Cybersecurity - Privacy and Security - Virtual Private Network (VPN)

Are Virtual Private Networks (VPNs) Useless Honeypot Scams?

Intro

You may have heard others in the privacy and security community call virtual private networks (VPNs) “useless”, “scams”, or “honeypots”, but is this actually the case? There are certainly a lot of sketchy VPNs and creators who shill them, but does that invalidate the thesis for using a VPN?

Items discussed in this episode:

  1. Common arguments in favor of VPNs being useless honeypot scams
  2. Why we disagree with some of these arguments
  3. Why we believe these arguments exist
  4. A few tips for incorporating VPNs and Tor into your privacy workflow

Podcast

1
00:00:00,000 –> 00:00:13,840
Hey everybody, welcome back to the Bigger Insights Privacy & Security podcast, where

2
00:00:13,840 –> 00:00:16,660
we’ll help you live a more private and secure life.

3
00:00:16,660 –> 00:00:21,160
If you’ve done much research on VPNs or you spend much time in the privacy and security

4
00:00:21,160 –> 00:00:29,120
community, you’ve probably seen some of these creators call VPNs “scams”, “useless”, or “honeypots”.

5
00:00:29,120 –> 00:00:33,880
That’s a pretty bold statement and would certainly be worth being concerned about if you’re using

6
00:00:33,880 –> 00:00:37,600
a VPN, but is there any truth to this?

7
00:00:37,600 –> 00:00:43,360
Before we get into the weeds on this, we wrote a blog post called, “Should you use a VPN” on

8
00:00:43,360 –> 00:00:48,360
our website, biggerinsights.com, so go take a gander at that for some additional information

9
00:00:48,360 –> 00:00:49,800
and context.

10
00:00:49,800 –> 00:00:53,480
We’re probably also going to turn that into a podcast episode.

11
00:00:53,480 –> 00:00:58,800
So if you’re unable or unwilling to read, stay subscribed and keep an eye out for that.

12
00:00:58,800 –> 00:01:03,840
Now on paper, VPNs certainly have valid use cases.

13
00:01:03,840 –> 00:01:11,480
We use VPNs and Tor every single day. And we do this among other things to reduce how much

14
00:01:11,480 –> 00:01:17,520
of our activities can be tied to our identity by our internet service provider (ISP) and whatever

15
00:01:17,520 –> 00:01:20,360
websites and services we’re using.

16
00:01:20,360 –> 00:01:24,440
Quite simply, it’s none of their business and we want to keep it that way.

17
00:01:24,440 –> 00:01:28,080
Does your water provider know what you’re doing with the water you’re using?

18
00:01:28,080 –> 00:01:32,360
Do they have cameras in your shower so they can track what you’re doing and improve your

19
00:01:32,360 –> 00:01:34,160
water experience?

20
00:01:34,160 –> 00:01:37,760
I shouldn’t say that actually – I don’t want to give them any ideas.

21
00:01:37,760 –> 00:01:43,840
So when the naysayers say that VPNs are “useless”, what exactly is their argument?

22
00:01:43,840 –> 00:01:49,200
One of the most common arguments we hear is that a VPN may be a honeypot.

23
00:01:49,200 –> 00:01:54,680
Well, that’s certainly a risk, but you know what is basically a honeypot?

24
00:01:54,680 –> 00:01:56,560
Your ISP.

25
00:01:56,560 –> 00:01:59,520
Your ISP is monitoring your activity.

26
00:01:59,520 –> 00:02:05,800
That’s not exactly a secret and they’re likely monetizing your browsing data as well.

27
00:02:05,800 –> 00:02:11,800
Your ISP does comply with law enforcement and intelligence agency requests.

28
00:02:11,800 –> 00:02:13,600
That’s not a secret either.

29
00:02:13,600 –> 00:02:18,840
And they may even be going out of their way to share data with these organizations.

30
00:02:18,840 –> 00:02:21,440
But this logic really grinds our gears.

31
00:02:21,440 –> 00:02:27,600
Why choose to route your traffic through your ISP, which is essentially a honeypot, as opposed

32
00:02:27,600 –> 00:02:34,160
to a respectable, trustworthy VPN, because that MIGHT be a honeypot.

33
00:02:34,160 –> 00:02:36,100
What sense does that make?

34
00:02:36,100 –> 00:02:40,800
For those Rick and Morty fans out there, that would be like if Rick Sanchez comes up to

35
00:02:40,800 –> 00:02:43,880
you and gives you two portals to enter.

36
00:02:43,880 –> 00:02:47,160
You have to pick one or he’ll purge you.

37
00:02:47,160 –> 00:02:52,960
Portal A takes you to the Blender dimension, which is common knowledge for whatever reason.

38
00:02:52,960 –> 00:02:58,320
Portal B, Rick says it takes you to Boob World, but you can’t verify that.

39
00:02:58,320 –> 00:03:03,200
Do you choose portal A, which you know takes you to the Blender dimension?

40
00:03:03,200 –> 00:03:06,840
Or do you choose portal B, which may take you to Boob World?

41
00:03:06,840 –> 00:03:11,560
It may take you to that world with all this old ladies on it, the Citadel of Rick’s, or

42
00:03:11,560 –> 00:03:13,400
the Blender dimension as well.

43
00:03:13,400 –> 00:03:19,280
By this logic that we keep hearing, you should go with portal A because B MIGHT take you

44
00:03:19,280 –> 00:03:21,600
to something like the Blender dimension,

45
00:03:21,600 –> 00:03:26,360
even though you know portal A WILL take you to the Blender dimension.

46
00:03:26,360 –> 00:03:31,800
Well, maybe we’ve just taken too many red pills or haven’t touched enough grass, but

47
00:03:31,800 –> 00:03:34,760
that logic just doesn’t make any sense to us.

48
00:03:34,760 –> 00:03:41,160
Now, what some of these people would probably say is, “Yeah, well, you should be using Tor

49
00:03:41,160 –> 00:03:42,160
instead.”

50
00:03:42,160 –> 00:03:43,960
Okay, great.

51
00:03:43,960 –> 00:03:49,960
You know, we like Tor and we use that as well, but that’s not exactly foolproof, nor is it

52
00:03:49,960 –> 00:03:52,200
a one-to-one replacement.

53
00:03:52,200 –> 00:03:57,200
If you’ve ever actually used Tor, you would know that it can be incredibly slow,

54
00:03:57,200 –> 00:04:03,320
so some sites, web apps, and torrenting are completely off the table.

55
00:04:03,320 –> 00:04:08,720
Another issue you’ll quickly discover is that a lot of apps and sites block Tor traffic.

56
00:04:08,720 –> 00:04:12,240
You’re not doing your banking or anything like that on Tor.

57
00:04:12,240 –> 00:04:14,000
That’s just not going to happen.

58
00:04:14,000 –> 00:04:19,120
And we do agree that Tor gives you better anonymity than a VPN, when it works,

59
00:04:19,120 –> 00:04:24,160
but believe it or not, even Tor users do get deanonymized sometimes.

60
00:04:24,160 –> 00:04:29,400
So if you’re thinking you’re going to F around on a VPN or Tor, you’re eventually going to

61
00:04:29,400 –> 00:04:30,600
find out.

62
00:04:30,600 –> 00:04:35,680
So trust us when we say that you don’t want to go there in either case.

63
00:04:35,680 –> 00:04:40,520
Along these lines will hear that VPNs are risky because they can be forced by governments

64
00:04:40,520 –> 00:04:46,720
to do things like log your activity, and silence them with a gag order, so that you don’t even

65
00:04:46,720 –> 00:04:47,720
know.

66
00:04:47,720 –> 00:04:48,960
This is also a risk.

67
00:04:48,960 –> 00:04:55,560
But again, that also applies to your ISP, which we actually do see happening in the real

68
00:04:55,560 –> 00:04:56,760
world.

69
00:04:56,760 –> 00:05:03,320
When was the last time you heard someone getting nailed for using Mullvad, IVPN or Proton VPN

70
00:05:03,320 –> 00:05:06,840
because they were forced to log that user’s activity?

71
00:05:06,840 –> 00:05:09,480
We’re not going to say that that hasn’t happened.

72
00:05:09,480 –> 00:05:11,000
We’re not entirely sure.

73
00:05:11,000 –> 00:05:13,520
But we have yet to hear such a case.

74
00:05:13,520 –> 00:05:20,480
There was that case where Proton handed over the IP info of a Proton Mail user to the police,

75
00:05:20,480 –> 00:05:24,840
which they were forced to do and shouldn’t really surprise anyone.

76
00:05:24,840 –> 00:05:30,520
But even in that case, Proton stated that if that user was using their [Proton] VPN, this wouldn’t

77
00:05:30,520 –> 00:05:38,200
have happened because they don’t log VPN IPs and they claim that Swiss law prohibits Swiss

78
00:05:38,200 –> 00:05:43,040
courts from forcing a VPN provider to log IP addresses.

79
00:05:43,040 –> 00:05:47,880
Now we’re not lawyers, so we can’t verify that claim, but we haven’t heard anyone challenge

80
00:05:47,880 –> 00:05:49,880
them on that either.

81
00:05:49,880 –> 00:05:55,560
Another argument we’ll hear is, “Yeah, well, there were these garbage free VPNs that turned

82
00:05:55,560 –> 00:05:58,600
out to log user activity or be malicious.”

83
00:05:58,600 –> 00:05:59,600
Great.

84
00:05:59,600 –> 00:06:01,800
Thank you for pointing that out.

85
00:06:01,800 –> 00:06:06,640
But what does that have to do with the fundamental reasons for using a VPN?

86
00:06:06,640 –> 00:06:13,160
I mean, if you’re using some sketchy, proprietary, free VPN, yes, you’re playing a stupid game

87
00:06:13,160 –> 00:06:16,280
and you’re probably going to win a stupid prize.

88
00:06:16,280 –> 00:06:21,600
So the answer there is, “Don’t use sketchy, proprietary, free VPNs”,

89
00:06:21,600 –> 00:06:26,840
not that “VPN = bad” because there are some bad eggs out there.

90
00:06:26,840 –> 00:06:29,640
That’s the same deal in the crypto industry.

91
00:06:29,640 –> 00:06:35,120
Just because that FTX nimrod with the afro did some shady things, that doesn’t mean that

92
00:06:35,120 –> 00:06:37,360
crypto is a scam.

93
00:06:37,360 –> 00:06:42,160
The one argument that we’ve heard that actually has some merit to it is that you’re spreading

94
00:06:42,160 –> 00:06:45,800
more of your information around when you sign up for [and use] a VPN.

95
00:06:45,800 –> 00:06:51,040
This is true, especially if you’re using your real name, email address, phone number or

96
00:06:51,040 –> 00:06:52,920
credit card information.

97
00:06:52,920 –> 00:07:00,440
The three VPNs that we’re most favorable toward right now are Mullvad, Proton VPN, and IVPN.

98
00:07:00,440 –> 00:07:06,560
All three of these have options for limiting this kind of personally-identifiable information.

99
00:07:06,560 –> 00:07:11,320
Proton does require an email address, which is unfortunate, but you can just make a new

100
00:07:11,320 –> 00:07:13,840
one for this if you really wanted to.

101
00:07:13,840 –> 00:07:19,880
I believe that all three of these allow you to pay with at least one cryptocurrency, although

102
00:07:19,880 –> 00:07:26,280
I’m pretty sure Proton does not accept Monero, which is a shame because Bitcoin ain’t exactly

103
00:07:26,280 –> 00:07:28,560
great on the privacy front.

104
00:07:28,560 –> 00:07:31,880
Mullvad has some great privacy protections.

105
00:07:31,880 –> 00:07:35,920
You don’t need any personal information or an email to sign up,

106
00:07:35,920 –> 00:07:39,520
you can buy their service with gift cards, etc.

107
00:07:39,520 –> 00:07:45,560
However, at the end of the day, any VPN will at least see your real IP address.

108
00:07:45,560 –> 00:07:50,000
So even if you don’t give them any personally-identifiable information, you still need to

109
00:07:50,000 –> 00:07:53,200
trust them to not log your IP address.

110
00:07:53,200 –> 00:08:00,480
When you use a VPN, you’re transferring that trust from your ISP to the VPN provider, which

111
00:08:00,480 –> 00:08:08,920
we believe is a good trade for a good quality VPN because again, we know ISPs are monitoring

112
00:08:08,920 –> 00:08:11,440
and monetizing user data.

113
00:08:11,440 –> 00:08:16,280
We don’t know that for, you know, the VPNs that we recommend.

114
00:08:16,280 –> 00:08:24,000
If Proton, Mullvad, or IVPN were secretly logging IPs and browsing activity, we probably would

115
00:08:24,000 –> 00:08:26,360
have discovered that by now.

116
00:08:26,360 –> 00:08:31,920
So now the question is, why do these people push this narrative if it doesn’t make much

117
00:08:31,920 –> 00:08:33,000
sense?

118
00:08:33,000 –> 00:08:37,080
Our opinion is that they do this for a few reasons.

119
00:08:37,080 –> 00:08:43,960
1. To get clicks. Having hot, controversial takes gets clicks and shares.

120
00:08:43,960 –> 00:08:48,960
If you have a whole community using a certain tool, and you come out as one of the few voices

121
00:08:48,960 –> 00:08:55,440
that says “This tool is a scam”, you’re going to get a lot of attention. 2. Some of these

122
00:08:55,440 –> 00:09:01,040
people are heavily focused on security and don’t seem to care much about privacy.

123
00:09:01,040 –> 00:09:06,360
From that perspective, we agree that VPNs won’t do you much good unless perhaps you’re on

124
00:09:06,360 –> 00:09:08,000
a hostile network.

125
00:09:08,000 –> 00:09:14,680
3. People in the privacy and security space are absolutely sick of all of the actual

126
00:09:14,680 –> 00:09:21,400
scams, shady companies, and outright misleading marketing in the VPN space.

127
00:09:21,400 –> 00:09:27,960
So they may feel it necessary to try to discredit VPNs to, I don’t know, I guess, level the

128
00:09:27,960 –> 00:09:28,960
discussion.

129
00:09:28,960 –> 00:09:35,080
VPNs really do seem to be a magnet for this kind of stuff, which we agree is frustrating.

130
00:09:35,080 –> 00:09:40,640
But again, that doesn’t invalidate the thesis for using a trustworthy VPN.

131
00:09:40,640 –> 00:09:43,000
This really is a nuisance, though.

132
00:09:43,000 –> 00:09:48,880
I can’t tell you how many YouTube videos and websites I’ve seen shilling NordVPN and

133
00:09:48,880 –> 00:09:51,240
other proprietary garbage.

134
00:09:51,240 –> 00:09:54,880
It’s very clear that they either have no idea what they’re talking about, or they’re

135
00:09:54,880 –> 00:10:00,160
more than happy to overlook Nord’s red flags because they’re getting paid.

136
00:10:00,160 –> 00:10:05,400
We published a blog post called “Don’t Use NordVPN, Use These Instead”

137
00:10:05,400 –> 00:10:10,640
if you’re wondering what our beef with Nord is. We might make a podcast episode for that

138
00:10:10,640 –> 00:10:12,240
someday as well.

139
00:10:12,240 –> 00:10:19,000
But yes, there is a lot of misleading marketing, fake reviews, scams, etc., in the VPN

140
00:10:19,000 –> 00:10:20,000
space.

141
00:10:20,000 –> 00:10:25,240
So you really should do your own research to try to separate the diamonds from the turds

142
00:10:25,240 –> 00:10:28,880
because there are certainly a lot of turds out there.

143
00:10:28,880 –> 00:10:34,920
4. Some people have this mentality that they need to protect you from your own

144
00:10:34,920 –> 00:10:40,560
ignorance, and it’s easier to just tell you not to use a VPN than try to explain what

145
00:10:40,560 –> 00:10:47,040
the risks and benefits are and how to use one properly to minimize those risks.

146
00:10:47,040 –> 00:10:52,040
You see this a lot in the financial space as well, where certain gurus, you know, not

147
00:10:52,040 –> 00:10:57,480
going to mention any names, are always telling people things like, “Get out of debt! Cut up

148
00:10:57,480 –> 00:11:03,160
your credit cards!” because these gurus think that you’re too stupid to figure out how to

149
00:11:03,160 –> 00:11:07,200
use them effectively and actually improve your financial situation.

150
00:11:07,200 –> 00:11:12,720
All right, so with all of that being said, what should you actually do?

151
00:11:12,720 –> 00:11:17,680
Well, unless you become a client, which you should, if you know what’s good for you, we

152
00:11:17,680 –> 00:11:22,440
can’t say definitively without knowing your situation, but we’ll give some general tips

153
00:11:22,440 –> 00:11:24,800
that we use every day.

154
00:11:24,800 –> 00:11:29,360
1. Use Tor for general browsing when you can.

155
00:11:29,360 –> 00:11:35,560
We would estimate that about 25% of the general websites that we visit block Tor.

156
00:11:35,560 –> 00:11:42,640
And when I say general, I mean things like Wikipedia, blogs, you know, looking up recipes

157
00:11:42,640 –> 00:11:48,400
or song lyrics, you know, things that are not owned by companies like Meta and that don’t

158
00:11:48,400 –> 00:11:51,440
require you to sign into an account.

159
00:11:51,440 –> 00:11:56,640
2. If Tor is blocked for a page that you’re trying to visit, you can try to view it on the Internet

160
00:11:56,640 –> 00:11:58,800
Archive’s Wayback Machine.

161
00:11:58,800 –> 00:12:03,600
And if that doesn’t work, viewing it over VPN may be your best bet.

162
00:12:03,600 –> 00:12:12,800
3. For torrenting, streaming, banking, social media, shopping, and video games, a VPN

163
00:12:12,800 –> 00:12:18,680
may be your best option because you do get some privacy benefits without sacrificing

164
00:12:18,680 –> 00:12:20,760
too much performance.

165
00:12:20,760 –> 00:12:26,440
4. If all else fails for whatever reason, you know, some sites, for example, may go

166
00:12:26,440 –> 00:12:32,640
so far as to block data center connections, which would include VPNs, then you don’t really

167
00:12:32,640 –> 00:12:36,680
have much of a choice but to just go directly through your ISP.

168
00:12:36,680 –> 00:12:42,840
All right, so to conclude this episode, just because some VPNs might not be telling you

169
00:12:42,840 –> 00:12:47,880
the truth, or might be monitoring your activity because the government is forcing them to,

170
00:12:47,880 –> 00:12:52,120
or because a bunch of creators are shilling sketchy services, that doesn’t mean that

171
00:12:52,120 –> 00:12:57,960
VPNs are useless scams, and we think that they’re a valid tool if used correctly.

172
00:12:57,960 –> 00:13:03,080
If you’d like any more help with this, we do offer one-on-one consulting services, which

173
00:13:03,080 –> 00:13:08,480
you can request by going to our website, biggerinsights.com, and filling out the short form at the bottom

174
00:13:08,480 –> 00:13:09,720
of the page.

175
00:13:09,720 –> 00:13:15,040
Once we get that information, we’ll follow up with you to schedule your initial consultation.

176
00:13:15,040 –> 00:13:21,240
Make sure you subscribe and share this podcast so we can share our content with a wider audience.

177
00:13:21,240 –> 00:13:27,120
If you’ve found this information helpful, and can spare some coin, we do accept Monero,

178
00:13:27,120 –> 00:13:32,520
Bitcoin, and Litecoin contributions, which help keep this podcast going.

179
00:13:32,520 –> 00:13:40,400
We’ll put the wallet addresses in the description, but you can also use our OpenAlias, contribute.biggerinsights.com,

180
00:13:40,400 –> 00:13:42,320
if your wallet supports that.

181
00:13:42,320 –> 00:13:46,680
It’s an unfortunate reality that privacy and security matters don’t get nearly as much

182
00:13:46,680 –> 00:13:52,280
attention as things like people harassing strangers in public, and Big Tech companies

183
00:13:52,280 –> 00:13:57,480
aren’t exactly fans of our work, if you can believe that, so every little bit helps.

184
00:13:57,480 –> 00:14:00,160
Alright, thanks for staying until the end.

185
00:14:00,160 –> 00:14:25,280
Consider using a trustworthy VPN for some of your traffic, and stay safe out there.

References

Support Us

We’re an ethical company that puts our community first. You won’t find us injecting targeted ads or trackers into our website, peddling sketchy products/services, or selling our visitors’ data to 3rd-parties. As a result, our visibility and resources are rather limited.

Please consider supporting us to help keep our mission going. There are several ways to make a difference – from cryptocurrency contributions to simply sharing our content. Every bit of support is greatly appreciated and helps us make the world a more private, secure, and prosperous place.

More Great Content

  • All
  • Finance
  • Privacy & Security
  • Technology
Finance - Budgeting - Financial Planning - Accounting - Asset Allocation - Taxable and Tax-favored Accounts - Cash Finance

Asset Location: Taxable vs. Tax-favored Accounts (401k, IRA, HSA)

Asset Location (AKA Asset Placement) is a strategy for organizing your assets in an optimal way that helps you meet your financial goals. In the previous episode, we focused on asset location strategies for reducing taxes and simplifying your tax return. In this episode, we focus on asset location considerations ...
Continue →
Security - Software - Email - Computer Screen Privacy & Security

Email is Insecure – Here’s How to Improve Email Security

Email was never designed to be private or secure, so not surprisingly, it is neither private, nor secure. In the previous episode, we explained the reasons why as well as the risks inherent to email. However, email is so prevalent that it is unfortunately a necessary evil. In this episode, ...
Continue →
Planning - Concepting - Whiteboard - Tax Planning Tips - Asset Location - Asset Placement Finance

Asset Location: Reducing Taxes & Simplifying Your Tax Return

Asset Location (AKA Asset Placement) is a strategy for organizing your assets in such a way as to reduce tax burden, simplify your tax return, and manage risk. We discuss our Asset Location strategies, which includes specifics about tax treatment for growth stocks, dividend stocks, taxable bonds, real estate investment ...
Continue →
Drake - Bad Choice-Good Choice - Linux vs Windows macOS ChromeOS Technology

Linux Doesn’t Suck – Here’s Why Even Normies Should Use It

Linux has long been viewed as a science fair project for nerds. We explain why Linux doesn’t suck and why it's now usable even for normies. Some of the items discussed: Issues with Windows, ease of use, performance (efficient use of resources), hardware support, application support, OS licensing, concerns about ...
Continue →
Email - Mobile Phone - Privacy and Security - Technology - Hands Privacy & Security

Email is Insecure – Stop Using it for Sensitive Communications

Email is the primary means of sending messages and documents for many people. Unfortunately, email was never designed to be private or secure. Over time, we’ve developed several tools and techniques to help make it more secure. But at the end of the day, no matter how uncomfortable it makes ...
Continue →
Woman Shopping - Holding Shopping Bags - Retail - Spending Money Finance

What Does it Mean to be Able to Afford Something?

Most everyone will agree that you shouldn’t buy things that you can’t afford, yet so many do. Why is that? It seems to us that one of the reasons for this is because many don’t know what it means to be able to afford something. Spoiler alert – it doesn’t ...
Continue →
Scroll to Top