this post was submitted on 10 May 2024
55 points (95.1% liked)

Privacy

31886 readers
627 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hey all,

I've been using a commercial VPN for years on my mobile devices and home PCs. Recently I've started to use Tailscale and realized I can easily create a self-hosted VPN on a cheap VPS with unlimited traffic.

But I'm not really sure if that's what I need. BTW, I'm not doing anything dangerous, no torrents, no illegal stuff, no journalism or whistleblowing, not even looking up abortion clinics. I just hate mass surveillance and I don't want to be constantly profiled.

Commercial VPN allows to "hide in a crowd" by sharing IP with thousands of other clients. But there are a few issues:

  1. Often sites blacklist VPN IPs, so I can't get in or pass captcha
  2. Performance is not very good
  3. I have to trust VPN to not keep the logs and not sell data. I used Mullvad and they are considered reliable, but you never know until it's too late

With self-hosted VPN, I'm losing benefit of "hiding in crowd" as my VPN will be used only by me and maybe a couple of other people. My understanding is that my VPS outgoing traffic is from static server IP. So if I login to Facebook once, the address is associated with me. I'll also have to trust VPS provider to not analyze my traffic and sell it. On other hand, I'm still protected from my ISP spying, from exposing my real IP address to web sites, from dangers of public WiFi networks. And I might get better performance for about the same price.

What's your take on VPNs? Tell me if you are using self-hosted VPN and why.

all 18 comments
sorted by: hot top controversial new old
[–] helenslunch@feddit.nl 52 points 6 months ago (3 children)

Self-hosted VPNs are not used the same way as commercials ones.

They're intended to access your server from outside the house without exposing it to the internet.

Commercial VPNs are intended to hide your identity across the web and to hide your non-HTTPS web traffic from your ISP.

[–] EngineerGaming@feddit.nl 17 points 6 months ago

Commercial VPNs are intended to hide your identity across the web and to hide your non-HTTPS web traffic from your ISP.

You're forgetting a demographic that is probably bigger than this - people who don't care and just want to go to blocked sites.

[–] SzethFriendOfNimi@lemmy.world 5 points 6 months ago (2 children)

Exactly. Even for mobile use besides accessing your home resources you can avoid your cellular provider monitoring/hijacking your traffic.

Of course self hosting means you’re still sending that info from your home network over your ISP.

So it’s a trade off there but depending on your ISP vs your cellular network makes sense.

[–] pound_heap@lemm.ee 4 points 6 months ago

This is a good point. Maybe setting up a VPN at home would the good option for when I'm on the go

[–] helenslunch@feddit.nl 1 points 6 months ago

I mean you could use both in combination. Start9 will even tunnel all your traffic through TOR.

[–] refalo@programming.dev 2 points 6 months ago (1 children)

VPNs cannot hide your identity.

[–] helenslunch@feddit.nl -2 points 6 months ago

Well that's an interesting take

[–] sun_is_ra@sh.itjust.works 19 points 6 months ago

I use self hosted VPN for many years now.

You worry that facebook would associate that static ip with you but the problem is quiet the opposite.

most website will recognize that your IP belong to a hosting company so they often suspect that you are a bot. Wikipedia wont let u edit articls, youtube wont let u comment on videos. Other than that its fine, just expect to pass more captcha.

you could pay little extra and get dynamic IP from your provider. That effectivwly changes your IP. Deleting dynamic IP and recreating it gives u a new one. But I dont do that.

I just hide in the crowed by letting others uss my VPN and rely on service providers often dismissing my IP as bot

[–] Deckweiss@lemmy.world 14 points 6 months ago* (last edited 6 months ago)

To make it absolutely clear:

Your VPS has an ip. All your traffil will go through it if you set it up as a VPN. So your behaviour patterns will be tied to that one IP. You will be the only one on that VPN.

A commercial VPN has many users at the same time on a given Server. So the traffic and behaviour that comes from that servers IP will produce garbage data for analysis.

You could selfhost a VPN on your VPS and let others use it for free somehow to obfuscate your behaviour and patterns, but you as the VPS owner will have to deal with legal stuff then.

[–] AnAnonymous@lemm.ee 9 points 6 months ago* (last edited 6 months ago) (1 children)

If you want anonymity no, if you don't then yes.

If you want anonymity and the advantages of a VPS VPN at the same time you should look for a provider which accept crypto payments, and optionally setup tor, i2p and freenet nodes to obfuscate your traffic.

That way you will be helping the community and at the same time securing yourself.

[–] pound_heap@lemm.ee 2 points 6 months ago

Thanks for the suggestion, but anonymity is not my goal with VPN. I known about tor etc, and it is not working well for everyday web surfing

[–] Coasting0942@reddthat.com 8 points 6 months ago

Tor network could always use more obfuscation.

[–] xabadak@lemmings.world 5 points 6 months ago (1 children)

From a privacy standpoint I don't think it would make a big difference over not using a VPN at all. It will take a bit of time but your new IP will become associated with your identity. From the perspective of Facebook and Google, it will just look like you moved and are living inside a datacenter now.

[–] pound_heap@lemm.ee 6 points 6 months ago

Yay, I can get some targeted ads about data center hardware!

[–] Max_P@lemmy.max-p.me 4 points 6 months ago

I route through my server or my home router when using public WiFi and stuff. I don't care too much about the privacy aspect, my real identity is attached to my server and domain anyway. I even have rDNS configured, there's no hiding who the IP belongs to.

That said, server providers are much less likely to analyze your traffic because that'd be a big no-no for a lot of companies using those servers. And of course any given request may actually be from any of Lemmy, Mastodon, IRC bots or Matrix, so pings to weird sites can result entirely from someone posting that link somewhere.

And it does have the advantage that if you try to DDoS that IP you'll be very unsuccessful.

[–] Tenkard@lemmy.ml 2 points 6 months ago

I use a self hosted vpn because my main reason to use a vpn is avoiding monitoring from my isp and whoever is managing the local network, and I don't want websites to know where I'm located.