I'd really like some version of E.G. Librewolf configured to spoof the exact SAME information no matter who's using it. Like standard resolution for a 1080p monitor, the same GPU profile, Allow device timing stuff to work but with a fixed profile etc.
Effectively, stop spoofing random data, start spoofing still useful but not for finger printing data.
No, not usually. Few ISPs are willing to risk blacklisting.
Just like scrapers (and a lot of VPNs are quietly using their custom VPN clients to sell your own IP [and data] to scrapers) it's mostly a "don't ask don't tell" situation for IP sourcing. You use a multitude of IP providers and if a scandal happens you just say "We didn't know!" and move on to the next. Almost always grey-market, very rarely through legitimate providers.
if you read the above comment too quickly, it may appear that TkTech is implying that mullvad surreptitiously harvests user data and sells it, rather than speaking generally about the shadier side of consumer vpns.
> Will other users of tuxlerVPN be able to connect using my IP address?
"When you use our free residential VPN, you automatically agree to add your IP address into the community pool. This means that you are trading your own IP address in return for the ability to connect via the IP addresses of other users. You can opt out of this by purchasing our premium subscription; once you upgrade to the premium version, your IP address will be removed from our community pool."
it should probably link to this: https://mullvad.net/en/blog/exit-ip-fingerprinting-between-v...
which is the blog post, rather than a list of exit servers
related to this post: https://news.ycombinator.com/item?id=48143880
The page already contains link to both of these resources
right. but one of those resources contains much more context than the other, making it much more suitable for the submission link.
I'd really like some version of E.G. Librewolf configured to spoof the exact SAME information no matter who's using it. Like standard resolution for a 1080p monitor, the same GPU profile, Allow device timing stuff to work but with a fixed profile etc.
Effectively, stop spoofing random data, start spoofing still useful but not for finger printing data.
The Mullbad Browser? https://mullvad.net/en/browser
Is this at all related to Wyden's recent congressional warning? Are any other VPN providers speaking up on this?
https://www.wyden.senate.gov/imo/media/doc/wyden_letter_to_g...
it is a direct response to this disclosure: https://tmctmt.com/posts/mullvad-exit-ips-as-a-fingerprintin... and nothing to do with american politics
Do VPNs pay retail ISPs for exit points?
No, not usually. Few ISPs are willing to risk blacklisting.
Just like scrapers (and a lot of VPNs are quietly using their custom VPN clients to sell your own IP [and data] to scrapers) it's mostly a "don't ask don't tell" situation for IP sourcing. You use a multitude of IP providers and if a scandal happens you just say "We didn't know!" and move on to the next. Almost always grey-market, very rarely through legitimate providers.
why is this downvoted? I'm not aware of a single ISP that would willingly let VPN providers use their ip blocks for their exit nodes
>why is this downvoted?
mullvad is beloved by many.
if you read the above comment too quickly, it may appear that TkTech is implying that mullvad surreptitiously harvests user data and sells it, rather than speaking generally about the shadier side of consumer vpns.
Not retail ISPs, but many extensions and free VPNs route VPN traffic through the connections of those who use them.
This isn’t correct, the residential IPs are a completely separate and vastly more expensive product.
One such extension, https://www.tuxlervpn.com/faq/:
> Will other users of tuxlerVPN be able to connect using my IP address?
"When you use our free residential VPN, you automatically agree to add your IP address into the community pool. This means that you are trading your own IP address in return for the ability to connect via the IP addresses of other users. You can opt out of this by purchasing our premium subscription; once you upgrade to the premium version, your IP address will be removed from our community pool."
I mean, most “residential proxy” providers are selling access to hacked devices, or sneaky plugins
https://medium.com/@xianghangmi/resident-evil-understanding-...
Technical paper: https://ieeexplore.ieee.org/document/8835239