I’d prefer to get a VPN to avoid the risk of my internet getting shut down, but I’m not aware of what the options for Linux are. I figured this would be a good place to ask.
I didn’t see anything about not keeping logs (please correct me if I just missed it). Also, they don’t have any built-in DNS protection, and it’s expensive at $8.34usd/month.
It’s an interesting idea to stratify your VPN and force individual apps to bind to their own tunnels, but seems like a lot of extra setup for little payoff, and if you can’t be certain they’re not keeping logs, there’s little benefit to having multiple VPN connections vs one.
Please, feel free to correct me if I’ve misunderstood something.
They do have built in DNS protection, it’s just not DNS servers controlled by them. You can pick presets from AdGuard, Cloudflare, etc. Or, use your own.
Regarding logging, I’m not sure I understand entirely how it’s relevant to a service such as SPN. Have you used Tor and wondered if the nodes are logging? SPN is also an onion router. So, the exit node will not know your origin, even if they are logging. Of course, we could go down rabbit holes about speculative traffic correlation and/or timing attacks, but that’s a separate discussion. A large portion of the SPN network is also community operated nodes.
SPN nodes can also be run by anyone without needing a large investment of staked cryptocurrency, unlike another onion router Lokinet. This lowers the barrier to entry for a more diverse number of community contributed nodes to SPN.
These aren’t necessarily multiple VPN connections. Instead, every network request is sprayed across the SPN network based upon your desired number of hops and other settings. This means one app might see you as being in Iceland while another in Australia, etc. It bounces every connection around the network. If someone were trying to track you, it’d make it just a little more difficult than a static location connection with a traditional VPN.
How is network speed? Even with a multihop VPN, each hop degrades the speed. If it’s operating like the Tor network, I would expect that it would experience the same kind of speed degradation.
And speaking of multihop, I wonder what extra benefit you’d get from a service like SPN and a VPN that offers multihop…?
Not trying to piss on your suggestion, just trying to scrutinize the benefits.
Also, if you’re worried about logging, you could set up a bulletproof, anon VPS you paid for in cash/crypto from a host who doesn’t KYC. Then, set it as a community node, and then configure Portmaster to only accept your SPN entry node as your own VPS. That way, you can know that when you enter the SPN it’s through a VPS you’ve ensured isn’t tied to your identity, doesn’t log, and is your starting point before being routed through other random locations.
SPN has a maximum of 3 hops (same as Tor), unlike Proton, IVPN, Nord, etc that do a dual-VPN, multihop, whatever you want to call it, with only 2 hops.
I’ve added 2 additional hops via hardware network infra through VPN chaining and I still achieve upwards of 150mbps down on a 1gbps connection with a total of 5 hops. So, I feel the speed achieved considering so many hops is pretty amazing. Of course, depending on the locations routed, may have high ms ping.
Even if you just purchase 1 month, the worst case scenario is you’ve lost $8. The best case scenario is you’ve found your new fav open-source Linux network manager with an onion router like me.
I can also vouch for PIA’s cost vs. performance, but their prices have risen recently (still cheaper than most), and I also learned the other day that they’re now owned by Kape Technologies, a company that used to do bloat/malware development to do shady data mining.
I’m actually considering switching to AirVPN or Mozilla VPN/Mullvad, despite being a longtime customer, just for the peace of mind. Also, if you buy the three year plan of AirVPN, it’s cheaper than PIA.
And, PIA still doesn’t offer a standalone WireGuard configuration file, despite promising it was in the works a few years ago, and that’s been a stick in my craw when trying to set it up the way I want on Bazzite Linux.
hey’re now owned by Kape Technologies, a company that used to do bloat/malware development to do shady data mining.
not a new thing. been that way fr years nw. sucsk but there apps are stlll foss (on github), still 3rd pary audite, and ii still havent been sued for downlodaing shit lpl
an they have wg. but you neeed to clone their git repo and run some shit to generate it. i wish it was just a simple conf file like ovpn but something about auth token i think. idr
I used the free version of Proton for a while, but when I decided to start paying I went with Surfshark. They were the best deal at the time and their client works well with the Windows, Android and Linux devices I have used it on. I have encountered some annoying “prove you are human” prompts when using Google Search so I mostly use DuckDuckGo.
I’m a Proton slave, all my eggs are in their basket so I’ll go ahead and provide some free marketing for them. ProtonVPN is pretty good since it’s ran by a good company that cares about you, getting Port Forwarding setup on Linux is a bit of a chore but I believe they’re working on automating it, the Windows app does have it automated already by the way.
I do worry about the long-term practicality of ProtonVPN because of this manual process, since as far as I can tell there’s no way to automatically hand your assigned port to the torrent client…
I’m not sure if their app does it. But the gluten docker container supports their port forwarding. Works really well if you’re looking to route other containers through a VPN.
Proton and Mullvad have the best privacy record, but I want to suggest a different tool. VPNs are really only useful for tunneling and adding an extra layer of anonymity, there’s no total assurance they won’t rat on you or get breached.
Real-Debrid is a way to torrent without risking ISP shutting down. Other debrid services exist, I just prefer real-debrid. The debrid service does the illegal part and you download over high speed. It’s also more available since you can think of it like a very large scale seedbox. There’s also implementation for most media center apps.
Pick one that has a wireguard config generator, so you don’t need to use any client software besides the normal linux wg client.
I’d also look for one that accepts anonymous payment methods. Even if you don’t intend to go to the trouble to use that yourself, it’s probably a good sign if it’s available. Mullvad is pretty safe and served me well until they stopped doing port forwarding. Proton, windscribe, azire, and airvpn were the ones that seemed most recommended when I went to look for a new one a few months ago.
As you may read elsewhere, Mullvad and ProtonVPN are the go-to for many people. But what Linux distro are you running? both of them don’t have an OFFICIAL client for Arch, you can install them from the AUR though but I read the from proton rep in reddit that they don’t recommend these packages as they’re handled by the community.
Proton and mullvad are the two best options I know of.
Pretty much any VPN provider is usable on Linux though, network manager can handle wireguard or openvpn configs just fine. Your biggest concern should be trustworthiness.
The only VPNs which are not owned by marketing companies are Mullvad and Proton. The largest VPNs are owned by Kape Technologies, renamed because their prior company name distributed malware, whose top people are former Israeli military, so I wouldn’t trust them as far as I could throw them. I would never use a free VPN except for Proton, and Proton’s paid VPN has a lot more nodes and features.
That only benefits the Mozilla Foundation and not the Cooperation who is responsible for developing Firefox. If you want your money to be used for Firefox, then you need to spending it towards the Cooperation AFAIK.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !piracy@lemmy.dbzer0.com
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Safing.io portmaster with SPN. It’s better than any of the other recommendations so far.
I didn’t see anything about not keeping logs (please correct me if I just missed it). Also, they don’t have any built-in DNS protection, and it’s expensive at $8.34usd/month.
It’s an interesting idea to stratify your VPN and force individual apps to bind to their own tunnels, but seems like a lot of extra setup for little payoff, and if you can’t be certain they’re not keeping logs, there’s little benefit to having multiple VPN connections vs one.
Please, feel free to correct me if I’ve misunderstood something.
They do have built in DNS protection, it’s just not DNS servers controlled by them. You can pick presets from AdGuard, Cloudflare, etc. Or, use your own.
Regarding logging, I’m not sure I understand entirely how it’s relevant to a service such as SPN. Have you used Tor and wondered if the nodes are logging? SPN is also an onion router. So, the exit node will not know your origin, even if they are logging. Of course, we could go down rabbit holes about speculative traffic correlation and/or timing attacks, but that’s a separate discussion. A large portion of the SPN network is also community operated nodes.
SPN nodes can also be run by anyone without needing a large investment of staked cryptocurrency, unlike another onion router Lokinet. This lowers the barrier to entry for a more diverse number of community contributed nodes to SPN.
These aren’t necessarily multiple VPN connections. Instead, every network request is sprayed across the SPN network based upon your desired number of hops and other settings. This means one app might see you as being in Iceland while another in Australia, etc. It bounces every connection around the network. If someone were trying to track you, it’d make it just a little more difficult than a static location connection with a traditional VPN.
Hope this helps and you give it a try.
How is network speed? Even with a multihop VPN, each hop degrades the speed. If it’s operating like the Tor network, I would expect that it would experience the same kind of speed degradation.
And speaking of multihop, I wonder what extra benefit you’d get from a service like SPN and a VPN that offers multihop…?
Not trying to piss on your suggestion, just trying to scrutinize the benefits.
Also, if you’re worried about logging, you could set up a bulletproof, anon VPS you paid for in cash/crypto from a host who doesn’t KYC. Then, set it as a community node, and then configure Portmaster to only accept your SPN entry node as your own VPS. That way, you can know that when you enter the SPN it’s through a VPS you’ve ensured isn’t tied to your identity, doesn’t log, and is your starting point before being routed through other random locations.
SPN has a maximum of 3 hops (same as Tor), unlike Proton, IVPN, Nord, etc that do a dual-VPN, multihop, whatever you want to call it, with only 2 hops.
I’ve added 2 additional hops via hardware network infra through VPN chaining and I still achieve upwards of 150mbps down on a 1gbps connection with a total of 5 hops. So, I feel the speed achieved considering so many hops is pretty amazing. Of course, depending on the locations routed, may have high ms ping.
Even if you just purchase 1 month, the worst case scenario is you’ve lost $8. The best case scenario is you’ve found your new fav open-source Linux network manager with an onion router like me.
PIA for cheap service
I can also vouch for PIA’s cost vs. performance, but their prices have risen recently (still cheaper than most), and I also learned the other day that they’re now owned by Kape Technologies, a company that used to do bloat/malware development to do shady data mining.
I’m actually considering switching to AirVPN or Mozilla VPN/Mullvad, despite being a longtime customer, just for the peace of mind. Also, if you buy the three year plan of AirVPN, it’s cheaper than PIA.
And, PIA still doesn’t offer a standalone WireGuard configuration file, despite promising it was in the works a few years ago, and that’s been a stick in my craw when trying to set it up the way I want on Bazzite Linux.
not a new thing. been that way fr years nw. sucsk but there apps are stlll foss (on github), still 3rd pary audite, and ii still havent been sued for downlodaing shit lpl
an they have wg. but you neeed to clone their git repo and run some shit to generate it. i wish it was just a simple conf file like ovpn but something about auth token i think. idr
Anything that’s openvpn compatible will work but requires some setup
The story of Linux in a few words.
Every OS requires setup.
windows just does it for you, sometimes poorly. never used a mac so idk there
From the one time I tried MacOS in a VM, setup is similar to Windows with somehow even fewer options and stronger 1984 vibes.
Windows 11 and needing a Microsoft account to install enters chat.
And yes, I know there is a work-around, which I’ve used, but it requires CLI commands to restart the OOBE/install.
At least you can use Windows without an account, on MacOS you can’t even install an app without one I don’t think.
Just to be clear, I hate both of them, I’m a Linux user.
Nope, you must create a user account for Windows. Creating a local (non-MS online account) requires the extra steps.
I used the free version of Proton for a while, but when I decided to start paying I went with Surfshark. They were the best deal at the time and their client works well with the Windows, Android and Linux devices I have used it on. I have encountered some annoying “prove you are human” prompts when using Google Search so I mostly use DuckDuckGo.
I have the same issue when I’m on PIA VPN. Like you I just use DuckDuckGo.
Think that is just a Google thing. I took, got sick of it and use Duckduckgo instead.
same. searx.be anohter good one
im having very good results with proton/openvpn using gluetun
I use Proton VPN to bypass censorship. Use Remote Torrenting for torrent.
I’m a Proton slave, all my eggs are in their basket so I’ll go ahead and provide some free marketing for them. ProtonVPN is pretty good since it’s ran by a good company that cares about you, getting Port Forwarding setup on Linux is a bit of a chore but I believe they’re working on automating it, the Windows app does have it automated already by the way.
I do worry about the long-term practicality of ProtonVPN because of this manual process, since as far as I can tell there’s no way to automatically hand your assigned port to the torrent client…
removed by mod
I’m not sure if their app does it. But the gluten docker container supports their port forwarding. Works really well if you’re looking to route other containers through a VPN.
removed by mod
Proton and Mullvad have the best privacy record, but I want to suggest a different tool. VPNs are really only useful for tunneling and adding an extra layer of anonymity, there’s no total assurance they won’t rat on you or get breached.
Real-Debrid is a way to torrent without risking ISP shutting down. Other debrid services exist, I just prefer real-debrid. The debrid service does the illegal part and you download over high speed. It’s also more available since you can think of it like a very large scale seedbox. There’s also implementation for most media center apps.
Real Debrid Link
I’ve never heard of this before, and it sounds interesting after a cursory search online. Why the downvotes?
People get weird about VPNs. I think it’s the way that they’re marketed as security solution which is not really true these days.
Mullvad has an open source client. It can also be set up usung OpenVPN too.
Bear in mind they don’t have Port Forwarding anymore.
They also have Shadowsocks proxies and SSH tunneling to help circumvent some blocking.
Pick one that has a wireguard config generator, so you don’t need to use any client software besides the normal linux wg client.
I’d also look for one that accepts anonymous payment methods. Even if you don’t intend to go to the trouble to use that yourself, it’s probably a good sign if it’s available. Mullvad is pretty safe and served me well until they stopped doing port forwarding. Proton, windscribe, azire, and airvpn were the ones that seemed most recommended when I went to look for a new one a few months ago.
As you may read elsewhere, Mullvad and ProtonVPN are the go-to for many people. But what Linux distro are you running? both of them don’t have an OFFICIAL client for Arch, you can install them from the AUR though but I read the from proton rep in reddit that they don’t recommend these packages as they’re handled by the community.
Proton and mullvad are the two best options I know of.
Pretty much any VPN provider is usable on Linux though, network manager can handle wireguard or openvpn configs just fine. Your biggest concern should be trustworthiness.
deleted by creator
Proton supports port forwarding, although setup on Linux is weird.
You also don’t need port forwarding for bittorrent. It is helpful, but I haven’t used it myself for years.
Works fine with Gluetun!
The only VPNs which are not owned by marketing companies are Mullvad and Proton. The largest VPNs are owned by Kape Technologies, renamed because their prior company name distributed malware, whose top people are former Israeli military, so I wouldn’t trust them as far as I could throw them. I would never use a free VPN except for Proton, and Proton’s paid VPN has a lot more nodes and features.
I know this is an old comment I’m replying to, but what about AirVPN? They don’t seem untrustworthy and/or a honeypot.
Are they? :/
Also lesser known PrivateVPN has no ties to marketing companies. Supports port forwarding, Wireguard, decent price, and is no log.
Been using them for years without complaints.
deleted by creator
Windscribe is based out of Toronto.
well i sometimes use urban vpn, because it has Bulgarian servers
Mozilla’s VPN is just reselling Mullvad, so you can support Mozilla and use Mullvad at the same time if you like.
That’s good to know!
If you want support Mozilla then go to their donation page and send them money directly
That only benefits the Mozilla Foundation and not the Cooperation who is responsible for developing Firefox. If you want your money to be used for Firefox, then you need to spending it towards the Cooperation AFAIK.
I’m a Proton die hard but I hear their Linux VPN client is lacking. I use all of their products but not on Linux.
You don’t really need a client unless you want to do something fancy like port forwarding which they don’t support anyway
I have not had a problem using ProtonVPN on Linux.
Mullvad if you’re a stickler for privacy.
And when so such, pay in Monero.
I just use Mullvad with wireguard, not very hard to setup.