hello friends! new(ish)!

VPN

From InstallGentoo Wiki v2
Jump to navigation Jump to search

VPN stands for "Virtual Private Network". A VPN uses a tunneling technology, such as SSL, through different tunnelling protocols to establish private links through the internet to other computers.

VPNs are typically used to avoid geo-blocking, passive surveillance or government filtering. A VPN may make you appear as if you're from a different country. Joe Schmo on the internet trying to backtrace your IP will lose the trail at your VPN provider. Hackers infecting your system won't be phased, and neither will law enforcement.

VPNs aren't a panacea when it comes to privacy. Even if your provider claims they don't keep logs, that doesn't mean you trust them, especially if they're located in a Five Eyes country. A VPN will improve your privacy, however it will not do much to improve your anonymity. For making yourself anonymous on the internet, see Anonymising Yourself.

Choosing a VPN

It is very important you do your research when deciding on a VPN. Remember, you're giving these guys your traffic instead of your ISP. Some VPNs are made for privacy, and don't log, while others are made just for getting past geoblocks. When choosing a VPN, you want to consider these things:

  • What country is this VPN operating in? (A Five/Nine Eyes country like the USA, or a privacy-respecting one like Switzerland)
  • Do they log your traffic, and what IPs you connect with?
  • Do they have trackers on their website? (Looking at you PIA (Private Internet Access))
  • Can you pay anonymously? (Still won't matter much since they know your IP, unless you chain more than one VPN or connect through Tor)
  • How much does it cost?

Also be careful when reading VPN reviews. The link you click on may very well be affiliate link. PIA, HideMyAss, and other mainstream VPN providers are known for their affiliate programs. When reading a review, make sure it doesn't sound like an advertisement or contain contradictory information. For example, many websites have falsely reviewed the RiseupVPN Service as costing money and having features it does not. RiseupVPN does not solicit these reviews, so it is most likely filler to a fraudulent review site.

If you want user reviews, you're best off on /r/VPN, or /vpn/. Beware of /r/VPN, as many users are shills, or post fake reviews.

TorrentFreak runs a yearly survey to VPN providers, asking pertinent questions. TorrentFreak is however also sponsered by VPN providers, so consider this when deciding on a VPN provider.

Additionally three other resources exist that list VPN's that are of value:

Recommended VPNs

There is no way of knowing if a VPN provider stores logs about your VPN traffic, but there are a few VPNs that are seem the least likely to do it.

  • IVPN — has servers in 35 countries, has undergone a no-logging audit, has completely open-source clients, has support for WireGuard, and accepts Monero as a payment. Is in general a very based company and is very open and honest about what a VPN can and can not do.
  • Mullvad VPN — has servers in 41 countries, has undergone a no-logging audit, has completely open-source clients, has support for WireGuard, and accepts Monero and cash as a payment. Favorite of /g/'s only liked racially African person, Mental Outlaw.

Decentralized VPNs

Decentralized VPNs are becoming more and more popular every day. Some of the decentralized VPNs include:

Testing Your VPN Install

Basic tests:

Also consider:

  • What happens if your VPN drops out?
  • Should your firewall change when you connect/disconnect from your VPN?

VPN Pseudoanonymity

  • Don't login to the same accounts unless you want those accounts to know you're using a VPN (e.g. email, social media).
  • Don't use the same browser profile when using your VPN. Or consider things like cookies, flash cookies and your Panopticlick stats. For more information on how to make yourself less fingerprintable, read our article on fingerprinting and consider following the guide.

In order to attain a higher level of privacy, consider nesting VPNs. A VPN chain of length 2 will ensure the endpoint doesn't know your real IP address, and the midpoint won't know what you're accessing as it will only have access to encrypted traffic being transmitted to the next VPN in the chain. For 'complete' anonymity, but terrible network throughput, one would have you add a TOR node to the mix.