Google is taking steps to curb online scam after an investigation by The Times

elt894 said:
Why can't you run a VPN off a low end VPS? I've considered it but agree that VPNs are largely a placebo.

For email, do you not send unencrypted emails to regular gmail users? I also have my own domain for email, but Google still ends up with copies of most of my messages that way.
More...

Recipients are uncontrolled of course.

The point of switching was two fold:

1. Google can't mine my information out of my email.
2. Switching where I read my emails is as simple as switching a service (or hosting my own) and changing the MX records to point at that.

As for the VPN, since it's my connection going through it and low end VPSes are shared hosts it gives a new threat surface - an attacker can break through the container or a rogue sysop can monitor my connection through there. For VPNs I prefer to control my own hardware and know where the pipes are. A low end VPS with a VPN server running presents the same threat surface as a commercial VPN, with the added bonus of having a shared host be able to break the container or DDoS me indirectly.
 
gaussian said:
Recipients are uncontrolled of course.

The point of switching was two fold:

1. Google can't mine my information out of my email.
2. Switching where I read my emails is as simple as switching a service (or hosting my own) and changing the MX records to point at that.
More...

Gotcha, I was mostly wondering if you were requiring recipients to follow a link to protonmail to read the email. Years ago I had considered starting an email service that would convert text to images to prevent casual mining by the recipient's provider.

For me a nice side benefit has been the ease of creating disposable addresses. I give every company a unique one and throw them away if they start getting spam. It's surprising how many unreported breaches of customer databases that's turned up from major companies.

gaussian said:
As for the VPN, since it's my connection going through it and low end VPSes are shared hosts it gives a new threat surface - an attacker can break through the container or a rogue sysop can monitor my connection through there. For VPNs I prefer to control my own hardware and know where the pipes are. A low end VPS with a VPN server running presents the same threat surface as a commercial VPN, with the added bonus of having a shared host be able to break the container or DDoS me indirectly.
More...
I feel like with a commercial VPN there's a greater risk of a run-of-the-mill breach exposing usage logs. On the other hand, someone targeting a generic VPS datacenter is probably looking for something higher value than exposing the small fraction of people rolling their own VPNs. If you're worried about a rogue sysop or someone with the skills to break out of a container targeting you specifically, wouldn't you have to be just as worried about your packets being monitored within the datacenter after they leave your dedicated hardware?
 
You must log in or register to reply here.
Back
Top