"... because the provider can see all your traffic!"
However, if you don't use a VPN: Your ISPs (Broadband, coffee shop, whatever) can see all your traffic!
20 years ago I passed ALL my traffic on my laptop through a VPN, I just happened to run my own. But back then much less of the standard traffic was encrypted. Now, pretty much all web traffic is encrypted. So that makes the VPN less of a concern, IMHO. Depends on what you're doing though...
There was this one time I went to Defcon. Installed a scratch laptop for it. The firewall on it would only allow DHCP and OpenVPN on the physical interfaces.
Comcast is a local monopoly in my area. As such, users have little recourse when Comcast abuses their power. I think given what we know about Comcast it is fair to assume that they would misuse all traffic on their network if it makes them more profitable. Their incentives are not aligned with their users. Why not save all your customer's web traffic and sell it to advertisers... Why spend any money securing all that data? what are our customers going to do? Go back to dial up?
VPN services have to compete with each other. Consumers can't really be sure their provider is doing the things they say they are, but at least their incentives are somewhat more in line with doing the right thing. I hope so anyway. Hopefully, VPN customers are a little more informed than the article suggests. I guess we will see how much NordVPN was punished in the market over the next few months.
That said, don't trust anyone on the internet - to the extent that you can - especially Comcast.
VPN companies are explicitly built on reputation for not doing that. ISPs don't give a damn about reputation and are usually a monopoly, or the other options are just as bad.
What reputation? Where is the dispensing of knowledge? And how do you know violations are evening coming back to the surface? With the ease of starting a new service, and the typical anonymity of who is running it, I don’t believe one bit in being able to let the decentralized world determine is trustworthy here. The space is full of shady operators.
We don't know that all violations are coming to the surface, but we can be pretty sure that if there are VPN honeypots then they are either obviously sketchy services or part of an expensive, sophisticated, secret and therefore targeted attack. Based on their website and other public information (like their WireGuard advocacy), I think Mullvad is more trustworthy than the average ISP, which in turn is probably more trustworthy than the average fly-by-night VPN operation.
Indeed. Someone, somewhere, can see your traffic. It's inevitable, the only thing you can do is making the dots as hard to connect back to you as possible.
However, if you don't use a VPN: Your ISPs (Broadband, coffee shop, whatever) can see all your traffic!
20 years ago I passed ALL my traffic on my laptop through a VPN, I just happened to run my own. But back then much less of the standard traffic was encrypted. Now, pretty much all web traffic is encrypted. So that makes the VPN less of a concern, IMHO. Depends on what you're doing though...
There was this one time I went to Defcon. Installed a scratch laptop for it. The firewall on it would only allow DHCP and OpenVPN on the physical interfaces.