TL;DR: I’ve renewed my subscription to Private Internet Access, and intend to continue using the service indefinitely.
This is the third and final blog post in my series on Private Internet Access. Part One lists the different problems I encountered when trying to use Private Internet Access, and Part Two discusses how I solved most of them. When Part Two was published, my remaining unsolved problems were (a) extreme difficulty checking mail in Evolution, (b) my first attempt to connect always failed, and (c) I was blocked from freenode. A day after publishing the second post, I updated it to discuss how to get the first connection attempt to work (save your password system-wide so it’s accessible by the login screen… seems obvious in retrospect).
So what did I do about email and freenode?
I’m really happy with my solution for email. The problem was that I experienced a very high number of timeout errors sending and receiving messages when using Private Internet Access, far more than when not using it. A PR representative from Private Internet Access told me I needed to ask them to whitelist our mail server for SMTP, but I knew that wasn’t the problem because it worked OK sometimes, and I was having trouble with IMAP too. Everything email-related was just so much slower when using Private Internet Access.
My solution was to uninstall Evolution and install Geary instead. I now wish I had done this a long time ago. Geary has many shortcomings and significant room for improvement, but I’ve never been more pleased with a mail client. With Geary, reading my mail is no longer painful. Whereas Evolution takes several seconds to load every individual message, and often times out and fails, even when not using Private Internet Access, Geary takes a few seconds to load an entire conversation, which speeds things up tremendously. Conversation view is killer, a real must-have for a mail client. More importantly, timeouts and error messages are extremely rare with Geary, even when using Private Internet Access. Probably the difference is that Geary just waits a lot longer before timing out. I did experience one day shortly after switching to Geary where I was unable to send any mail from my Igalia account, which at the time I attributed to Private Internet Access. However, I’ve had no trouble since then, so I think this was just an intermittent problem. Geary also has a much slicker user interface than Evolution. I’m not comfortable saying that Geary is going to be the future of mail for GNOME, since there is no question that Evolution is a far more capable client right now, but I’m very pleased with Geary and am looking forward to future development.
freenode
I’m really unhappy about my solution for freenode. If you use an IRC client that has good support for NickServ or SASL authentication, then apparently there is nothing you need to do to access freenode besides configure that. However, neither Empathy nor Polari qualify here, and those are the only IRC clients that are interesting to me personally. With a little experimentation (and some help from Florian), I found both clients could be configured to authenticate with NickServ automatically. However, there’s no way to avoid being pestered with a private message in GNOME Shell from NickServ every time I connect, with the accompanying chat box to type my response. The Telepathy integration in GNOME Shell needs some serious work.
So I went a couple weeks where I rarely ever logged into freenode, using only the KiwiIRC web client when I needed to join for something specific, like for a meeting or to contact a specific person. Now, KiwiIRC is actually pretty nice and functional, but a web client doesn’t really meet my needs for daily use. In the end, I settled on connecting to freenode via Igalia’s Matrix server. Yes, I’m using Riot and, yes, that’s another web client, but I have to use it anyway, so it’s no difference to me. Now, Matrix seems to be a really nice chat protocol, and Riot is at least decent as a Matrix client, but it is an extremely terrible IRC client. For one, there’s no way to tell who is online outside your own Matrix server. Seriously. (Why so many people are using it to access GIMPNet, I have no clue.) So I still log in to KiwiIRC whenever I need to check if someone is online on freenode, while continuing to connect to GIMPNet from Empathy, because — and I never thought I’d say this — Empathy at least works properly. This is a very poor solution, but it’s a worthwhile tradeoff for me to be able to use Private Internet Access. It also allows me to avoid the disastrous non-bug where Matrix silently drops any private messages that a non-authenticated IRC user sends to a Matrix bridge user on freenode. (Silently!) I’m told this is an intentional anti-spam feature, but I think it’s totally unacceptable. It just sounds to me like maybe Matrix should not be in the business of bridging to IRC at all, if it can’t figure out how to handle PMs. I’m not sure I’ve ever experienced any PM spam. But anyway, this is supposed to be a blog post about Private Internet Access, not a rant about Matrix’s IRC bridge, so that’s enough complaining about that.
Conspiracy Theory
So besides the fact that IRC is terrible, I’m pretty satisfied with Private Internet Access. You have to trust it, though. It’s not often that relatively small companies decide to spend tens of thousands of dollars sponsoring free software projects like GNOME. (Private Internet Access does that!) For all we know, it could be run by the NSA, seeking to gobble up the web browsing history of people who think they have something to hide, and donating to free software because it knows that free software users will recommend the service to more people. That’s a totally-unsubstantiated claim that I just made up and for which I have zero evidence to support, but I don’t know, and you don’t know, and that’s the point. You have to trust it. Or at least, you have to trust it relative to the level of trust you have in your ISP. But you probably shouldn’t trust your ISP, at least not if it’s a national company, so that makes Private Internet Access an easy choice for me.
Update: Read the first comment below. What on Earth is going on?
Have you had a look at this thread?
https://www.privateinternetaccess.com/forum/discussion/23838/warning-pia-data-centers-odd-ip-changes
TL;DR
Your trust may not be justified.
Wow! That took a while to read. I don’t know what’s going on here, and I certainly don’t have enough technical knowledge to know what to make of it. But it sure looks like something shady is going on, doesn’t it?
Why does PIA claim to own a bunch of companies that it does not seem to actually own, including a shell company that doesn’t seem to exist? Why would they lie about this? Why is there nobody from corporate present to respond to these accusations, which seem more credible that the statement from PIA? Why don’t they have anyone with technical expertise present to respond to bgxsec’s technical complaints? Where are their public relations staff, just letting this blow up in their forums over the course of several days without properly responding to it?
It’s also disappointing to see a huge number of users complaining about poor customer service in the forums, still not getting any response from customer service, and especially right after PIA says it has hired more customer service staff.
About trust…
Here in France we have regional, associative ISPs. They are non-profit orgzanizations, run by and for their members.
They provide VPNs you can layer above your regular Internet connection at home, or they can even be your ISP and provide you the connection (which obviously goes through their VPN).
They tend to be more pricy than regular ISPs. However, when using their service, you become a member of the NPO. And as a member, the NPO has a legal obligation to let you know about what it is doing, including if the government asks them to spy on you.
I don’t know if this exists where you live, or even whether the legislation would enable something like this to exist.
But I’m very glad they do exist here, and I’m looking forward to my VPN (which I should get very shortly) from the local NPO. :)
(Note: this is not meant to bash on PIA, I had never even heard about them before your blogs on this topic, for all I know they are a very respectable company providing a great service)
For email you should try Thunderbird if Geary comes a little short on functionality. I almost never used Epiphany for real mail productivity because it’s really that resource and network intensive, but Thunderbird is ok even on low-specs machines (provided that you use it almost exclusively it can run on a 1GB machine for gigabytes of mail with a lot of folders). Use embedded automatic archiving to speed up large folders.
Of course I was talking about Evolution, don’t know why I wrote Epiphany… :(
Both are extremely terrible IRC client. Polari may be very pretty, that doesn’t make up for the fact that it is bad.
Membership synchronisation (as it’s called) is a bridge setting, so if you can’t see who’s online on freenode via the Igalia Matrix server, go complain to the Igalia Matrix bridge to freenode admin. Seriously.
I moved away from IRC to Matrix because it was not IRC. It was about time something like Matrix came along. I see the bridge to GIMPNet as a way to make do with the fact that some will want to stick to their antiquated protocol. So no, I don’t really use Matrix to access GIMPNet. I use Matrix to communicate with the GNOME community and it just happens that part of it is stuck on that remnant of the past that GIMPNet is. Why so many people keep using IRC, I have no clue.
That is a legitimate complaint, especially the fact that it’s silent. PM spam however seems to be a very common issue on freenode. I have not experienced it but I have no trouble believing it for a network as big as theirs. That doesn’t excuse the bad behaviour but it should be taken into account.
Our configuration is the same as on matrix.org, where membership sync is also disabled. See https://github.com/matrix-org/matrix-appservice-irc/issues/411
Tried Revolt as a Matrix client?