• ilinamorato@lemmy.world
    link
    fedilink
    arrow-up
    24
    ·
    edit-2
    10 months ago

    Generally speaking, governments aren’t that good at keeping secrets at scale. Government-run VPNs would require a lot of people doing coordinated work; data center employees, ISPs, people passing themselves off as independent auditors, legal teams, marketing teams, and more. The more people you add, the less likely it is to be kept a secret. And all of this across multiple VPN companies (because there’s no guarantee that the person you want to surveil is using the one you own) and internationally (many VPNs are based in or have major operations in multiple countries).

    Now, is it possible that the NSA has an undisclosed financial stake in one or more VPNs and has secretly inserted a backdoor? Sure, anything is possible. But is that more likely than them just buying up Ring doorbell footage or doing large data analysis on social media activity? Or installing rootkits on your smartphone firmware? Or just good old fashioned LoJack?

    If they have reason to investigate you, they’re going to probably get everything anyway. No reason to make it easy for them by not using a VPN.

    • Trainguyrom@reddthat.com
      link
      fedilink
      English
      arrow-up
      6
      ·
      10 months ago

      The more people you add, the less likely it is to be kept a secret.

      This is also one of the most convincing arguments about most conspiracy theories. Most would require so many people to never talk that the secret would be about as secret as North Korea’s fake grocery stores

    • philpo@feddit.de
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      10 months ago

      That’s not how these things work - Intelligence agencies use cover companies very differently. They simply provide a few people money to create a company. These people set up a VPN company - and run it like it’s legitimate.

      Marketing or legal won’t know that their company is actually a listening post, most Datacenter employees won’t know, only very few people(mostly network engineers and IT security, some managers)would know. And of course the Auditors - which is not a hassle for any decent intelligence agency.

      It’s far easier than one would think - how do we know that? Because it would be the same way other intelligence service companies are run like that for decades.

      • ilinamorato@lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        10 months ago

        Oh what a novel idea

        Now, is it possible that the NSA has an undisclosed financial stake in one or more VPNs and has secretly inserted a backdoor? Sure, anything is possible. But is that more likely than […]