this post was submitted on 08 Nov 2023
390 points (98.0% liked)

Privacy

31876 readers
1 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
390
In what world does a VPN need access to Camera and Bluetooth? (i.imgur.com)
submitted 2 years ago* (last edited 2 years ago) by LunchEnjoyer@lemmy.world to c/privacy@lemmy.ml
64 comments fedilink hide all child comments
 

I am fully aware of what vpn services to use and not. I am not using Express VPN, I am simply doing research for a master thesis, when I came across these results from Express VPN. If you have any ideas or corrections, please let me know why a VPN provider would need to have access to these permissions.

Screenshot is from Exodus service, which let's you view what exactly perimissions and trackers each app uses. You can check out the results and the tool for yourself here: https://reports.exodus-privacy.eu.org/en/reports/com.expressvpn.vpn/latest/

Link to Image

top 50 comments
sorted by: hot top controversial new old
[–] ultratiem@lemmy.ca 80 points 2 years ago (7 children)

I don't get why the entire world isn't on Mullvad.

I don't trust these guys at all. I trialed them and despite their full money back guarantee, they locked me into a support loop, always switching support staff with boiler plate responses and links that dealt with account issues or whatever. It wasn't until I left a stern reply demanding the refund or I would escalate the matter with the proper regulatory bodies.

It took 4 support tickets. To me, they came across hella shady.

[–] alsaaas@lemmy.dbzer0.com 28 points 2 years ago (1 children)

they closed off Port Forwarding

[–] VicentAdultman@lemmy.world 16 points 2 years ago (10 children)

I used to host my Minecraft server safely 😭 don't know any trusted VPN that has Port Forwarding

[–] Daryl76679@lemmy.ml 19 points 2 years ago

ProtonVPN still offers it I believe

[–] LufyCZ@lemmy.dbzer0.com 8 points 2 years ago

AirVPN

[–] synestia@lemmy.ml 6 points 2 years ago

You can set up a VPS and tunnel that to your minecraft server using wireguard some iptables magic if you're into Linux.

[–] nickiam2@aussie.zone 3 points 2 years ago

AirVPN still has port forwarding. They are run by a non profit activist group and you can use it without their app. Works with openvpn and wireguard natively.

load more comments (6 replies)
[–] kryllic@programming.dev 14 points 2 years ago

Dilly dilly, Mullvad is great. I prefer it over ProtonVPN just for how lightweight and simple it is

[–] xenspidey@lemmy.zip 3 points 2 years ago (1 children)

I know this isn't popular but I really like Nord. I've been with them for years before the ad campaigns that turned people off. Mullvad can use wireguard so I may look at them again at some point, but the Linux cli client for Nord is really solid and picks the fastest server in whatever region you like.

[–] ultratiem@lemmy.ca 7 points 2 years ago (1 children)

Wireguard is insanely fast. Like insanely fast compared to traditional VPN connections. For me that is an absolute dealbreaker they don't have it.

Once you start using Wireguard you can't go back.

[–] Anticorp@lemmy.ml 3 points 2 years ago (2 children)

Thanks for the update. I just checked them out and they seem like they have a lot of servers. They're almost double what I paid for Nord. Is there enough of a difference to consider switching? My Nord subscription doesn't expire for five more months though.

[–] neveraskedforthis@lemmy.world 4 points 2 years ago

Mullvad is by far the best for privacy since you can literally pay with cash and all your account is is a number. No email, no phone number (unless you pay with Swish), nothing at all identifiable except your IP.

The pricing is honest and very consumer friendly, although being more expensive than average. There is no subscription, just monthly cost with no special discounts to get you to buy it "cheaper".

And they got raided by police and provided them with everything they had: Literally nothing.

load more comments (1 replies)
load more comments (4 replies)
[–] Nollij@sopuli.xyz 50 points 2 years ago (1 children)

What kind of VPN would need those permissions?

The one that Edward Snowden (yes, that one) publicly and explicitly called out that people shouldn't use. I won't rehash it here, but it's worth reading about.

[–] extant@lemmy.world 36 points 2 years ago (1 children)

I use Express VPN and the camera permission is relatively new as I don't have it enabled and it's never asked me prior to enable it. I dug through the app and found it within their new password manager when you add a new credentials it offers you to help setup 2FA with the major providers and you can optionally scan a QR code with it so it's a benign convenience feature.

Bluetooth on the other hand I cannot explain unless it's to proxy any connections Bluetooth devices might make.

[–] LunchEnjoyer@lemmy.world 3 points 2 years ago

thanks for the insights :)

[–] MigratingtoLemmy@lemmy.world 35 points 2 years ago* (last edited 2 years ago) (1 children)

Wait, are you the same guy I asked for access to your draft when you're done?

How is the paper going? Will you also be covering self-hosted VPNs in your thesis? Also, SSL-VPNs seem to be coming up nicely, so if you're interested in obfuscation, that might be interesting to you! Can't wait to read what you're cooking!

[–] LunchEnjoyer@lemmy.world 28 points 2 years ago* (last edited 2 years ago) (1 children)

Hahah thats me! :P (lemmy is a small world) My main focus is most likely going to be free vpn's and the risk of using them. I have to limit the scope quite a bit and want to cover areas that are not that well properly documented... yet..

But thanks for the tips! I will defo read up on it and see wheter or not I can have a "alternatives" section towards the end.

Edit -> This research paper might feed your temporary needs :P https://www.usenix.org/system/files/usenixsecurity23-ramesh-vpn.pdf

[–] MigratingtoLemmy@lemmy.world 5 points 2 years ago

Thanks, downloaded! Keep up the excellent work!

[–] beyond@linkage.ds8.zone 30 points 2 years ago* (last edited 2 years ago)

Not an endorsement of ExpressVPN, I've learned to avoid companies that sponsor on youtube. However, I believe you don't need the proprietary app to use the service, you could use a free software OpenVPN client such as this one.

They do offer support for OpenVPN although, unsurprisingly, they heavily push their proprietary client as the preferred way to use the service. This alone would be enough to discourage me from using it or recommending it.

[–] fubarx@lemmy.ml 29 points 2 years ago

There are Bluetooth FIDO security keys out there for 2FA, like: https://thetis.io/products/fido2-ble-security-key. Some implementations can also use a phone, running an app via BLE. Not sure if they use it, but that could be one reason it's asking for that permission.

Camera permission may be needed for scanning QRCodes to set up 2FA.

[–] ekky43@lemmy.dbzer0.com 27 points 2 years ago* (last edited 2 years ago) (1 children)

Dunno about Bluetooth, but isn't Expressvpn pushing their new password manager? I imagine it's a separate app, but if not, then it would make sense to have camera to read 2FA QR-codes.

Edit: from their site:

Keys comes included in any ExpressVPN subscription and is built right in to our apps for iOS and Android.

Yup, that's got to be the camera. Still not sure about the Bluetooth though.

[–] brightpants@lemmy.eco.br 5 points 2 years ago (1 children)

You can have internet over bluetooth, both as a hotspot and as a tether, maybe that's the thing?

[–] fluffery@lemmy.ml 3 points 2 years ago

Unlikely i feel tho.

[–] Omega_Haxors@lemmy.ml 23 points 2 years ago (1 children)

If handfuls of youtube sponsor callout videos has been proof of, is that you should never use a service advertised on youtube.

[–] faintwhenfree@lemmus.org 3 points 2 years ago* (last edited 2 years ago) (1 children)

Kindly enlighten us good sir.

[–] Honytawk@lemmy.zip 7 points 2 years ago (1 children)

Any money spend on marketing is not used to improve the product.

[–] Locuralacura@lemm.ee 7 points 2 years ago (1 children)

So, not advertising is the best advertisement for intelligent consumers?

[–] alsimoneau@lemmy.ca 11 points 2 years ago

Yes. See Sennheiser versus Beats.

[–] thepiguy@lemmy.ml 18 points 2 years ago* (last edited 2 years ago) (1 children)

I prefer mullvad. Not only is their pricing and account system much more privacy focused, they are a European (Swedish) company and are bound by the laws of my country by default. Another European one is surfshark (Dutch) which I used before. I trust mullvad more though. They also have open source clients and had no user data stored when they were raided once before.

Edit: clarifying the reason I used surfshark. I used it back when I was in high school a few years ago, so their 3 year plan seemed like a very good price. They also supported this very obscure VPN protocol whose name I can't remember, and my school just so happened to have forgotten to block it on their network. But I couldn't use that protocol on Linux due to incomplete connection steps provided by surfshark, and I switched to using linux full time in the second half of my first year, so that was a waste and I just used my mobile data.

[–] tetris11@lemmy.ml 7 points 2 years ago (1 children)

They also push the envelope on privacy, and frequently publish security reports.

[–] fnafdesktopfan111@lemmy.blahaj.zone 3 points 2 years ago (3 children)

not to discredit what they do and what's been said, but i think it's important to keep in mind (with one's threat model in mind also) that they're based in Sweden, a 14 eyes country.

load more comments (3 replies)
[–] vox@sopuli.xyz 14 points 2 years ago* (last edited 2 years ago) (1 children)

probably qr scanning
bt for FIDO

[–] uis@lemmy.world 4 points 2 years ago

FIDO can be done locally. Why external key?

[–] lemmyworld2023@lemmy.world 7 points 2 years ago (1 children)

In the mobile space, there are Chinese calculators apps on Androids by manufacturers that require internet access...

[–] nickiam2@aussie.zone 5 points 2 years ago (1 children)

To be fair, the calculator on my phone has a built in currency converter and would need network access to get the exchange rates

load more comments (1 replies)
[–] LWD@lemm.ee 6 points 2 years ago* (last edited 2 years ago)

deleted

[–] dislocate_expansion@reddthat.com 4 points 2 years ago

lol

[–] spudwart@spudwart.com 2 points 2 years ago (5 children)

Don't use ExpressVPN, they and others make money off of your data.

[–] LunchEnjoyer@lemmy.world 9 points 2 years ago

Yeah I dont, as I wrote in the description, im just researching different providers.

[–] Rai@lemmy.dbzer0.com 5 points 2 years ago (1 children)

RTFP

[–] LWD@lemm.ee 3 points 2 years ago* (last edited 2 years ago) (1 children)

deleted

[–] Rai@lemmy.dbzer0.com 5 points 2 years ago (1 children)

“Read the fucking post” lawl, the post says “I don’t use ExpressVPN,” and the person I replied to was like “Don’t use ExpressVPN!”

[–] spudwart@spudwart.com 8 points 2 years ago

The intention wasn't to be a direct response to the OP, but to be a general statement of advice.

load more comments (3 replies)
load more comments
view more: next ›