| 1 |
On Saturday, 6 August 2022 07:07:26 BST Dale wrote: |
| 2 |
> Michael wrote: |
| 3 |
> > All connections to banks are encrypted end-to-end for decades now and the |
| 4 |
> > encryption has becoming stronger over the years. |
| 5 |
> |
| 6 |
> That is likely true. I still remember Snowden tho. We don't know what |
| 7 |
> backdoors are in use even for bank encryption. |
| 8 |
|
| 9 |
It's safer to assume state actors have full access to bank information. The |
| 10 |
hope is bad guys don't get access too! ;-) |
| 11 |
|
| 12 |
|
| 13 |
> Thing is, open source |
| 14 |
> tools are harder to fall into that trap since everyone can see what the |
| 15 |
> code is. If a backdoor is forced in, it will be known to a lot of |
| 16 |
> people and then that tool won't be used. It's sort of funny in a way, |
| 17 |
> they more Govts and others try to restrict things, the more tools there |
| 18 |
> is to get around it. From what I've read, most VPNs use open source |
| 19 |
> tools. Most even use the current best and would upgrade if needed. |
| 20 |
> That gives me some extra protection in the event my bank or any other |
| 21 |
> website falls behind on updating theirs. |
| 22 |
|
| 23 |
A VPN gives no end-to-end protection whatsoever in this scenario. All you get |
| 24 |
is protection in the network connection between your PC and the VPN server. |
| 25 |
From the VPN server onward to your bank, the connection will be no more |
| 26 |
protected than whatever encryption protocol the bank offers. Only a VPN |
| 27 |
server offered by your bank for connections to their network would afford |
| 28 |
additional protection in this scenario. |
| 29 |
|
| 30 |
|
| 31 |
> Basically, I don't trust Govt with much of anything. If they say they |
| 32 |
> don't do something bad, you can pretty much bet they are doing exactly |
| 33 |
> that or even worse. |
| 34 |
|
| 35 |
Heh! After the Snowden revelations any such suspicions could be taken as a |
| 36 |
certainty. |
| 37 |
|
| 38 |
|
| 39 |
[snip ...] |
| 40 |
> Well, that settles that then. I guess it will be Surfshark. Pretty |
| 41 |
> sure it is in the Netherlands but may be wrong on country. I just |
| 42 |
> recall it being outside US jurisdiction. I also read they have been |
| 43 |
> audited by independent people to ensure they have no logs even if asked. |
| 44 |
|
| 45 |
Surfshark gets good reviews and it offers the wireguard protocol with the |
| 46 |
ChaCha20 cipher for better encryption and performance. However, the |
| 47 |
Netherlands is part of the EU and 14 eyes, so I would think similar state |
| 48 |
powers exist to access your private communications and the ISPs would have no |
| 49 |
way of refusing and staying in business. Surfshark offers a warrant canary, |
| 50 |
but it looks more like a marketing statement to me when you compare it to |
| 51 |
something like the Qubes digitally signed canaries. |
Archives