On fiber... What's more secure than VPN that doesn't completely crush 1Gbps bandwidth?

I'm on fiber (~950 Mpbs/~850 Mbps).... PIA is the method I've been using but it puts me at best at Comcast speed with poor at best upload speeds (~50Mbps/~17Mbps up at basically minimal security).. Props to Barnacles for recommending Astrill VPN which was at least giving him the down he paid for.... haven't tried it yet but I'd bet I could pull more with a gigabit connection and am definitely switching when the contract rolls out from PIA... maybe before...

My question, however, relates to how big of a pain in the ass can I make myself to track? VPN through VPN? Is there anything better? TOR is obviously compromised... PPTP is compromised... I'm being a LITTLE tin foil hat here but not really and don't do anything illegal... but I don't like the direction Microsoft has headed.... I don't like the direction the NSA and other foreign NSA-like organizations have headed.... I don't like the direction the internet in general has headed...

What can I possibly do on Windows 10 (I need the proprietary programs for work... really wish I didn't to preserve maximum bandwidth.... and assure I REALLY need to be specifically targeted for investigation to preserve my anonymity on the internet?

Also... what are the settings on a VPN client for maximum bandwidth/protection? e.g UDP vs TCP, AES-128 vs AES-256 vs Blowfish... SHA1 vs SHA 256.... What handshake? Etc....

How hard is it for the government to crack a VPN connection? I know an IT guy that I graduated with that works for an unnamed government organization in Washington and says he can track a VPN'd post on a forum and get an IP/MAC address in approximately 15 minutes with the network of computers they have on site, but added it's a "pain in the ass" and they only do that if there's a direct security threat...

Is resistance futile? Will they roll out anything to the public they can't crack on demand? How can I be the biggest "pain in the ass" I can be without destroying my bandwidth?

You are using electronic communications. Nothing you do is completely safe. Use a VPN. Turn off settings you dont need that send into to whatever service, be it Microsoft or Google. Just do what you can to make it as hard as possible. Encrypt your hard drive. Use your own mail server. Use Encrypted chat programs. If you are doing things that are not exactly legal, don't use it on your personal machine. Use Tails or something similar on a separate device.

Live your life, and accept the fact we live in a very creepy time and unless you want to forego electronic communications all together you have to deal with it.

PS, and dont waste your fiber internet that I am totally jealous of by being paranoid.



In my experience I have been using I2P with a pipeline out to some search engines in other countries. I use it as a VPN like tor but it doesn't really work the same way.

Obviously these are basic precautions one takes...

I would like to go well beyond basic... I, as should everyone, take the blatant and inevitable invasion of privacy as a serious offense against my rights as a human... I don't want anonymity to pirate software or post child porn or any of the myriad of other ridiculous things that are linked to people that wish to have their privacy respected... it's a basic human right that I wish to be upheld...

I've certainly accepted that many governments/companies are making a huge push to go against the utopia of an anonymous internet. However, that doesn't mean I'm just going to lay there and take it. I'm not paranoid, the threat is very real and very in place already. I don't expect a drone to follow me around in the real world, so why is it necessary to to do so when I go online?

Anyways... looking for anything else I can do that won't destroy my bandwidth... thanks :)

Well for maximum performance I'd say UDP, AES-128 (or blowfish) and SHA1. SHA1 is depreciated and while I don't think it's been compromised you're better off using at least SHA256. Also the key size affects performance, a 1024 bit key would probably be the best performance but for security you'd want to use 2048 or higher. If you want maximum security you would use AES-256, although the benefit is debatable and there are actually more effective attacks against AES-256 but none of them make it weaker than AES-128, which is still very strong and has not been broken. Of course you're pretty much stuck with whatever the server is configured for.

But you're unlikely to get gigabit speeds through a VPN simply because the server would need a crazy amount of bandwidth to service multiple gigabit clients. You could set up your own VPN on a VPS which would get you past ISP or public network surveillance.

Short answer, no there isnt.
Atleast non that i can think of.

The greater the encryption strength the slower your connection is going to become.
If you have something that an organisation like the NSA wants, they'll get access to it.
All you can do is your best - strong unique passwords (use a manager like LastPass if you need to), clear out your mobile devices SSID's, change your home AP SSID name to something generic. Up the VPN tunnel to the max - 256bit aes openvpn etc.
As for windows 10 there are plenty of good tools about now that do the registry hacks - http://www.guru3d.com/files-details/anti-beacon-for-windows-10-download.html - is new, clean and does all that your need.