Dan GillmorMar 27, 2024

Well, this is a transcendent level of evil: Facebook bought a VPN company and deployed it, in part, to spy on its competitor's users.

https://techcrunch.com/2024/03/26/facebook-secret-project-snooped-snapchat-user-traffic/

It's a reminder that VPNs have their own risks, beyond technical ones if operated incompetently -- namely, that you have to trust the VPN company itself.

UPDATED to reflect which users were being spied on.

Facebook snooped on users' Snapchat traffic in secret project, documents reveal | TechCrunch

A secret program called "Project Ghostbusters" saw Facebook devise a way to intercept and decrypt the encrypted network traffic of Snapchat users to study their behavior.

TechCrunch
Show threadPeter BindelsMar 27, 2024

@dangillmor The only thing a VPN does is move your traffic from your ISP's internet link to your VPN's internet link.

If you're in Russia or China, that's likely a good tradeoff. If you're trying to circumvent region blocks, your VPN could be in the country that's not blocked. But in most cases, it's not a net win... and in this case, it's a very big net loss.

Show threadKhleedrilMar 27, 2024
@dascandy42 @dangillmor I think you are confusing two different uses of the term 'VPN'. Here we are talking about mixer networks.
Show threadPeter Bindels

@khleedril I don't see a single reference to mixer networks here. That said, a mixer network does provide a lot more anonymization assuming the nodes are not all operated by a single entity.

Remember that most people use VPNs to avoid the firewall from their ISP, or from a content provider. Only some people are trying to be fully anonymous.

Mar 27, 2024 at 9:47amWeb
Show threadKhleedrilMar 27, 2024
@dascandy42
I don't think this is true. I'm sure most people haven't a clue what they are signing up for, but most of them do it for the anonymity.