It's been clear for a long time that every single commercial VPN service is a waste of money. At best, you replace trusting your ISP with trusting a different group of unknown people with similar motivations. At worst, it's a government agency honeypot or someone like Facebook.<p>If you think you want a VPN for "privacy", use Tor Browser. If you want a VPN for any other reason that "normal people" think they want a VPN, you're probably wrong.<p>Why do we even give these companies the time of day?<p>(Small clarification - Most people who want VPNs should use a proxy instead. It fits the use case better. Those still exist and don't route ALL of your device's traffic over the tunnel.)
Making someone with a history of doing exactly the thing that a company purportedly stands against the CTO seems like an absolutely baffling choice... unless the company is doing that thing (enabling surveillance).<p>If I were to use a VPN service, this news would certainly disqualify ExpressVPN from my list of possible options.<p>I imagine that if I were working for a company like that out of belief in the mission that this news would be difficult.
Get a VPS, they are actually cheaper than VPNs (if you only need one country location).<p>You will have one single IP and you won't share IP with hundreds of other people thus being flagged.<p>I have never been blocked from a site when using my VPS, including sites that otherwise block VPNs, I think they don't care for whatever reason.<p>Doesn't mean they can't know, they will, but they seem to not care?<p>Some websites might do.<p>Only way you can get a completely "native" experience is for someone to set up a VPN in a computer connected to a residential connection in the country you want appear in.
A lot of people in the Cybersecurity industry are solely motivated by money. This is an egregious case. In milder cases, I've seen US SAS Cybersecurity providers being casual about customer protection, only caring if it starts hitting their reputation. Protecting people's privacy is much lower on their list of priorities. Human rights activists , and other vulnerable people of human-rights-abusing - they're not even on the horizon.<p>He must've made a nice packet of money. Must have taken care of his retirement - the company's even promoting him. Some citizen's family is now at risk, or already imprisoned without a legal process. This must've come as a shock to the Human Rights community. VPN usage is universal there. And this <i>is</i> the tip of the iceberg - surely we know how fine of a dragnet the FBI has. Iran, China, Saudi Arabia, UAE, there's a long list of nations that'd like to snoop on their own people wherever they may be living. Like someone said, Tor is the way to go (tails).
I can't believe that employees and customers are falling for the Big Lie technique. "Yes, our CTO is an ex-spy that we never revealed, but he's totally not doing it anymore! We promise!"<p>Honestly, how stupid do you have to be to believe this?
<i>It [ExpressVPN] said it had not known of the federal investigation or the details of Gericke's work in UAE</i><p>Seriously?<p>So either he lied or they are lying. I'm not an expert in American employment laws but would have assumed that one of the conditions of employment would be disclosing/reporting being under a federal investigation.
I think there's a potentially valid argument in saying "who better knows how to protect us from these people than one of their own?". It's perfectly valid to doubt their motivation (and I do), but there's a reason defectors are valuable.
For any company, ask why they'd actually care about doing the right thing.<p>Is it reputation? Integrity? Is the reasoning purely financial?<p>Then ask whether the company operates in a way that suggests they'd do the profitable thing over the right thing if they think they might get away with it. Does that picture look realistic?<p>As an example, look at Apple. Leaving the tangential discussion about scanning iCloud photos for CSAM aside, they are a company that claims to care about users and about privacy. Whereas every other company is literally trying to send <i>all</i> data to the cloud, Apple is telling us they're working to process everything they can on the device itself.<p>What would happen if they were caught selling location data? Caught allowing companies direct access to data aggregated from users that they explicitly say they're not collecting? They'd stand to lose literally many billions of dollars of sales because the thing differentiating them from everyone else would be erased.<p>Which is greater - those billions of dollars of sales as a premium device maker, or those scraps of money they'd make from underhandedly selling data?<p>Now look at the same scenario but with Facebook, or Google - is it the same? No, because we have no realistic expectation of privacy with either company. They're in the news quite often because they're doing nefarious things, allowing access to data most people didn't even know they're collecting, yet people aren't really doing things differently because of the news.<p>Imagine the same with companies like ExpressVPN. How much would a disclosure hurt them? How much money could they possibly make by selling private data? Do they employ the kind of people who'd take the gamble between the two?
Decentralised VPNs are the future.<p>Edit: <a href="https://dvpnalliance.org/" rel="nofollow">https://dvpnalliance.org/</a>
If you don't like your job you can always quit. Something I don't get is present employees denouncing their employer while expecting to keep their job.
You can use <a href="https://satoshivpn.com" rel="nofollow">https://satoshivpn.com</a> if you want to be anonymous. You get access to your own private server, and user registration is not even possible.