Hi, this is my first post here. As I'm interesting in fields of computer theory, #cryptography, IT #security and #privacy, I felt that a post like this is some kind of needed. There are many privacy concerned Internet users around, and the sad reality is, that many of them are (still) convinced, that if a privacy-related service (be it a proxy, #VPN, #TOR, whatever) - especially the free ones - states, that makes you completely anonymous and hidden on the net, that this is certainly true. But it's not.

There are many VPN (virtual private network) solutions available - many of them also free of charge (mostly as a freemium business model). The main problem with free VPNs is, that they aren't really free. I generally do not copy sentences from Anonymous but the following is a bloody fact:

If you don't have to pay for a product, you are the product being sold.

But that doesn't mean, that with an "investment", you'll gain on real anonymity/invisibility. Because that's an illusion. Maybe it's (a bit of) additional protection against your ISP or some companies sniffing what are you doing (for that also a free model should be enough), but you just can hide in complete from the government. We can stand against it, we can fight against it, but at the end, they have the control - not necessarily over the Internet (and what is spoken there) but over the resources needed for the Internet properly functioning (and by that I don't mean free speech, but hardware backbones and stuff like that).

The only real difference is that paying users (and their data of course) are less likely to be exposed/sold to some other corporate entities. That's all.

And in some way it's also fine. If it is OK for you, that your ISP, websites, companies are to 99% (as always, there is no 100% in (IT) security and privacy) blocked from viewing what are you really doing or knowing who you really are (or let's say, see it more or less obfuscated), then it's fine. If you use a VPN to watch geo-restricted content, then it's perfectly fine. If you're using a VPN to do online banking securely from an open hotspot, it's really essential. But if you are expecting to be completely anonymous and invisible on the Internet, and even the government does not know what are you doing, when you're using a VPN (free or paid, as it turns out it doesn't really matter), then it is not OK. Because it's a lie. (Or whatever is more accurate to describe it)

For more on the privacy related study of some of the best VPNs (DNS hijacking and IPv6 leaks - I know it was shared before but it fits into context), read here.

The other option is TOR (I'll not go into proxies, because they are generally (by majority of security and privacy researchers) claimed to be far less secure than VPN, but that's also another story for another time). As by many (also #Snowden), The Onion Router is the free speech machine of the censored net. The main difference to a VPN provider is, that a VPN is (or is not) government controlled but TOR exit nodes easily can be. Everybody can set up a node to help the community to run a faster and more stable onion network - but "help" can be interpreted in different ways: you can help the community (which is a big donation forward to those who live in repressed regimes, but also isn't a very clever idea, as all data that is running through your node is considered as your traffic by the law - so, if somebody is connected to your exit relay and is searching for illegal content (like child pornography), then you are responsible for that - and it also happened in real life) or help yourself to gain data (like the NSA or GCHQ, which are supposed to be setting up fast and reliable exit nodes, just to track the traffic - it's a pretty controversial claim, but not completely out of scope). So seen, TOR is fine and generally also does not make trouble (let leave the fact that NSA is categorizing IPs (via XKeyScore), which use TOR software or even search for it as "extremist" controlled).

Oh, and also, just for notice: (to cite The Guardian)

The software [TOR] is primarily funded and promoted by the US government itself.

Ashkan Soltani, an independent security researcher:

Tor gives you one level of anonymity -- which is IP anonymity. It doesn't protect you from rogue exit nodes, transport layer security (sniffing on the entry/exit nodes), or correlation attacks from a very 'all seeing' adversary.

Anyway, the "to TOR or not to TOR" is a very long lived discussion (as also the VPN one), where both parties are constantly presenting strong facts. (I don't know how "strong facts" are measured, so better to say facts, even if some of the "facts" cannot be considered as facts at all - but that isn't a general rule and (probably) does not apply on all arguments. But I'm not such an expert of TOR and VPN structure to say what is technically correct and what not.)

I apologize for bad English (if this is the case) and hope it helps somebody in a way. And thanks for reading. It's a long post, I know.

P.S.: I cannot guarantee for the objectivity of listed articles and websites. Also, all the links are purely for reference and are in no way meant to be passive advertising. And it's just my opinion on the topic, so feel free to submit yours :)