Those I have less of a problem with. What I actually have a problem with is the supplement sales, VPN sales, and gambling sales. "Here's a magic multivitamin that will make you feel 1000% better!". "You are so unsafe by not using a VPN, here use our service which also gets to peak at everything you send through it". "Wanna bet on this Ping-Pong championship? Well, grab some crypto and go to this 'not legal in the US but who's watching' website where you can bet on anything!"

Those can actually be harmful things, and a LOT of media producers will advertise them as being the best thing since sliced bread (Usually having personal endorsements required in the copy).

> What's wrong with VPNs? Seems like the tamest thing to sell in terms of ethical impact.

Well, for starters the actual "security" that is often promised from these services is WAY overblown. You are already very secure browsing the internet using https. The TLS standard grants a huge amount of security that doesn't allow for snooping from a MITM.

So, when they start saying "everyone needs to do this to be safe". That's simply a boldface lie.

Your security when going through a VPN is from using https. If you are unfortunate and get a less than scrupulous VPN you might end up with them adding themselves as CAs (yes, some VPNs do that). That allows them to crack and access data within the secure stream.

Most of these VPN services are also trying to get you to do DNS with their DNS servers. Again, a major potential privacy leak problem.

> That's what a security app needs to properly protect you

VPNs aren't anti-virus software and any VPN selling that should be EXTREMELY mistrusted. You are right, they can only provide that sort of service by decrypting your secure payloads. That is where all the scamminess comes into play.

Certainly not every VPN service is bad, but I'd have an inherent mistrust in one that has both a cheap fee and the seemingly endless budget to advertise everywhere on youtube. They are getting money from somewhere and I doubt it's from grandmas signing up for the service.

> Most of these VPN services are also trying to get you to do DNS with their DNS servers. Again, a major potential privacy leak problem.

The privacy problem is most people using Google's DNS servers in the first place. A VPN is unlikely to keep your browsing history out of Google's hands when you're sending them a record of every ___domain you visit, when, and how often.

A VPN service is basically saying "Trust us more than you trust Google/your ISP" and that by necessity means giving them your DNS traffic as well.

> I'd have an inherent mistrust in one that has both a cheap fee and the seemingly endless budget to advertise everywhere on youtube. They are getting money from somewhere and I doubt it's from grandmas signing up for the service.

They make a lot of their money from file sharers (some of which are also grandmas). The VPN will keep your ISP off your back and the MPA/RIAA at bay. I assume most VPNs like that are being monitored (if not outright operated) by the NSA or some other three letter agency. It's fine if you're just using the VPN for regular browsing or to torrent TV shows though because they're not going to spoil their honeypot over something so trivial and the VPN's success at keeping pirates safe builds their reputation as a secure service.

Also these services used to call themselves proxies, which is what they are. At some point they co-opted the term VPN because "Private Network" makes for a good soundbite, even though it has nothing to do with what VPNs are actually used for (a network disconnected from the internet except via the VPN gateway). Of course they'll counter by saying they use VPN tech under the hood (OpenVPN, WireGuard).

>VPNs aren't anti-virus software and any VPN selling that should be EXTREMELY mistrusted.

My impression is that it makes browsing wifi networks you don't trust safer. I just let it happen, but I have a few friends who really hate having to connect to any public wifi. That seems to track with how most of the marketing goes when it's focused more on interceptions while traveling instead of on your home network. (And yes. I'm aware this is more equivalent to adding a door lock when a competent hacker has a crowbar and a window right next to it. Sometimes it's about preventing the incompetent ones).

I didn't mean to liken it to ant-virus per se. But the concepts are the same. Anything you choose that needs elevated permissions better be something you go through a fine-toothed comb with and have a stellar reputation. But without naming names, it seems a bit overly alarmist to name all VPNs that dare advertise as scams.

>They are getting money from somewhere and I doubt it's from grandmas signing up for the service.

it may very well be that. It's the same old subscription service virtually every company in the world does. "sign on for this super cheap fee!". Then you keep it around and then normal ratea happen after X months. Then you just keep using it or even forget about it and that's easy steady revenue.

It's dishonest, but in an apathetic sort of way. Not a malicious one. The solution is simply for a consumer to actually watch their banking statements.

> My impression is that it makes browsing wifi networks you don't trust safer.

That's why it's problematic. Using a known-good VPN can make it safer.

However by installing some VPN software you are intentionally installing a man in the middle which you now have to trust is legit.

And the promotions tend to vastly exaggerate the risk, something NordVPN got slapped for[1].

[1]: https://www.theregister.com/2019/05/01/nordvpn_tv_ad_rapped_...

> What's wrong with VPNs?

Nothing is inherently wrong but I trust my ISP a lot more than some random guys in Switzerland or Israel or whatever tax haven islands they operate from. They lie about what they’re good for which is just hiding things from my ISP. The rest of the benefits are fake

> Nothing is inherently wrong but I trust my ISP a lot more than some random guys in Switzerland or Israel

In the US ISPs collect, monitor, and sell your browsing history. https://arstechnica.com/information-technology/2017/03/how-i...

As you should.

Because a secret you should know about your ISPs is they really don't care (or want to care) about what you are doing with their service. They don't want to add the hardware/software it'd take to spy on your data, that's a huge cost to them with nothing but downsides.

I might distrust a large ISP more just because they have the extra cache to burn. But a smaller more regional ISP will not try and invade your privacy.

In the US ISPs monitor, collect, and sell your browsing history.

>I trust my ISP

I don't really, per se. Especially in my area where they have a monopoly. But VPNs aren't advertising making your home network safer anyway.

Yeah this! The day that casey neistat started advertising nordvpn, I lost a lot of interest in his content.

I personally don't mind creators advertising VPNs, but just be honest about it. Don't pretend like it's your favourite VPN you've always used, and it's the bestest, most secure, will make you super safe..

If they'd say like, I've been paid to advertise xyz VPN, I've tried it for a few days, works as advertised. I can watch my US Netflex while traveling out of the US, or whatever. But keep in mind, instead of just your ISP knowing where you browse, now the VPN providers knows, and is probably selling your data. Like, cut the bs.