As a linux user you should know that all VPN companies are as trustworthy as a chronic liar, and therefore not rely on one. So it doesn’t matter that they don’t support Arch, really. And even good that they don’t support Tails.
I hear I2P had a lot of potential, but also a lot of issues. Haven’t checked up on that project in a bit. I know it was a BITCH to set up when I tried plinking with it some years ago.
So TOR (despite the latency/speed issues and its own security concerns) is still probably about as good as it gets.
Kinda get the vibe that guy I’m replying to is asking for the times when its actually needed. If I’ve got the wrong mark there and they’re looking for daily driving, then Mullvad VPN (or comparable) is probably the better way to go.
Yeah, Mullvad seems to have done the most to prove that they’re not harvesting your data. You still have to trust them, but there’s evidence that they’re trying.
Yea, i2p is slightly more involved than just starting up tor browser, but its not that bad. The real problem for this case is that it doesnt have exit nodes built into the protocol, so getting to the internet is a bit harder.
So, if I recall correctly, I had to set up a device as an i2p server (seems like they were super light weight and you could configure your phone to do it) and then you could use your browser of choice with the “i2p server” as a proxy.
Its my understanding that each of the “i2p servers” acted as both an entry point and an exit point. That is to say, while my traffic entered the network there, there were other people’s traffic that could be routed through and/or exit via my server.
Yep, almost. Every* i2p node also acts as a relay, which not only helps the network, but also your anonymity, by drowning out your traffic. It however only does this inside the network, it doesnt work like an exit node.
By default, it does run a proxy, so that you can access i2p addresses using a browser set up to use it. It also lets you use the proxy to access the internet over i2p, but you have to choose an exit node manually (tho iirc there is one set up as default, which is fairly centralized, but still should be anonymous thanks for the rest of the network). A slight difference from Tor is also that these are protocol level proxies, so you will for example not be able to connect to a clearnet ssh server over these.
A VPN introduces a new party who can harvest your data. It doesn’t avoid IP tracking, it just shifts it from your ISP to another entity.
You have to trust that your VPN provider’s claims of no logging/tracking are accurate, you can usually get fairly confident with research but it’s never 100%.
Edit: to clarify, I’m not trying to dissuade VPN use. It’s a still a great choice.
a foreign commercial company is the safer choice compared to ur local isp who is bound to handover ur data to ur government if they ask for it. plus there are plenty of good vpn providers who can be considered credible due to third party audits and them being open source
A VPN is still a good choice, in fact if you setup your own VPN on a VPS that is an even safer choice because then you (sorta) control the certificate used for encryption. True, your hosting provider could still obtain that cert if they really wanted to, and they still have the data on your IP using it and for how long / how much, but it would make obtaining your data a targeted attack.
But there are cons to setting up your own, such as misconfiguration exposing you, or just the setup time in general.
Would prefer a random non transparent proxy for that. Or just only use IPv6, and have your router rotate that every so often. And, of course, minimize traffic to bad websites.
Kinda misphrased, I didn’t want to call out you specifically, I don’t think you’d be stupid enough to fall for VPN companies, that was more of a general statement to/about all linux users :3
As a linux user you should know that all VPN companies are as trustworthy as a chronic liar, and therefore not rely on one. So it doesn’t matter that they don’t support Arch, really. And even good that they don’t support Tails.
Mullvad is pretty good
Arch users, by definition, roll their own Wireguard networks
Of course, I need to access my two different networks from anywhere anyway. And then I can also force all traffic through random proxies.
K so what should I be doing instead
Just use mullvad
Probably TOR.
I hear I2P had a lot of potential, but also a lot of issues. Haven’t checked up on that project in a bit. I know it was a BITCH to set up when I tried plinking with it some years ago.
So TOR (despite the latency/speed issues and its own security concerns) is still probably about as good as it gets.
deleted by creator
Completely agree.
Kinda get the vibe that guy I’m replying to is asking for the times when its actually needed. If I’ve got the wrong mark there and they’re looking for daily driving, then Mullvad VPN (or comparable) is probably the better way to go.
Yeah, Mullvad seems to have done the most to prove that they’re not harvesting your data. You still have to trust them, but there’s evidence that they’re trying.
Yea, i2p is slightly more involved than just starting up tor browser, but its not that bad. The real problem for this case is that it doesnt have exit nodes built into the protocol, so getting to the internet is a bit harder.
So, if I recall correctly, I had to set up a device as an i2p server (seems like they were super light weight and you could configure your phone to do it) and then you could use your browser of choice with the “i2p server” as a proxy.
Its my understanding that each of the “i2p servers” acted as both an entry point and an exit point. That is to say, while my traffic entered the network there, there were other people’s traffic that could be routed through and/or exit via my server.
Am I wrong on that assessment?
Yep, almost. Every* i2p node also acts as a relay, which not only helps the network, but also your anonymity, by drowning out your traffic. It however only does this inside the network, it doesnt work like an exit node.
By default, it does run a proxy, so that you can access i2p addresses using a browser set up to use it. It also lets you use the proxy to access the internet over i2p, but you have to choose an exit node manually (tho iirc there is one set up as default, which is fairly centralized, but still should be anonymous thanks for the rest of the network). A slight difference from Tor is also that these are protocol level proxies, so you will for example not be able to connect to a clearnet ssh server over these.
*https://geti2p.net/en/about/restrictive-countries
Interesting.
It looks I was close on my understanding, but not quite there. Lol, guess I’ll need to bust this back open.
For most people, using https and dns over https (DoH) is probably all that’s needed.
It say TailOS, not Tails though.
deleted by creator
A VPN introduces a new party who can harvest your data. It doesn’t avoid IP tracking, it just shifts it from your ISP to another entity.
You have to trust that your VPN provider’s claims of no logging/tracking are accurate, you can usually get fairly confident with research but it’s never 100%.
Edit: to clarify, I’m not trying to dissuade VPN use. It’s a still a great choice.
a foreign commercial company is the safer choice compared to ur local isp who is bound to handover ur data to ur government if they ask for it. plus there are plenty of good vpn providers who can be considered credible due to third party audits and them being open source
I mean, I know for a fact I shouldn’t trust my scumbag ISP. Most people fall into that camp here in the US.
What are the alternatives? I feel tor might be good, but I don’t want to overload the n/w with 1080p FreeTube videos.
A VPN is still a good choice, in fact if you setup your own VPN on a VPS that is an even safer choice because then you (sorta) control the certificate used for encryption. True, your hosting provider could still obtain that cert if they really wanted to, and they still have the data on your IP using it and for how long / how much, but it would make obtaining your data a targeted attack.
But there are cons to setting up your own, such as misconfiguration exposing you, or just the setup time in general.
The vpn use case is mostly when you have an internet provider that is actively monitoring you or accessing blocked content
The main use for VPN services is torrenting without getting nasty letters from your ISP.
You’re only shifting the tracking from your ISP and the target server to the VPN company, which is just as likely to talk.
deleted by creator
Would prefer a random non transparent proxy for that. Or just only use IPv6, and have your router rotate that every so often. And, of course, minimize traffic to bad websites.
What if your isp is stuck in the early 2000s and doesn’t support ipv6?
The same should work IPv4. Afaik it’s easier to rotate the IPv6 tho.
Some ISPs don’t allow you to manually notate ipv4 addresses. I once had a plan that would rotate daily. It’s been long discontinued.
I know, I don’t even know why I was on the site lol.
Kinda misphrased, I didn’t want to call out you specifically, I don’t think you’d be stupid enough to fall for VPN companies, that was more of a general statement to/about all linux users :3
Yeah
Hosting vpn in cloud is the way to go, I guess?