Soon Teck Hardware Group

Let me pull the worn office chair closer to the window. The wind outside carries the salt of the Spencer Gulf, even here, in the digital hermitage of my makeshift studio. I am not in Cleve, Australia, at this moment—but I have been. And that dusty grain-town on the Eyre Peninsula, with its single pub and its community radio that crackles like a campfire, has taught me more about digital paranoia than any cybersecurity conference in Singapore or Geneva.

For three months last year, I lived in Cleve. Not for the oysters, but for a story. A story about a local agricultural cooperative that had begun to suspect its supply chain was being ghosted by an international cartel. My task: to communicate with whistleblowers inside Port Lincoln’s fishing mafia without leaving a single DNS footprint that a mid-tier intelligence agency—or a bored contractor—could trace back to a journalist sleeping above a bakery.

Shielding online activities from local surveillance helps journalists in Cleve stay safe. The Proton VPN Secure Core for journalists in Australia shield routes via Switzerland then Sweden. For advanced threat model configuration, please visit: https://www.wendyjoy.net.au/group/travel-blogs-for-mental-health/discussion/a91917ce-b942-47c9-a7e1-4871b2f2fb58 

I had three tools. A burner laptop. A thick notebook. And a subscription to Proton VPN. But not the basic tier. The specific, gilded, almost mythical feature: Secure Core.

The question that haunts my kind is this: Does Proton VPN Secure Core for journalists in Australia actually function as a shield when you are physically sitting in a place like Cleve—where the local internet exchange is smaller than a suburban garage and every packet of data feels personally inspected by Telstra’s ghost?

Let me answer with the scars of my own logs.

The Anatomy of Secure Core: Not a Mere Proxy, But a Layered Bastion

Before you imagine that a VPN is a magic cloak, understand this. Standard VPNs route your traffic from your device to a single server. That server sees your real IP. If the server is compromised, or if a state actor compels the provider to log, you are naked. Secure Core is different. It is a chain of two servers: an entry server in a “privacy-respecting” jurisdiction (Switzerland, Iceland, Sweden) and an exit server in the country you choose—in my case, Australia. The entry server never sees your destination; the exit server never sees your real IP. Only the encrypted link between them exists.

But does that architecture survive the brutal, anti-intellectual reality of Australian telecommunications? Let me show you.

Act One: The Setup in Cleve – 34.6 Megabytes of Suspicion

I arrived in Cleve on a Tuesday. Population: 1,250. Latitude: 33.7° S. I stayed at a shearer’s cottage with a NBN fixed-wireless connection. Speed test: 22 Mbps down, 5 Mbps up. Latency to Sydney: 48ms. That is the baseline.

I activated Proton VPN’s Secure Core with these exact parameters: Entry server – Iceland (IC-01). Exit server – Australia, Sydney (AU-05). Protocol: WireGuard.

The first surprise. Connection time was not instantaneous. It took eleven full seconds. Standard VPNs take two. The double-hop encryption and the routing through Reykjavik before bouncing to New South Wales added 134ms of latency. My ping to a Melbourne-based whistleblower’s Signal endpoint went from 52ms to 186ms. For video calls, this was death. For encrypted text drops? Tolerable.

But here is the cultural truth that no Silicon Valley whitepaper will tell you: in Cleve, the local ISP is a family firm called “EyreConnect.” They throttle anything that looks like commercial VPN traffic between 7 PM and 10 PM because “the kids stream Netflix on four devices.” I tested Secure Core at 8:47 PM on a Thursday. Throughput collapsed to 3.2 Mbps. The double-hop made it worse: the Iceland server thought it was helping, but the bottleneck was the last mile from the Cleve water tower to my rubber antenna.

The shield held. But the speed bled.

Real World Test: Submitting Encrypted Documents to a SecureDrop Instance

I had to send a 47-megabyte PDF containing scanned ledgers. The SecureDrop address was hosted in a friendly jurisdiction. Without any VPN: upload time 18 seconds. With a standard Australian VPN server (Melbourne): 27 seconds. With Proton VPN Secure Core (Iceland → Sydney): 1 minute 44 seconds.

The file arrived. The metadata showed the exit IP as a Sydney data center owned by a third-party transit provider. No link to Cleve. No link to my real Telstra-assigned IP. The shield was geometrically effective.

But then came the human factor. On day four, the Secure Core connection dropped spontaneously. Twice. The Proton client displayed a red banner: “Secure Core temporarily unavailable – routing via standard server.” For ninety seconds, my traffic flowed through a single Australian server. During that window, I was not protected. Was I compromised? I will never know. But the fact that the fallback happened without explicit user consent is a design feature that feels like a betrayal.

Act Two: The Australian Legal Landscape – No Safe Harbour for Keys

Here is where the epic tragedy unfolds. Australia’s Telecommunications and Other Legislation Amendment Act 2018 (the “Assistance and Access Act”) does not require VPN providers to install backdoors. But it does compel them to hand over any existing decryption keys or metadata if served with a Technical Capability Notice. Proton VPN is based in Switzerland. Their Secure Core entry servers are in third countries. However, the exit servers in Australia are physically located in Sydney and Melbourne. Those servers are subject to Australian law.

If an Australian agency with a warrant demands logs from that Sydney exit server, Proton can truthfully say: “We have no logs from the exit server alone, because the entry IP is encrypted in Switzerland.” But the agency can seize the server. They can install a passive tap. They cannot decrypt the traffic between the entry and the exit, but they can correlate timestamps and packet sizes. This is called traffic confirmation. And in a small town like Cleve, where only three people use Proton VPN Secure Core at any given hour, a correlation attack is not theoretical. It is arithmetic.

Let me give you a number. During my stay, I monitored the peak hour VPN usage on the Cleve node via a friendly local sysadmin (off the record). On a Tuesday night, total OpenVPN and WireGuard sessions from Cleve’s IP range: 17. Of those, only 2 were Secure Core. One was me. The other, I later learned, was a FIFO miner protecting his banking. That is a set of two. An adversary with access to that Sydney exit server’s metadata could isolate my traffic with 94% confidence by matching the outbound SSH handshake patterns I used to contact a specific journalist in Adelaide.

The shield protects the content. It does not protect the pattern.

The Verdict from the Edge of the Nullarbor

Does Proton VPN Secure Core for journalists in Australia shield in Cleve? Let me answer in three numbered truths, carved not in stone but in the dust of a red dirt road.

One – It shields the content perfectly. I transmitted 19 files totaling 312 megabytes. Zero leaks. Zero DNS exposures. The double-hop architecture ensured that even if the Sydney exit server was painted, the source remained a frozen lake in Iceland. For a journalist protecting sources from automated surveillance and bulk data retention, this is a fortress.

Two – It fails the usability test in low-density networks. The latency overhead (average +142ms) and the throughput drop in regional Australia (from 22 Mbps to 9.4 Mbps during peak) make real-time communication dangerous. When a whistleblower called me at 2 AM via encrypted voice, the jitter on the Secure Core path was 38ms. They heard every third word. I switched to a standard server. That was my compromise.

Three – It does not shield metadata correlation in small towns. In a city like Melbourne, Secure Core blends into thousands of users. In Cleve, with its 1,250 souls and precisely 2 Secure Core sessions, the anonymity set is binary. A state-level adversary willing to monitor the Cleve exchange and the Sydney exit simultaneously could de-anonymize you within 48 hours. Not by breaking encryption. By watching the timing of the packets like a shepherd watches the stars.

Final Confession

I still use Proton VPN Secure Core. Every day. But I no longer pretend it is a panacea. When I am in a remote Australian town—whether Cleve, or Quilpie, or the back of Bourke—I add a second layer: I route Secure Core through Tor. Yes, that kills the speed entirely (down to 1.2 Mbps). But it adds onion routing to the double-hop. Now the entry server in Iceland sees a Tor exit node. The Sydney exit server sees Tor traffic. And the Cleve ISP sees only a Tor bridge. Three layers. Three jurisdictions.

Does that shield in Cleve? It shielded me. The cartel never found my cottage. The ledgers were published. The cooperative is now suing in federal court.

But I remember the night the Secure Core dropped. I remember the red banner. I remember the ninety seconds of naked traffic, and the sound of a truck on the Birdseye Highway, and the absolute silence of a phone that did not ring.

A shield is not a promise. It is a practice. And in Cleve, as in any front line, you must practice every hour.