you inferring that he's a owingglay edfay?

​@@cancer5895sup fed