180
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 14 Feb 2024
180 points (100.0% liked)
technology
23275 readers
124 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS
There’s a significant difference between the threat model surrounding vpns that you intend to use for port forwarding torrents and vpns you intend to use to protect yourself from data harvesting/the cops.
Don’t expect one to do both.
I'm posting this here because a lot of use a VPN for organizing. this doesn't matter if all you care about is torrenting.
I totally agree. I made my post for the same reason but not in direct reply to anyone talking about torrenting.
E: the thing I’m generally posting in the direction of is that all vpns aren’t the same and just turning yours on before you click on the link while you flip down your sunglasses and say “I’m in” or even checking out a company’s reviews before you sign up isn’t enough to keep you protected in the limited ways that VPNs are able to.
I’m using a hypothetical “you” here, not trying to accuse you of those practices in a passive aggressive way.
I follow, just wanted to clarify because I didn't call it out in the post
The ideology and commitment of a service provider is irrelevant. Companies doing business in a nation are compelled by force to follow those nations laws.
I would advise against looking for an “all round” vpn. Think about it more like a tool. No one would recommend you replace a socket wrench set with a gerber multitool because the gerber has a lifetime warranty and a screwdriver and wire cutter built in. Those are great things to have and gerber really will honor that warranty when you break the pliers fucking around with barb wire but the multi tool isn’t a socket wrench.
I use a few vpns. Mullvad, air, proton and a few classic style lil servers that just handle traffic. Air and proton are both very good for torrenting and running services. Mullvad is nice for getting/being serious about privacy from states.
To use another metaphor, think about a vpn like a gun. They’re not all the same and if you try to use one to do something it’s not suited for you’ll by unsuccessful.
If you feel comfortable talking about it, what are you planning on using a vpn for?
When the police have a wiretap warrant they’ll install their own logging facilities.
If you’re really worried id setup and be prepared to use two different vpns, with multihop when the time comes. Not at the same time, but be prepared with a backup.
One of the ways that effective vpns are targeted is with websites and services blocking their servers. Mullvad had that happen last year when interpol wanted to push csam people off of it. The csam people were using port forwarding to host file sharing with the security that mullvad provided and in order to get mullvad to stop offering port forwarding they leaned on every major website to block their server ips. Whole fens wouldn’t respond to you if you were using mullvad. Eventually they stopped offering the service and the csam people had to go elsewhere.
So even an effective vpn can be targeted and it’s worth it to have a backup.
E: also those servers seized in ukrane were unencrypted, which is a huge incredibly stupid unforced error and it means they better have done a big fucker key rotation afterwards. I don’t use windscribe so I don’t know if they did.
What made you raise your eyebrows at mullvad? I know they had a search executed on em but it ended up being a big nothing burger iirc.
I wouldn’t worry about the eyes-ness of a providers operations based on your concerns. What’s most important is having a fallback for when your main vpn isn’t available and making sure you’re using the fallback when that happens.
The thing you’re worried about isn’t a particular agency targeting you in particular, but being swept up in police action and mass surveillance. To that end it doesn’t really matter as much that your vpn have the lack of interpol cooperation or even the obfuscating effect of using the same exit node as a bunch of other people but instead that you be always using one, understand what it does and who or what your devices are communicating with and practice the best possible security you can when dealing with the cops.
Look into securing your devices against intrusion (and keeping secure backups) and how to deal with the police when they take you in. For example: an iPhone is put in a special state when it’s powered on that requires strict authentication before any kind of peripheral will be recognized. If you can’t turn the phone off then just grabbing the two buttons that put it in the “slide to power off” screen drops all peripheral connections and needs an authentication before it’ll let anyone use it.
Drill that interaction so that no matter how gassed, beaten and dazzled you are, you can put your devices in some kind of secure-ish state.