tbh I don't think they exist. And I'm, like, half okay with that - it's entirely justified paranoia, bad actors of all skill levels undeniably exist and they hide successfully for many years, but I do believe good actors exist. It's why I chose mullvad.
At best you have stuff like attestation... but we all know those have a long history of being flawed and are subject to loads of side channels that can't be attested against. Plus VPNs are such a honeypot in every conceivable way that TONS of state-actor-level efforts are entirely reasonable, and that could easily include cheating on basically all attestation systems imaginable. We're just kinda stuck trusting history and lack of public leaks / correlated actions / whistleblowers IMO.
Or, frankly, the Mozilla partnering counts for a lot to me. I won't use their setup because it doesn't have non-vpn-app options, but they're a group I mostly trust to have people's safety at heart.
Personally, stuff like Tor (where by construction you only need to touch a couple good actors to be reasonably secure, and anyone can contribute) is about the only mostly-actually-trustworthy kind of system. You can expect malicious actors to participate there, and still have a reasonable level of privacy, particularly if you check a few personally (which is feasible because anyone can contribute). Tor and similar have plenty of issues, but structurally they're much more sound by design than any centralized VPN can ever be. Now if only they were even a tiny fraction as usable...
At best you have stuff like attestation... but we all know those have a long history of being flawed and are subject to loads of side channels that can't be attested against. Plus VPNs are such a honeypot in every conceivable way that TONS of state-actor-level efforts are entirely reasonable, and that could easily include cheating on basically all attestation systems imaginable. We're just kinda stuck trusting history and lack of public leaks / correlated actions / whistleblowers IMO.
Or, frankly, the Mozilla partnering counts for a lot to me. I won't use their setup because it doesn't have non-vpn-app options, but they're a group I mostly trust to have people's safety at heart.
Personally, stuff like Tor (where by construction you only need to touch a couple good actors to be reasonably secure, and anyone can contribute) is about the only mostly-actually-trustworthy kind of system. You can expect malicious actors to participate there, and still have a reasonable level of privacy, particularly if you check a few personally (which is feasible because anyone can contribute). Tor and similar have plenty of issues, but structurally they're much more sound by design than any centralized VPN can ever be. Now if only they were even a tiny fraction as usable...