I've said this elsewhere, but I'm trying to help, not spam!
Please make sure to report evidence of blocking to PIA support, they do have some solutions available. Worst case, it gives them evidence that it's time to rotate IPs.
Even for stuff like netflix/hulu? Asking out of curiosity - I leave PIA off for the most part because of the IP blocking, and only turn it on when I feel that I need it.
I would be very interested to know what you think a VPN provider could do to assure users that the servers are safe.
I've yet to see an example verifiable safe server configuration, but some people have claimed that SGX might do. I'm pretty sure that wouldn't work with stock OpenVPN or StrongSWAN today.
Are there any other practices they could adopt that would ease your worries?
In 2018 there is no reason to use anything other than algo vpn. I don't understand why anyone reading this comment would trust PIA or any other 3rd party.
DCMA abuse emails being put into /dev/null, most VPS providers do not do that. Also a promise to insist on subpoenas or other expensive methods before they would comply with requests.
Also why do you trust your VPS provider over a VPN provider? They can inspect your VMs memory and do whatever else they want to the machine. Same with whoever owns the real estate that you co-locate your own physical servers.
> why do you trust your VPS provider over a VPN provider?
They simply don't have the resources to log every single memory read/write and every network connection of all their hosts. Thus you would have to already be a known target for them to want to do that. Whereas a VPN provider has a limited scope of what they can log and thus needs a fraction of the resources to log everything.
This is actually less insane than it sounds. Most VPN providers rent space at traditional datacenter providers like Equanix. Search for "dedicated server hosting" and "colocation providers" for the exact same list of vendors that the VPN companies consider.
Please make sure to report that to PIA support, they do have some solutions available. Worst case, it gives them evidence that it's time to rotate IPs.
Very true! Unfortunately, your RPi is going to have only one user in responsible for traffic. Commercial VPN providers act as a multiplexer to hide who is responsible for what traffic. Ideally you'd have at least a Type III anonymous remailer mixing your traffic, but then you're dealing with much higher latency. As with everything, there is a compromise between the effort required to break a security system, the ease of detecting such a break, and the burden of using the system.
I'm not sure what point you're making about colo and transit costs. Are you saying that operating your own has higher costs? Or that a commercial VPN provider has higher costs? I'd be very interested in a price analysis that beats PIA while offering a remotely similar security profile. Keeping an RPi at your house provides defense against totally different threats.
I've set up scripts to convert an existing virtualbox/vagrant .box file to a vmware compatible OVF. I would use those to deliver to clients at my last employer. I know github is doing a similar process. Additionally there's mccloud, which lets you deploy to aws. If you need help getting any of these set up, let me know.
You should know that people have been trying reputation-style digital currencies since at least the early nineties. They require a ton of bootstrapping to get anywhere. That's because you end up with a trading system that's looks like a foreign exchange market with 7 billion different floating currencies. And that's assuming only individuals have them, excluding corporations. You'll notice old cypherpunks have a lot of skepticism toward the fiat-currency arguments against bitcoin. We've been trying to make fiat-currencies work. Keeping the rep net up to date is at least as expensive as mining bitcoins, but with none of the hard-crypto backing to the algorithms. And it's way more opaque. That's ideal if you're trying to soften shocks across a national economy. It's less ideal if you've got more self-serving interests than eyes.
Bitcoin isn't perfect. But we can test it, and if it breaks, we'll see quickly. Broken rep-net economies are like building markets on pyramid schemes: people have an incentive to pretend it still works until the damage is orders of magnitude larger than the economy proper.
And I encourage you to investigate what fractional reserve banking looked like in the days of specie-backed-currency. Banks still made loans and kept less than the entire value of their demand accounts on hand. It'll be weird, but there will be an M2 and an M1 in bitcoin, we aren't technically limited to an M0 money supply.
