VPN has been thoroughly defeated. China, UK and US state law enforcement monitor VPN use. (Snowden documents, for example, revealed that VPN traffic can be readily decrypted.)
ISPs and police will use every mechanism including DNS, HTTP, IP addresses, CRL behavior, ad tracking markers embedded in pages and more to determine your browsing behavior and history.
The best way to defend yourself against this is to lie down and comply.
Do you have a link to the "VPN has been defeated" documents? Didn't Snowden say exactly, that the only thing to trust is strong encryption?
> ISPs and police will use every mechanism including DNS, HTTP, IP addresses
Surely VPN will protect you from all of that?
My main concern is police/isp's logging all VPN traffic, and then when they want to use some of it, they subpoena your VPN provider for the keys. Though, maybe forward security fixes this?
They could also secretly force every provider to log everything at all time? But surely there are enough providers that some would have leaked it?
VPN isn't strong encryption. Or rather, VPN is not necessarily strong encryption as most of the VPN standards and implementations have either been backdoored or weren't designed for strength against state actors.
From the (excellent list of) papers you listed, it seems the weaknesses are not so much that the encryption can be broken, but that you can do all kinds of man in the middle and timing attacks. Does this mean, that as long as you are not being actively attacked, the security is acceptable? That is, if you are only trying to avoid passive logging?
I guess in either case, it would be better to just go with openvpn. I really don't understand why it isn't natively supported in Android, OSX etc.
For effectiveness, here are links to Snowden documents indicating that VPN has thoroughly been defeated. The links are all hosted on the German media outlet that helped to process the documents from Snowden's whistleblowing.
Namely, do not let stubborn insistence endanger your wellbeing. If you need something in a life threatening situation VPN isn't going to be enough alone to help you.
ISPs and police will use every mechanism including DNS, HTTP, IP addresses, CRL behavior, ad tracking markers embedded in pages and more to determine your browsing behavior and history.
The best way to defend yourself against this is to lie down and comply.