refalo
I don’t think the majority of people would agree with your stance on this.
the merest hint of a bias kind of invalidates any advice they give
One could make the argument that the entire point of all of these privacy guides and recommendations… is bias.
Also I bet many of the more mainstream users want to know about partners like proton and synology… and I think putting that at the very end of a video is quite a fair way to do that and already goes way above and beyond what everyone else is doing. Basically I think you’re being extremely unreasonable.
Why the IP leaks or not is entirely dependent on each user’s individual opsec… how you are connecting to the VPN, potentially your firewall/routing table setup, how the browser interacts with it etc.
You said “if I do the same with VPN, i see that my ip address isnt in that payload”, but then you said ipleak.net does leak, but that you “followed information” from thehackernews.com before using ipleak.net, which from what I read seemed to just say “connect to expressvpn and run the test”… is that actually what you were doing? Were you using expressvpn the whole time or did you switch to just that one for the ipleak.net test or something? It’s not clear to me.
The bottom line is that the IP can only leak if you let it. Regardless of how the VPN is accessed, whether that’s via a browser configuration (extension or proxy setting) or an OS-level layer3 tunnel (managed by a separate app or the OS itself), a misconfiguration or misunderstanding of how those work could cause the leak and there’s no fool-proof way for a web page to do anything about that. If you really want no leaks, then the user must actively choose to block all internet connections to anything BUT the VPN (and regularly test/verify that it works), some call this a “kill switch” although I really dislike the term.
As for the “enforce VPN” option… depending on your definition of “VPN” in the context of your app, IMO you simply can’t do anything reasonably useful here. There are so many ways to mask your IP that there is no definitive way for a web page to know with any certainty that the user is “connecting via a VPN”, which some might say is impossible to quantify anyways. At best you might be able to use very flawed methods like scanning known IP ranges of well-known VPN providers, which IMO does not count as “detecting a VPN”, and even worse, doesn’t help with any sort of leak. I could be tunneling through tor, a neighbor’s wifi, ssh, or remote desktop or something for all you know. Does any of that count to you?
Well, whether anything is problematic or not is highly subjective.
Do you consider no headphone jack to be problematic? Or that some think it was done intentionally to push their wireless headphones?
What about the use of slave labor? After realizing it was impossible to get away from that, they tweaked their slogan from a fair phone to a “fairer” phone.
How about the high price and little demand?
See what I mean? One person’s problem is not everyone’s.
CalyxOS is another one. Some consider fairphone problematic
DuckDuckGo gains revenue via advertisements and affiliate programs
DuckDuckGo announced that all map and address-related searches would be powered by Apple Maps
DuckDuckGo had blocked search results for some major pirating websites
https://www.tomsguide.com/news/duckduckgo-privacy-browser-facing-backlash-over-microsoft-trackers
Rule 1
