Follow

Reminder that getting personal internet security advice from YouTube personalities is a bad idea

drewdevault.com/2019/04/19/You

NordVPN was compromised in probably the worst possible way and they didn't know about it for who knows how long

@sir Any VPN company that spends that much money on advertising, I would not trust. The only companies I'd trust would be ones that are reliably providing a service, not being loud and flashy about it.

@shadowfacts I don't trust any VPN that I don't personally administrate

@sir Fair enough, but that's not really a feasible solution for most people.
@sir Or maybe just don't trust a non-techie on techie advices, specially when they are sponsored.

@sir Oh, that's just embarrassing for "security" company

@sir NordVPN user here. I'm not surprised given how other services haven't been infallible to similar slip-ups. The CryptoStorm guys, of whom I used to have an 'aleph' token with, reckon the past hour's traffic could be decrypted due to reneg-sec not being set (1h by default).

I also like how some of the thread's replies were just the names of rival services and how they weren't affected.

@ignaloidas

@thatbrickster @ignaloidas let's not descend into corporate tribalism, all of their rivals are just as bad

@thatbrickster @ignaloidas oh, and to be clear, this is an egregious failure of their organization's security organ and indicates gross incompetence, it's not really an easily forgivable mistake that anyone could have made

@sir private internet access is probably the best of the commercial ones

@sir don't trust anyone that rates security software by how easy it is to set up

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!