(LINUX USER)What VPNs would you lovely people recommend? (lemmy.dbzer0.com)

submitted 1 year ago* (last edited 1 year ago) by Doomguy1364@lemmy.dbzer0.com to c/piracy@lemmy.dbzer0.com

119 comments fedilink hide all child comments

Hello all!

I have been out of the piracy game since a little before mullvad lost port-forwarding; I know these things are ever changing, and to my understanding ivpn is a good bet at this moment in time.

I was wondering what everyone else has been using. As well as if anyone has tried the gui client for ivpn either built from source or the AUR build(I do use arch btw).

I am open to any vpn client that has a good reputation in the community, and build-able from a repository; A gui is preferred but not necessary, and absolutely NO account creation (Except for generic account numbers of course).

Thanks in advance for anyone who takes the time to answer.

you are viewing a single comment's thread
view the rest of the comments

[-] Captain_Red@lemmy.dbzer0.com 24 points 1 year ago

Mullvad. The others have horrible apps on Linux.

[-] lud@lemm.ee 8 points 1 year ago

Mullvad doesn't support port forwarding anymore. I use airvpn and you can just use the native WireGuard (or OpenVPN if you'r crazy) apps on different platforms if you want.

[-] Captain_Red@lemmy.dbzer0.com 1 points 1 year ago

I use Wireguard on Mullvad. I don't know what you're talking about 🤷‍♂️

[-] Tsouintsouin@lemmy.sdf.org 8 points 1 year ago

he is saying mullvad doesn't support port forwarding anymore, which is true. As a long time mullvad customer, I'm now looking for alternatives

[-] Goodtoknow@lemmy.ca 1 points 1 year ago

Is that a deal breaker? Why not just tunnel through if you need

[-] bartolomeo@suppo.fi 1 points 1 year ago

Wait why "if you're crazy"? I know wireguard is faster but is there something I'm missing?

[-] lud@lemm.ee 5 points 1 year ago

No, you are not missing anything. Wireguard is just much better.

[-] JustEnoughDucks@feddit.nl 1 points 1 year ago

I have heard that it is impossible to have no logs with wireguard because the configuration requires an static IP log and public key or something similar which normal openVPN doesn't, so it breaks the "no log" policy.

I am not suse how correct that is, but that was a discussion earlier.

https://www.reddit.com/r/PrivateInternetAccess/comments/jg98le/is_wireguard_protocol_safe_for_torrenting/

[-] lud@lemm.ee 2 points 1 year ago* (last edited 1 year ago)

Here is what Mullvad has to say about that: https://mullvad.net/en/help/why-wireguard/

#Is it true that a user's public IP must be logged in order for WireGuard to work?

No. When using WireGuard, your public WireGuard IP address is temporarily left in memory (RAM) during connection. By default, WireGuard deletes this information if this server has been rebooted or if the WireGuard interface has restarted.

For us this wasn't enough, so we added our own solution in that if no handshake has occurred within 600 seconds, the peer is removed and reapplied. Doing so removes the public IP address and any info about when it last performed a handshake.

If you want to hide your public IP even more, use multihopping.

#Is logging of any user activity required in order for WireGuard to work?

No. There is never a need to log user activity no matter if you're using OpenVPN or WireGuard.

#What are your thoughts on the internal WireGuard IP address being static?

We acknowledge that keeping a static IP for each device, even internally, is not ideal.

Why? Because if a user experiences WebRTC leaks, that static internal IP address could leak externally. As another example, applications running on your device can find out your internal IP, and if you've installed software that is malicious, it can also leak that information.

And theoretically, a static internal IP that is leaked, together with obtaining a payment record, could help to identify a user. (Dive into the payment info we handle for a fascinating read.)

Having said that, we still believe that WireGuard overall is in a better state than OpenVPN.

##Solutions to the problem

You as a user can mitigate this issue in two ways:

When connected to Mullvad, perform a Connection check. If you're not safe from WebRTC leaks, take necessary action.

Never download and install applications that you don't trust.

The Mullvad VPN app automatically replaces the WireGuard keys once a week.

We also want to see the WireGuard protocol itself improved, which is why we're taking part in the development of WG-dynamic. This implementation will give the ability to dynamically assign a new internal IP every time a connection is made.

[-] JustEnoughDucks@feddit.nl 1 points 1 year ago

Ah, nice. No issue for mullvad then. I wonder if other VPNs do something similar. Otherwise they.could be stored for multiple months.

[-] ancoraunamoka@lemmy.dbzer0.com 4 points 1 year ago

Tbf, you don’t really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.

you should use openvpn in difficult network configurations such as college dorm blocking everything except tcp 443 and tcp 80 or with old clients that don't support wireguard

[-] AlexandroffExtension@lemmy.dbzer0.com 7 points 1 year ago

Tbf, you don't really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.