56
Which VPN should I use? (hexbear.net)
submitted 1 day ago by FALGSConaut@hexbear.net to c/technology@hexbear.net
43 comments fedilink hide all child comments

I need a new vpn and don't know which one I should get, any recs?

top 43 comments
sorted by: hot top controversial new old
[-] hello_hello@hexbear.net 18 points 1 day ago* (last edited 1 day ago)

The only point of a commercial VPN is to do peer-to-peer without exposing your home IP address. If you are into Proton and their suite of services than you can get ProtonVPN but don't expect anything else since Proton is NATO-aligned, otherwise you can get AirVPN which does sales yearly (I got 6 months for only $15). The other use of VPNs is geo-spoofing (aka: using Netflix under a VPN to get access to other content), but I can't speak on that, Mullvad might be a good option since it sports a lot of server locations.

Avoid any VPN that requires an email account/personal details up front, it's likely a Israeli shell company (no youtuber sponsored vpns, they all suck).

If you want to use a VPN for home server stuff then you should look into Tailscale since they have a free tier for personal use (connecting to your home server while outside the network).

Otherwise, there are more useful things you can do to improve your security instead of using a VPN:

  • Use a libre web browser: Firefox+Derivatives or vanilla chromium/ungoogled variant
  • Make sure you have HTTPS everywhere or equivalent on.
  • Use services like email aliases for online accounts.
  • Use an up-to-date GNU/Linux or any other free/communal operating system instead of US State Dept. ones like Windows and MacOS.
  • Use Ublock Origin.

It bears mentioning that a VPN is not a magic bullet for privacy.

[-] NewOldGuard@hexbear.net 8 points 1 day ago* (last edited 1 day ago)

Also use a private DNS server even if not using a privacy VPN. I set Firefox to route through Mullvad always. It’s just another way your browsing activity gets fed back to your ISP or DNS provider company

Edit: Also I think VPNs have a lot more utility than that. E.g. hiding your real IP from websites to prevent geolocation or tying back to your real ID, preventing your ISP (and thus the US govt through PRISM etc) from logging your traffic, etc. Yes the details of what you do are encrypted through HTTPS but the servers you connect to and the times you do it are not. The CIA says they kill people based off metadata so I would at least try to shift the trust away from known collaborators like my ISP and towards groups like Mullvad to protect myself

[-] Imnecomrade@hexbear.net 4 points 1 day ago* (last edited 1 day ago)

I use DNS.SB and use DNS over HTTPS.

On Android, I use Nebulo, which I install through its F-Droid repository. It allows me to use DNS over HTTPS and offers DNS.SB as one of its options.

[-] Imnecomrade@hexbear.net 4 points 1 day ago

Make sure you have HTTPS everywhere or equivalent on.

This extension is no longer needed and obsolete.

https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-dont-bother

HTTPS Everywhere

Redundant with HTTPS-Only Mode and scheduled for deprecation: maintenance mode only Sept 2021, sunsets Jan 2023

[-] hello_hello@hexbear.net 4 points 1 day ago

Yeah the web extension thankfully got merged with Firefox's graphical settings. It eliminates a whole class of vulnerabilities right from the get go.

[-] Lawn_and_disorder@hexbear.net 31 points 1 day ago

Mullvad yes, proton and riseup maybe

[-] viva_la_juche@hexbear.net 28 points 1 day ago

Mullvad gang

[-] Imnecomrade@hexbear.net 20 points 1 day ago* (last edited 1 day ago)

AirVPN if you need port-forwarding for torrents.

Otherwise Mullvad or IVPN (Mullvad is cheaper). Mullvad is also removing support for OpenVPN and will be just using WireGuard, so if you need OpenVPN for any reason, you will need to use one of the other two.

Also, if you are using a VPN for the sake of privacy...I would instead look into using Tor or I2P. Being private and secure involves a lot of ongoing research, maintenance, and care, and a VPN is not generally a good way to be private. There's no set it and forget it option. It's better to use a VPN for port-forwarding, circumvent geo-blocking to access media, hide IP from gaming in P2P servers, etc. Otherwise, I would recommend looking into virtualization, using QubeOS and Tails, hardening Firefox, etc.

If you use Linux, here are a few good resources to harden your OS:

[-] Edie@hexbear.net 4 points 1 day ago

Cool links. I should go harden my system. Actually... I could make a nixos module with my changes so others can import these things easily... Hmmm.

[-] Barx@hexbear.net 15 points 1 day ago

I recommend Mullvad bevause you can pay anonymously with cash or anonymously enough with a voucher.

[-] Lawn_and_disorder@hexbear.net 9 points 1 day ago* (last edited 1 day ago)

Proton also accept crypto which can be anon

[-] Imnecomrade@hexbear.net 22 points 1 day ago* (last edited 1 day ago)

Mullvad, IVPN, and AirVPN all support crypto. They all do not require email accounts, too.

I do not recommend Proton for many reasons.

They support Israel.

https://proton.me/support/protonmail-israel-radware

https://protonvpn.com/blog/israel-vpn-servers/

They supported the 2020 Hong Kong protests.

https://protonvpn.com/blog/hong-kong-servers

This comment from Lemmygrad explains why Proton may be a honeypot and to be wary of VPN services in general.

https://lemmygrad.ml/comment/361523

Here is a list of potential issues with ProtonMail (including their onion site deanonymizing Tor users when they create an account by redirecting them back to their .com address):

https://encryp.ch/blog/disturbing-facts-about-protonmail/

Some practical reasons I don't recommend Proton

  • Port-forwarding on linux is shoddy.
  • Proton treats Linux and its open source community as second-class citizens.
  • ProtonMail Android app is slow as hell. Takes several minutes to load an email and is basically unusable.
  • 3+ year old issues never get fixed: https://github.com/ProtonMail/proton-bridge/issues/180
[-] hello_hello@hexbear.net 6 points 1 day ago

Proton's support for anything other than M$ Windows or MacOS is really bad. It's another case of a company open source virtue signaling. They're better than Google and Microsoft but that isn't saying much.

[-] Lawn_and_disorder@hexbear.net 4 points 1 day ago

Never said they didnt.

Yes you should be vary of VPNs but obviously also your ISP. I know mine is selling my data, I just don't have any options. If I would do something highly ileagal I would obviously not really on just a VPN and trust them. That would be one stepping stone of several.

HK have read yet Isreal yea thats bad but still far from PIA etc. Looks mullvad is the better option. Scary there is so few recomendations in general.

[-] Imnecomrade@hexbear.net 5 points 1 day ago* (last edited 1 day ago)

Yes you should be vary of VPNs but obviously also your ISP. I know mine is selling my data, I just don't have any options. If I would do something highly ileagal I would obviously not really on just a VPN and trust them. That would be one stepping stone of several.

It is a stepping stone, but can be hit or miss depending on your ISP and VPN. I made some alternative suggestions to improve your privacy and security here: https://hexbear.net/comment/5674063

But given that Proton gave the French police a climate activist's IP information which led to his arrest, despite claiming to store no IP logs and then deleting the claim on their website, it's better to recommend our fellow comrades other VPN services that have a better track record at this time. Proton has proven time and time again to be untrustworthy, and it's a very reactionary company that fights against socialist nations and supports countries like Israel, Taiwan, etc., which you can see by looking at its blog.

[-] Lawn_and_disorder@hexbear.net 1 points 17 hours ago* (last edited 17 hours ago)

Thing is thats mullvad, nothing else. And thats only becouse we don't know what we dont know.

A better approach should be not to trust any singular entity. If you are going to occupy buildings and have Interpol chasing you you should use TOR, VPN and proxy in combination.

Neither of those tools are foolproof , espacially if its not your own hardware somewhere.

And no one will go to prison for you. Obviously any court order to any VPN will be complied with, including mullvad.

[-] Imnecomrade@hexbear.net 1 points 16 hours ago* (last edited 15 hours ago)

Thing is thats mullvad, nothing else. And thats only becouse we don't know what we dont know.

Not sure what you mean. Are you saying we can only trust Mullvad VPN because IVPN and AirVPN have been caught with untrustworthy actions? As far as I know, they haven't, and they're all pretty much equivalent in tech, security, and privacy. Mullvad is just more popular.

A better approach should be not to trust any singular entity.

Easier said then done. At some point you have to be willing to sacrifice with some trust. Even the best security professionals struggle to stay private in today's world of surveillance, so if that trust is yourself, you have to stay on top of security 24/7.

If you are going to occupy buildings and have Interpol chasing you you should use TOR, VPN and proxy in combination.

Using a VPN with TOR is not recommended as a VPN can log your activity every time you connect to TOR. Using a VPN on top of TOR usually doesn't provide you anymore safety unless you are on some public wifi hotspot.

https://support.torproject.org/faq/faq-5/

https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN

https://tails.net/support/faq/index.en.html#vpn

And no one will go to prison for you. Obviously any court order to any VPN will be complied with, including mullvad.

Thus, my point is using a VPN, especially one we know is untrustworthy, like Proton, is generally not a solution for privacy and security. Being private and secure requires training and practice, and there's much more effective means of securing your data and anonymity.

[-] Lawn_and_disorder@hexbear.net 2 points 13 hours ago* (last edited 13 hours ago)

Not sure what you mean. Are you saying we can only trust Mullvad VPN because IVPN and AirVPN have been caught with untrustworthy actions? As far as I know, they haven't, and they're all pretty much equivalent in tech, security, and privacy. Mullvad is just more popular

As an example it is few thats considered trustworthy and we just dont know if they really are trustworthy.

Easier said then done. At some point you have to be willing to sacrifice with some trust. Even the best security professionals struggle to stay private in today's world of surveillance, so if that trust is yourself, you have to stay on top of security 24/7.

Security and privacy are layers. I would for sure stay on top ( or pay someone to do it for me) if I expecting international warrants.

Using a VPN with TOR is not recommended as a VPN can log your activity every time you connect to TOR. Using a VPN on top of TOR usually doesn't provide you anymore safety unless you are on some public wifi hotspot.

Depends how you set It up but doing VPN for proxy jump will at most let your VPN know you are using TOR. It is recommended , just not by some. VPN is a part of a good setup, a lot more trustworthy than my ISP for example.

Thus, my point is using a VPN, especially one we know is untrustworthy, like Proton, is generally not a solution for privacy and security. Being private and secure requires training and practice, and there's much more effective means of securing your data and anonymity.

See previous points. If you consider all untrusted you limit what those entitys know about you. Proton can know more or less depending how you set it up and use it. Dismissing VPNs because TOR is better is like dismissing blowjobs because fucking is better. We can have both

[-] Imnecomrade@hexbear.net 1 points 13 hours ago* (last edited 13 hours ago)

I can agree with what you said here. I'm not dismissing VPNs altogether, though. The reason I am so critical is because VPNs are marketed as a magic bullet that makes you 100% private and secure, and the average person does not know better. Many people just believe they need to be on a VPN 24/7 to be private, which can be worse than not being on a VPN at all. I gave a lot of links that weren't necessarily critical of VPNs and explained how to use them correctly. I made emphasis on the need for people to research and practice effective opsec. I don't know what OP needs a VPN for, so I made sure to clarify what to use a VPN for and to dispel any myths that are commonly believed with them.

[-] RedWizard@hexbear.net 13 points 1 day ago

put my hat in for mullvad

[-] tactical_trans_karen@hexbear.net 8 points 1 day ago

Proton has been really fast for the high seas, but the app is kinda fucked on Linux.

[-] Lawn_and_disorder@hexbear.net 7 points 1 day ago

Use wireguard directly, works better. just some time needed to set it up

[-] tactical_trans_karen@hexbear.net 2 points 17 hours ago

I had it set up, until it spontaneously decided that I need to enter the password every time I connect.. and it disconnects if my computer goes to sleep.

[-] theskyisfalling@lemmy.dbzer0.com 9 points 1 day ago

Mullvad was great until they got rid of port forwarding. Since I have used AirVPN and been pretty happy so maybe check that as an alternative option too :)

[-] Lawn_and_disorder@hexbear.net 6 points 1 day ago

Correct me If im wrong but wasnt airvpn bought up with company with some isreali connections?

[-] Imnecomrade@hexbear.net 8 points 1 day ago

Are you thinking about PIA or ExpressVPN? I hope AirVPN is not connected to Israel. I just paid a subscription.

[-] Lawn_and_disorder@hexbear.net 5 points 1 day ago

PIA ah yea might be that, I believe there where a few more than those, let me see if I can find something about it . https://geopolitics.co/2024/10/02/exposed-how-israeli-spies-control-your-vpn/ Yea it was PIA 😃

[-] Lawn_and_disorder@hexbear.net 6 points 1 day ago

PS that story was buried deep in Google search results, weird huh..

[-] theskyisfalling@lemmy.dbzer0.com 4 points 1 day ago

Whew, thanks for doing that research! I'm glad that it wasn't after I paid for 2 years just a couple of months ago!

[-] Acute_Engles@hexbear.net 9 points 1 day ago

Watching this thread myself

[-] take_five_seconds@hexbear.net 8 points 1 day ago

I use Proton for general piracy, no complaints so far.

[-] Imnecomrade@hexbear.net 6 points 1 day ago* (last edited 1 day ago)

Proton requires you to run a looping script on Linux if you want to use port-forwarding, and it is prone to breaking.

https://protonvpn.com/support/port-forwarding-manual-setup/#linux

[-] take_five_seconds@hexbear.net 4 points 1 day ago* (last edited 1 day ago)

i don't use linux so i just click a couple buttons

https://protonvpn.com/support/port-forwarding

[-] Hello_Kitty_enjoyer@hexbear.net 5 points 1 day ago

Can someone explain to me why using one of these is better than hiding in plain sight

[-] NewOldGuard@hexbear.net 8 points 1 day ago

Hides ur IP address from the websites you visit and any peer to peer services, which otherwise could be used to geolocate you or identify whoever’s name is on the internet plan. They also block your ISP from seeing what connections you are making, but this is just a shift of trust as the VPN provider will then get that information so you need to trust that they won’t log it or sell it

[-] Hello_Kitty_enjoyer@hexbear.net 2 points 1 day ago

Thanks. What are your thoughts on Brave browser?

[-] Imnecomrade@hexbear.net 6 points 1 day ago* (last edited 1 day ago)

I don't trust Brave

https://archive.ph/jKeYQ

https://absolucy.moe/dont-use-brave/

https://davidgerard.co.uk/blockchain/2020/06/06/the-brave-web-browser-is-hijacking-links-and-inserting-affiliate-codes/

https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/

https://github.com/brave/brave-browser/issues/8793

If you need a Chromium based browser, I would suggest Cromite. Otherwise, I recommend people use hardened Firefox or LibreWolf, especially considering Manifest V2 not being supported by Chromium unless forks maintain their own. The whole point of switching to V3 was to make adblock less effective. Thus, Firefox and its derivatives, which are not within the chromium ecosystem, which has its neck under Google's boot (though Mozilla is basically supported financially by Google, which is another story), are the best to use with uBlock Origin, which is generally the best adblock you can use.

https://www.privacyguides.org/en/desktop-browsers/#best-case

https://backlit.neocities.org/browser-evaluation-mullvad-floorp-librewolf

https://privacytests.org/

[-] Tabitha@hexbear.net 4 points 18 hours ago

brave is a cornucopia of blockchain scams and lies but it does a little ad blocking well so the average tech person doesn't bother fact checking any of it's marketing/privacy claims lmao

[-] PorkrollPosadist@hexbear.net 5 points 1 day ago* (last edited 1 day ago)

Your last-mile cable/fiber/wireless ISP is likely a subsidiary of one of the world's largest IP holdings companies, and if they aren't, they likely have big contracts with them and will bend over backwards to please them. They also have a lot of politicians under their thumb, which is necessary to maintain their extortionate regional monopolies. They have a financial incentive and the resources to observe your traffic and send you legal threats or disconnect you unilaterally.

When you use a VPN you are just letting some other company see what your ISP could see (i.e. every website and server you connect to, and how much data is being transfered, if not the plaintext of the data itself). Your ISP can still glean a lot based on the time and amount of data being transferred between you and your VPN, even though it is all encrypted. The VPN has different incentives than a multinational IP conglomerate, but at the end of the day still has to comply with the law. Some of them are legit. Some of them are literally run by Mossad. They generally solve the problem for media piracy, but should not be used thoughtlessly if there is any serious criminal or political risk involved.

[-] darkcalling@hexbear.net 5 points 1 day ago

Whichever one has decent prices and the features you need. Mullvad, AirVPN. I know AirVPN seems to have multiple sales a year. I can almost guarantee they'll have a Black Friday sale or something by the Monday that follows so if you do go with them, don't buy more than a week right now to see if you like it and if you do buy a year or two for maximum discounts.

Avoid PIA and a lot of the others in that vein, they're owned by ad-tech companies with ties to "isreal".

[-] anarchoilluminati@hexbear.net 5 points 1 day ago

Another Proton vote.

[-] LeylaLove@hexbear.net 2 points 1 day ago

Proton is really cool, can get it with email too

this post was submitted on 25 Nov 2024
56 points (100.0% liked)

technology

23313 readers
121 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS
context@hexbear.net
EmmaGoldman@hexbear.net
SexUnderSocialism@hexbear.net
gaycomputeruser@hexbear.net
ZoomeristLeninist@hexbear.net