55
In search for a good VPN
(lemmy.world)
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
As far as I know they don't have audits done, so who knows about the logging. Both IVPN and Mullvad pass those. Could still be fine though, but I'd rather trust Mullvad or IVPN.
So, I just looked it up and apparently their official stance is that auditing is questionably effective and thus unnecessary:
In other words, their reasoning seems to be:
Personally, I don't entirely agree with points #2 and #3 (though I can see their points), but point #1 is fair I suppose. In my opinion, though, it should not be up to the users to hold the company accountable; and there is a difference between penetration tests and log auditing, as the former I believe are merely to check the resilience against outside hacking.
My end impression is that judging from their other documentation and forum posts, the fact that their software is fully open-source, and their past behavior in accordance with their stated values, I think I'm inclined to believe them. However, it is somewhat worrying nevertheless that there isn't log auditing involved regardless of their actions.
Edit: Clarification
But what about server side logging? Even if the server is open source how can one that they are actually the code they publish without changing anything if there are no audits?
There's a certain point where it just comes down to trust. And if you distrust a company enough that you think they aren't posting the same code to the git repository that they say they are, then maybe that's when you shouldn't be doing business with them.
This is the case with all organizations, corporate or otherwise.
audits are invalid as soon as they finish, there's absolutely no way to trust any of these companies.