VPN Comparison Chart & How to choose the best VPN

Antivirus, forensics, intrusion detection, cryptography, etc.
Post Reply
Message
Author
labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

WireGuard

#16 Post by labbe5 »

https://research.kudelskisecurity.com/2 ... odern-vpn/

WireGuard is still experimental and is therefore not ready for production, but it is the way to go to make mass surveillance ineffective.

Further reading :
https://mullvad.net/blog/2017/7/7/how-r ... rd-router/

WireGuard is a faster protocol

Below you can compare our results of running WireGuard and OpenVPN on various LEDE routers connected to Mullvad. In every case, WireGuard outperforms OpenVPN.

Router | CPU | OpenVPN | WireGuard
-----------------------------------------------------------------------------
GL-iNet6416 | 400mhz | 2–5 Mbit/s | 30–40 Mbit/s
ASUS RT-N66U | 600mhz | 5–10 Mbit/s | 40–60 Mbit/s
Linksys WRT1200AC | 1.3Ghz | 20–25 Mbit/s | 250–300 Mbit/s
Linksys WRT1900AC | 1.6Ghz | 30–35 Mbit/s | 300–350+ Mbit/s
NUC QuadCore Celeron | 2.0GHZ | 60–100 Mbit/s | 650+ Mbit/s (maximum unknown)


Running WireGuard with Mullvad on Linux :
https://www.mullvad.net/guides/wireguar ... llvad-vpn/

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

How to make a VPN kill switch in Linux

#17 Post by labbe5 »

In the event that the VPN connection unexpectedly drops, the computer will continue to send and receive traffic sent over your ISP’s unprotected network, possibly without you even noticing. To prevent this behavior, you can make yourself a simple kill switch that halts all internet traffic until the VPN connection is restored. We’ll show you how to write some easy rules using iptables and the Ubuntu Ultimate Firewall (UFW) application.

First, create a startvpn.sh script that puts firewall rules in place. These firewall rules only allow traffic over the VPN’s tun0 network interface, and they only allow traffic over that interface to go to your VPN’s server.

$ cat startvpn.sh
sudo ufw default deny outgoing
sudo ufw default deny incoming
sudo ufw allow out on tun0 from any to any
sudo ufw allow out from any to 54.186.178.243 # <-- note this is the IP from the "remote" field of your configuration file
sudo ufw enable
sudo ufw status
sudo openvpn client.conf &
Network traffic cannot pass over any other network interface with these firewall rules in place. When your VPN drops, it removes the tun0 interface from your system so there is no allowed interface left for traffic to pass, and the internet connection dies.

When the VPN session ends, we need to remove the rules to allow normal network traffic over our actual network interfaces. The simplest method is to disable UFW altogether. If you have existing UFW rules running normally, then you’ll want to craft a more elegant tear down script instead. This one removes the firewall rules and then kills openvpn with a script called stopvpn.sh

$ cat stopvpn.sh
sudo ufw disable
sudo ufw status
sudo kill `ps -ef | grep openvpn | awk '{print $2}'`
If you use some other means to connect to your VPN, you can eliminate the last two lines of each script. In such a configuration, you will have to remember to manually run the startvpn.sh script prior to starting your VPN using some other method. Once your VPN session ends, remembering to run the stopvpn.sh script isn’t hard; you’ll probably notice the lack of internet connectivity until you run it.

Further reading :
https://www.comparitech.com/blog/vpn-pr ... for-linux/

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

IP Binding and Vuze

#18 Post by labbe5 »

https://wiki.vuze.com/w/Proxies_And_VPNs

First set your Mode to 'Advanced'. Next go to Connections->Advanced Network Settings and locate the interface name for your VPN (e.g. eth<number>). Enter this interface name in the 'Bind to local IP address or interface' box. Now scroll down to the bottom and check the 'Enforce IP bindings even when interfaces are not available' option.

More recent versions of Vuze will attempt to detect when your traffic is being routed via a VPN interface and offer to perform this configuration change for you.

If your VPN provider doesn't support incoming connections then you can explicitly disable these in Vuze by deselecting 'Incoming Connection' under 'Peer Sources' in Connections - if for some reason your public IP address is leaked (e.g. you start a download with your VPN disconnected and haven't bound explicitly to an interface) this will prevent other peers from connecting to you via this public IP.


Further reading :
https://www.privateinternetaccess.com/f ... ugh-pia/p2
https://www.wikihow.com/Set-Up-Vuze-wit ... y-Properly

HOW TO CHECK YOUR TORRENT IP ADDRESS

https://www.best-bittorrent-vpn.com/che ... nt-ip.html

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Notice of Claim of Copyright Infringement

#19 Post by labbe5 »

You have nothing to hide, so you set up a torrent client, and start downloading season 1 of your best TV series, followed by 7 other seasons, all without a VPN (you have nothing to hide).

Then, to your surprise, you receive Notice of Claim of Copyright Infringement

What the heck!

In Canada :
The Copyright Modernization Act passed in January 2014 requires ISPs send notices to copyright violators on their networks. The recipients’ identities are stored on ISP servers for six months. Copyright holders cannot sue for damages of more than $5,000, which in most cases simply isn’t worth the time or effort.

The notification system is more educational than legal, but ISPs can still penalize torrenters by choking bandwidth.


In the US :
Downloading copyrighted material is illegal in the United States. ISPs often have a three-strike rule if they catch users torrenting illegally. Non-copyrighted material is completely legal to download.

Copyright holders often act through copyright trolls, which record IP addresses of torrenters and send settlement letters requesting remuneration. These entities have the right to sue on behalf of the copyright holder, but because an IP address does not legally constitute an identity in the US, the best option for recipients is to ignore them.


United Kingdom :
Larger ISPs are required by law to notify subscribers when the British Phonographic Industry catches them torrenting in the form of a cease and desist order. ISPs reserve the right to throttle bandwidth and disconnect users. ISPs with fewer than 400,000 subscribers are not subject to this law, however.

Copyright holders have the right to sue uploaders and downloaders for damages even if no monetary gain was involved.

Popular torrent trackers such as ThePirateBay are blocked by major ISPs in the UK, but these can still be accessed with a VPN.


Source :
https://www.comparitech.com/blog/vpn-pr ... lesharing/

Conclusion :
Unless you are heavily torrenting copyrighted material and do it for money, do not expect to be prosecuted.

But you better use a VPN for that kind of traffic to play it safe.

For using torrent or P2P networks without any infractions of the law of countries where using torrent is forbidden, we recommend to use VPN servers in Netherlands, Sweden, Ukraine or Russia.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

AirVPN

#20 Post by labbe5 »

AirVPN have the nicest GUI for Linux.

If you are a Debian Dog user, install their deb file, and dependencies will be installed automatically with menu item install deb + dependencies.

All told, it is only 16MB.

The price is right, a 35% rebate is offered for the time being.

What's more, AirVPN is backed by activists :
A VPN based on OpenVPN and operated by activists and hacktivists in defence of net neutrality, privacy and against censorship.

Net Neutrality being a thing of the past and affecting all internet users over the world, the internet is now a treasure-trove of data to be monetized by every corporations.

So don't ask if you need a VPN, you need one, ask yourself which VPN to use.

https://airvpn.org

Being born out of activism, here is a strong commitment :

AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES.

The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction.

Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union.

The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure.

Given all of the above, we repute that these acts:

- are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights;
- are an attack against the Internet infrastructure and the cyberspace;
- are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired;

and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses.

In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time.

Kind regards
AirVPN admins


Adding eddie in source.list :
Importing maintainer key for validating signature:
wget -qO - https://eddie.website/repository/keys/e ... g.key|sudo apt-key add -
Debian/Ubuntu Repository (stable) :
deb http://eddie.website/repository/apt stable main
Last edited by labbe5 on Sun 11 Mar 2018, 16:18, edited 1 time in total.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

CouchPotato (to download upcoming movies automatically)

#21 Post by labbe5 »

https://www.linuxbabe.com/ubuntu/instal ... -04-deluge

Some apps are better used with a VPN, such as CouchPotato.

How to Install CouchPotato on Ubuntu 16.04/17.04 with Deluge

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Popcorn Time

#22 Post by labbe5 »

What is popcorn Time?

The movie streaming app that uses torrents to serve up movies like Netflix does.


An alternative installation :

How to download

Most probably know already how to do it. But just in case...
I use Ubuntu, so I'm taking that as the base for this tutorial, anyway, if you're using anything other than that you probably already know what you're doing.

Extract ptc.tar.xz on a folder (using a folder on the Desktop in this case)
Open the Terminal by using Ctrl+Alt+T de cd ~/Desktop/<folder>
Use the code ./install
Follow the installer.
After installing, go to ~/.Popcorn-Time (use Ctrl+H if you can't find it) and paste the contents of the .tar.xz in it.
Be sure to do step 6, otherwise Popcorn Time will only open nw.js instead of the actual program.

Download :
32-bit : http://www76.zippyshare.com/v/HZedxyDh/file.html
64-bit : http://www67.zippyshare.com/v/gqtIWFGh/file.html

Further reading :
http://popcorn-time.is/official-statement.html#Malware2
There are many versions out there and not all of them has your best interest in mind. Here is a diagram that has been circulating on Reddit and attempts to put the current mess into an easy to understand format. It might help you navigate in the PT jungle out there.
How to install Popcorn Time movie player on Debian 9 Stretch Linux
https://linuxconfig.org/how-to-install- ... etch-linux
https://linoxide.com/linux-how-to/insta ... ali-linux/
Last edited by labbe5 on Mon 12 Mar 2018, 21:45, edited 2 times in total.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Why to skip Facebook's VPN -- Onavo Protect

#23 Post by labbe5 »

https://betanews.com/2018/02/15/faceboo ... o-protect/

...Because we're part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.

Yeah... I think I'll give that a miss, thanks. It sounds a little too much like spyware for my liking.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Simple Guide to install OpenVPN

#24 Post by labbe5 »

http://linuxtechlab.com/simple-guide-in ... os-ubuntu/

...this same process can also be used to install OpenVPN on Debian & Ubuntu as well. For this tutorial, we will be using a script that will automate the whole process to install OpenVPN.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

You can use a ​VPN to battle ISP net neutrality abuse

#25 Post by labbe5 »

http://www.zdnet.com/article/you-can-us ... ity-abuse/

AT&T is leading the destruction of net neutrality. Despite its claims to the contrary, AT&T is preparing to implement fast and slow lanes.

Don't think ISPs would do this? Think again. It's already happened. In 2012, AT&T banned Apple FaceTime on its networks. And, in 2014, Verizon slowed down Netflix traffic.

In addition, the Electronic Frontier Foundation (EFF) has pointed out that you can expect your ISP to sell your data to marketers; hijack your searches; snoop through your traffic to add yet more ads; and inject undetectable, non-deletable tracking cookies in all of your HTTP traffic. These are all things ISPs have done before -- and free of regulation, they'll do even more of it.

Shell out some bucks for peace of mind. Swiss has good privacy law. I would look for VPN operations over there if i were you. If you feel patriotic, just go with US operations and hope for the best.

Further reading :
The best mobile VPNs can ensure your privacy anywhere
http://www.zdnet.com/article/what-you-m ... r-privacy/
http://www.zdnet.com/article/putin-bans ... in-russia/
https://www.addictivetips.com/vpn/spoof ... on-online/
https://www.addictivetips.com/vpn/tips- ... -browsing/
McAfee buys VPN firm TunnelBear
https://betanews.com/2018/03/08/mcafee- ... lbear-vpn/

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Quad9

#26 Post by labbe5 »

http://murga-linux.com/puppy/viewtopic.php?t=112113

I introduce you to Quad9 via a previous post of mine. Control of your DNS settings is as important as control of your web traffic via VPN.

Unfortunaltely, not every network manager are as sophisticated as Network Manager used by Ubuntu and derivatives.
So you may need to alter resolv.conf manually. Since DNS settings found in resolv.conf are overwritten, don't even try changing values in it. Instead, create a new file called resolv.conf.head. Add nameserver 9.9.9.9 save and reboot. You will find your new values in resolv.conf permanently written.
How to create a file : geany /etc/resolv.conf.head.

You do not have to use Quad9. Instead you can use alternate public DNS. Think about which country has the best privacy law and use a public DNS from that country. Moreover, look in that country for an organization which defends people against mass surveillance and/or government surveillance by offering free access to their DNS servers and/or subscribe to their VPN services.

If you need to have access to content, then use a server in the country where the content is coming from : Netflix comes to mind, since it is geo-restricted. So use a US server.

A list of public DNS :
https://duckduckgo.com/html?q=blockaid+public+dns

Unless you are a caveman just out of his cave, you already know that the US is not a country to trust. Privacy is losing ground there by the day. VPNs could even be illegal if there is mass adoption of VPNs by US citizens. It is that bad.

Further reading :
Additionally, every Air server supports directly OpenVPN over SSH, OpenVPN over SSL and OpenVPN over Tor. This means that even the most brutal techniques of monitoring, censorship, throttling and traffic shaping will fail against AirVPN, because your ISP and your government will see only TCP or UDP traffic on a unique port.
Source : https://airvpn.org

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

How to accept DNS push on Linux systems with resolvconf

#27 Post by labbe5 »

This post describes how to accept OpenVPN servers DNS push on Linux, OpenBSD, FreeBSD and some other POSIX-compliant OS when:

resolvconf package OR openresolv package is installed
OpenVPN is run directly (i.e. NOT through any OpenVPN GUI/wrapper such as network-manager)
OpenVPN version is 2.1 or higher

Warning: the specified "update-resolv-conf" script path refers to many Linux distributions and OpenVPN package installation, but NOT to all of them. Please check the correct path of the mentioned file before proceeding (for example: it could be /usr/share/openvpn instead of /etc/openvpn). If the script is not on your system, you'll need to create it. See the typical script here: https://wiki.archlinux.org/index.php/OpenVPN#DNS

Important: in the same above linked page, note that if you have a system based on systemd you will need some important modifications.

Add to your OpenVPN configuration file(s), either in field "Custom Directives" of the Configuration Generator or by editing the configuration directly, the following lines:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


In this way update-resolv-conf will record the DNS push and through resolvconf or openresolv will modify the nameserver accordingly. When OpenVPN quits, update-resolv-conf restores the previous nameserver line(s).


https://airvpn.org/topic/9608-how-to-ac ... esolvconf/

Further reading :

Update resolv-conf script

The openvpn-update-resolv-conf script is available as an alternative to packaged scripts. It needs to be saved for example at /etc/openvpn/update-resolv-conf and made executable with chmod.

Once the script is installed add lines like the following into your OpenVPN client configuration file:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

Note: If manually placing the script on the filesystem, be sure to have openresolv installed.

Now, when you launch your OpenVPN connection, you should find that your resolv.conf file is updated accordingly, and also returns to normal when you close the connection.

Source : OpenVPN Archwiki
Last edited by labbe5 on Sun 11 Mar 2018, 15:40, edited 1 time in total.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

vpnfailsafe

#28 Post by labbe5 »

https://github.com/wknapik/vpnfailsafe to download script (zip).

vpnfailsafe ensures that all traffic to/from the internet goes through the VPN. It is meant to be executed by OpenVPN when the tunnel is established (--up), or torn down (--down).


Save vpnfailsafe.sh in /etc/openvpn, make it executable and add the following lines to /etc/openvpn/<your_provider>.conf:

script-security 2
up /etc/openvpn/vpnfailsafe.sh
down /etc/openvpn/vpnfailsafe.sh

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

KRACK Wi-Fi Vulnerability and VPNs

#29 Post by labbe5 »

https://www.addictivetips.com/vpn/krack ... rotection/

The KRACK vulnerability was unveiled to the public in October 2017, showing a surprisingly easy method hackers can employ to break into Wi-Fi connections without a password. This means any device using wireless internet is vulnerable to a new kind of attack–one that’s baked into Wi-Fi security itself!

KRACK weaknesses are in the Wi-Fi protocol itself, not the software or device you own. This means almost every piece of internet connected hardware can be affected by KRACK, including smartphones, gaming consoles, and streaming devices. KRACK is also effective against both WPA1 and WPA2 protocols, and changing your Wi-Fi password won’t offer any protection.

If your home computer or internet-enabled device has a slot for an Ethernet cable, use it! Most laptops and gaming consoles support both Wi-Fi and wired connections, which means you can bypass many KRACK vulnerabilities by simply plugging in a cord. Unfortunately, you’ll have to disable your router’s Wi-Fi broadcast to make sure a KRACK user can’t gain access, which can be a massive inconvenience.

What can i do?

Encrypt Data Before It Leaves Your Device

HTTPS Everywhere is a good first line of defense. The browser extension forces websites and your browser to use the HTTPS protocol, which encrypts sensitive information.

Other methods of encryption include setting up an SSH tunnel, running local encryption software, or creating your own virtual private network.

Common sense is the best protection against KRACK attacks, but you can also add a layer of security by encrypting data on your device before sending it through the internet. The easiest way to do this is to run a VPN every time you connect to a Wi-Fi hotspot, even at home. VPNs won’t singlehandedly defeat KRACK attacks, but they do provide added encryption any hacker would have to break before gaining access to your data.

External Threats a VPN Should Protect You From

Internet service providers (ISPs) – You pay them money; they give you access to the internet. The relationship should be as simple as that, but far too many ISPs have turned to underhanded methods to exploit their users. Speeds are routinely throttled, for example, and a great number of ISPs log and even sell user information to third parties, all without anyone’s permission. Any VPN solution you deploy should protect against these threats.

Mass surveillance – Governments engage in mass surveillance under the guise of protecting citizens from threats. Data leaks in recent years have shown many governments take the privilege too far, however, and are actively following innocent people, recording their activities, and sharing the information with other governments.

Hackers and bots – The classic image of a hacker stealing information from unsuspecting users isn’t too far from the truth. Both human hackers and automated bots can monitor connections and sniff out valuable data, things like bank account passwords and credit card numbers. Without the encryption power of a VPN, all they have to do is find the code and the info is as good as stolen.

Further reading :
https://www.addictivetips.com/vpn/hide- ... sh-tunnel/
How to Use Tor: A Guide to Getting Started
https://www.addictivetips.com/web/tor-browser-guide/

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Netflix and VPN detection

#30 Post by labbe5 »

https://www.addictivetips.com/vpn/ipvan ... g-netflix/

Recently, Netflix has started using VPN detection for its site. This works in a few different ways to detect whether you are using a VPN and to block your connection and show you the error message if you are. The first way that VPN detection works is by blocking off particular ranges of IP addresses which are known to be used by VPN services. The second is to block connections when hundreds of different users are on the same shared IP address, which is a pretty good indication that they are using a VPN. The third way VPN detection works is to compare the alleged origin of the data with the origin stated in the metadata, and to block connections where there is a mismatch.

For Linux :
ExpressVPN is one of the most popular VPNs among Netflix users thanks to its excellent reliability and good speeds. It has super fast connections which are ideal for streaming high definition video. And in addition, it has strong security with 256-bit encryption and a no logging policy.

NordVPN. With the necessary security features like strong 256-bit encryption and a no logging policy, it covers the basics. But in addition to this, there is an extra security feature available called double encryption. This encrypts your data twice over for the best possible security.

For Android :
VyprVPN. The security is excellent, with 256-bit encryption and a no logging policy. But there is also a unique feature called the Chameleon protocol which encrypts not only your data, but also your metadata.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Private Internet Access

#31 Post by labbe5 »

https://www.privateinternetaccess.com/b ... en-source/

Today marks the start of an exciting shift over here at Private Internet Access. As long-time supporters of the Free and Open Source Software community, we have started the process of open sourcing our software, and over the next six months we will be releasing the source code for all our client-side applications, as well as libraries and extensions.

Today, we are opening up the first of many repositories, the chrome extension, that allows users to access our network of proxies from their web browser. The chrome extension also boasts additional privacy and security features such as disabling the microphone and camera, blocking flash and ip discovery through WebRTC, and can also automatically block ads and tracking through PIA MACETM. Please note that the extension will protect traffic from the browser only and will NOT offer any protection when using other applications.

Try Windscribe if you are looking for a browser addon to browse the Web securely (but the extension will protect traffic from the browser only and will NOT offer any protection when using other applications). You have 10GB for free, each month, enough for browsing and download some stuff.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

VPN Kill Switch For Linux Using Easy Firewall Rules

#32 Post by labbe5 »

https://thetinhat.com/tutorials/misc/li ... ewall.html

After you’ve ensured that your VPN is using tun0, disconnect from it, and copy and paste this into your favourite text editor, before saving it as your filename of choice (such as firewall.sh) in your home folder:

#!/bin/bash

sudo ufw reset
sudo ufw default deny incoming
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable

What this script does is reset all your ufw firewall rules, and then change them to only allow traffic to go in or out on tun0.

Doing the same, but with Gufw (Gui for Ufw) :
https://ubuntuforums.org/showthread.php?t=1496473
https://airvpn.org/topic/14378-how-can- ... addresses/

https://torrentfreak.com/how-to-make-vp ... re-120419/

AirVPN has Network Lock (Multi-platform GUI called Eddie)
Last edited by labbe5 on Fri 23 Mar 2018, 01:28, edited 2 times in total.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

VPNDemon

#33 Post by labbe5 »

https://github.com/primaryobjects/vpndemon

VPNDemon monitors your VPN connection and kills a target program upon disconnect. It's the safest and easiest way to help prevent DNS leaks and enhance your security while connected over a VPN.

Use save link as vpndemon.sh to download script.

VPNDemon should be compatible with any linux system that uses NetworkManager for VPN connections.

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

Vuze and I2P

#34 Post by labbe5 »

https://thetinhat.com/tutorials/darknet ... -free.html

The most popular method to achieve privacy while torrenting is to use a VPN.
Assuming that the VPN company doesn’t log who is using the VPN server (a big assumption), there’s no way for the average actor to tell where the traffic came from behind the VPN.

I2P is an online anonymity network that leverages the wonders of cryptography to provide strong privacy. Indeed, if a VPN provides privacy by policy, then I2P provides privacy by design. While it operates much slower than a VPN, it is also much more private and secure, and is completely free.

I2P works by encrypting your connection and routing it through not just one server, but several servers in such a fashion that by the time your traffic reaches its destination it is nearly impossible to determine where it originated from. This is similar to Tor, but with a notable difference being that the Tor network is not designed to handle heavy traffic (i.e. torrenting), whereas I2P proudly encourages it.

I2PHelper plugin and Vuze

there are a few options available for torrenting on I2P, with the strongest being through Vuze, a torrent client with an optional I2P plugin called I2PHelper. I2PHelper has a built-in I2P client, meaning that you don’t need to bother with the rather clunky I2P interface.

For a step-by-step installation of I2PHelper, click the link above.

Do know that initially any torrents that you download will be painfully slow, but over time as your computer becomes better known on the network your connection will become faster until it is no longer painfully slow, just slow.

Postman and I2P torrents

...the main downside to torrenting with I2P is torrent availability. Indeed, you can’t just download any torrent through I2P. Instead, you must find torrents that are already being shared by other I2P users.

First, you could head over to my I2P introduction tutorial and learn how to navigate to hidden services (websites not available on the regular internet) on I2P, where you will find a torrent tracker called Postman. Any torrent you find on Postman will work reliably with I2P, but the only downside is that the selection isn’t as large as what is available on the clearnet.

Mixing clearnet and darknet

Vuze’s I2PHelper allows users to torrent both on I2P and the clearnet in parallel, a feature it calls network mixing. This means that if you download an Ubuntu torrent, for example, it will download and share Ubuntu through the regular internet, but it will also go onto I2P and download and share it

Further reading :
https://geti2p.net/en/download/debian

labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

ProtonVPN

#35 Post by labbe5 »

https://thebestvpn.com/reviews/protonvpn/


I have been using ProtonVPN for more than a year now, free plan, with OpenVPN and a configuration file. Speed is excellent.

The free plan is for one device only.

I think the reviewer is wrong saying it is a so-so VPN provider. They score very high in my opinion.

Look for other reviews.

Further reading :
https://hack2www.blogspot.com/search/label/VPNs
Free tip :
When purchasing a VPN, you DO NOT want the account you have purchased being traced back to you, so you will have to purchase with a pre-paid VISA Gift Card. NEVER buy a VPN or any service for that matter with your personal bank account debit card or personal credit card. You doing so can lead to an easily traceable footprint.

Post Reply