Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 24 Apr 2019, 21:48
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
VPN Comparison Chart & How to choose the best VPN
Post new topic   Reply to topic View previous topic :: View next topic
Page 13 of 13 [195 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Thu 07 Feb 2019, 18:13    Post subject: How to use Psip in a Virtual Private Network
Subject description: Psip AKA PuppyPhone
 

Written by smokey01

If you like to make yourself public/available to talk to anyone who is willing to call you then this is not for you.

If however, you like your privacy and only wish to speak to a select few people, then keep reading.

All you need is Psip, preferably version 1.42 and edge/n2n-edge. You will also need access to a supernode.

Last month I showed you how to compile edge and you can get the latest version of Psip here. If it's not available for your distro let me know and I will attempt to make you a package.

To create a VPN with edge all parties need to connect to the same supernode with the appropriate credentials.

Create the script below and make it executable.

#!/bin/sh
modprobe tun
urxvt -title "Psip-Tunnel" -g 108x20+0+0 -e n2n-edge -d psip-tunnel -M 1000 -a 101.101.101.1 -c community-name -k encrypted-password -l bytemark.leggewie.org:1234 & echo $! > /tmp/edgepid
nice -n -10 /usr/bin/psip --config-file /root/.psip.conf --log-file /root/psip-activity.log --expand-buddies
read edgepid < /tmp/edgepid
kill $edgepid

I will explain what happens when you run the script line by line, command by command.

Line 1. modeprobe tun loads the tunnel driver. It may already be loaded but loading it again doesn't matter. Not having it loaded does matter.
Line 2 part 1. urxvt -title "Psip-Tunnel" -g 108x20+0+0 opens a terminal with a title of "Psip-Tunnel with dimensions 108 wide x 20 high.
Line 2 part 2. -e n2n-edge -d psip-tunnel -M 1000 loads edge/n2n-edge with a tunnel name of psip-tunnel using 1000 MTU.
Line 2 part 3. -a 101.101.101.1 sets your ip address to 101.101.101.1. You can choose your own IP address. I strongly advise you do.
Line 2 part 4. -c community-name -k encrypted-password sets your community name and encrypted password. You should change this also.
Line 2 part 5. -l bytemark.leggewie.org:1234 this is the address of the supernode. This can be changed if you have another supernode to use.
Line 2 part 6. & echo $! > /tmp/edgepid This echoes the process ID number so the tunnel can be killed later.
Line 3 part 1. nice -n -10 /usr/bin/psip nice gives psip some additional priority against other running apps and loads psip.
Line 3 part 2. --config-file /root/.psip.conf loads a particular config file. This switch means you can have more than one.
Line 3 part 3. --log-file /root/psip-activity.log creates a log file at the specified location. Again you can have multiple logs with different names and locations.
Line 3 part 4. --expand-buddies this will expand your buddies list so you don't have to do it manually.
Line 4. read edgepid < /tmp/edgepid this will read the edgepid number created at line 2 part 6.
Line 5. kill $edgepid this will kill the tunnel/VPN and disconnect you from the supernode.

Phew, that was a lot to take in but hopefully it will give you some clarity.

When you run the script a terminal will open and Psip will also start. We could have the terminal hidden but it does provide some useful information for trouble shooting.
If it's in the way just minimize it, don't close it or you will lose your connection to the supernode and other buddies.

When Psip is up you need to do a couple of things.

Create some buddies. It's always a good idea to include yourself. If you are green then you know you are connected to the supernode. Click the Add button.



Probably use your own name rather than Me.

Notice the sip: in front of 101.101.101.1. It's important and must be included. Each buddy must have a unique address in this range.
EG: George may be sip:101.101.101.2, jim sip:101.101.101.3 etc.
You can have multiple Categories. The same people can be in different Categories if you wish but with different IP's but within the 101.101.101.1-255 range.

The next step is to click on the Setup Button, top left. Then the Network button.

Make it look like this:



If you run the script with a different IP address then the Public IP address in Psip needs to be the same.

Psip should run in the VPN/Tunnel using the script provided. The problem is someone else might be using it at the same time.
It's always a good idea to use your own credentials, this maintains your privacy and prevents IP clobbering.
Make sure all your friends use the exact same credentials except for the unique IP address.

Go on, give it a try, I know you want to.

http://smokey01.com/newsletters/2019/January/0025-PuppyLinuxNewsletter-January2019.html
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Sat 09 Feb 2019, 17:29    Post subject: WireGuard
Subject description: fully automated
 

WireGuard is an extremely fast, secure and simple protocol relative to OpenVPN, the default that we use in our current apps. Its simplicity and size ensure a much smaller attack surface relative to other protocols (roughly 1% of OpenVPN).

This simplicity of WireGuard requires that certain functions are left out of the protocol and up to the user to implement, such as key and IP address management.

Current VPN services offering WireGuard require that the user manually generate the keys and upload them to specific servers through the control panel on their website.

To continue demonstrating our expertise we set the bar high and have built a fully automated solution that securely generates keys within the client, uploads them to an IVPN server which then distributes them to all VPN gateways in our infrastructure within seconds. Using WireGuard on the client couldn’t be easier, the user simply has to select it and will be able to connect immediately.

As part of our initiative to become increasingly open and to advance the industry we plan to open-source the code that manages all this complexity. Our hope is that VPN providers integrate this code into their infrastructure and continually improve it for the benefit of all.
https://www.ivpn.net/blog/introducing-wireguard-fully-automated

Further reading :
Linux WireGuard Setup Guide
https://www.ivpn.net/setup/gnu-linux-wireguard.html

Last edited by labbe5 on Sat 09 Feb 2019, 18:02; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Sat 09 Feb 2019, 17:47    Post subject: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor
Subject description: Part 1 to Part 8
 

Introduction

If you’re here, you may be using (or considering) a VPN service to provide online privacy and anonymity, and perhaps to circumvent Internet censorship. This series of guides goes far beyond that. It explains how to obtain vastly greater freedom, privacy and anonymity through compartmentalization (aka compartmentation) and isolation, by using multiple virtual machines (VMs) with Internet access through nested chains of VPNs and Tor.

These are advanced guides, and the full setup will require at least a few days of focused work.

If you just want to circumvent Internet censorship and data retention by your ISP, you don’t need more than a good VPN service (unless consequences of getting caught are serious). If you just want to circumvent commercial tracking and behavioral marketing, you don’t need the full setup described here. However, if you want better privacy and anonymity than browser extensions can provide, you might consider a basic setup (covered in Part 2) to compartmentalize your activities using VMs and VPN services.

Conversely, if you’re a political dissident who might suffer serious consequences if compromised, using the full setup (covered in Parts 3-Cool would be prudent. The approaches described there would probably protect against non-targeted surveillance by national-scale government agencies. For such agencies with limited resources, they might even protect against targeted surveillance.

Although it appears that global-scale intelligence agencies intercept virtually all Internet traffic, the approaches described here might protect against routine non-targeted surveillance, given the need to correlate traffic through multiple VPN tunnels and Tor. While there’s no way to be sure of that, it’s clear that nothing less would suffice.

However, it’s unlikely that even the full setup described here would protect against directed surveillance by global-scale intelligence agencies. That would require far more resources and expertise than most nations (let alone individuals) possess.

https://www.ivpn.net/privacy-guides

Further reading :
How does AES encryption work?
https://www.bestvpn.com/guides/aes-encryption/

Last edited by labbe5 on Tue 12 Feb 2019, 08:31; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Sat 09 Feb 2019, 18:00    Post subject: Online Privacy Through OPSEC and Compartmentalization
Subject description: Part 1 to Part 4
 

Pseudonymity alone is a fragile defense. Once one has been de-anonymized in any context, everything is de-anonymized, because it’s all tied together. There is no forward security. Far more robust is to fragment and compartmentalize one’s online activity across multiple unlinked personas. With effective compartmentalization, damage is isolated and limited. And overall, it’s essential to implement and practice strong Operations Security (OPSEC). But first, before getting into specifics, it’s instructive to consider some examples, showing how easily and spectacularly online anonymity can fail.
https://www.ivpn.net/privacy-guides
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Tue 12 Feb 2019, 08:12    Post subject: FlashRouters Privacy App  

FlashRouters is a US-based company that has carved out a unique niche for itself.

It has now developed its own DD-WRT app which works as an add-on to the DD-WRT firmware. The app allows you to switch easily between a number of popular VPN services, plus adds some very useful VPN-related features.


Routers from FlashRouters are always successfully pre-flashed, and replace the voided manufacturer's warranty with one from FlashRouters (1 year, extendable up to two years for an additional cost).

Alternatively, the app can be manually installed for free onto a wide range of DD-WRT routers. NordVPN currently has the best instructions for doing this on its website.

NordVPN instructions : https://nordvpn.com/tutorials/dd-wrt/flashrouters-privacy-app/

FlashRouters Privacy App Review
https://www.bestvpn.com/guides/flashrouters-app-review/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Tue 12 Feb 2019, 08:24    Post subject: AirVPN
Subject description: AirVPN won the best VPN for Privacy award
 

Keep reading this review to find out why AirVPN was crowned Best VPN for Privacy for the second year running!

AirVPN is an Italian VPN provider, which proudly boasts how it was setup by “hacktivists and activists” pays an almost unrivaled concern to maintaining users’ privacy. I will start this review by noting that after using it as my personal VPN service for around two years, I am a bigger fan than ever of AirVPN. It also employs excellent encryption and security measures, and offers fantastic privacy enhancing features (such as VPN over SSL and VPN through Tor). In my experience, AirVPN is also almost certainly the fastest and most stable VPN service I have ever used.

https://www.bestvpn.com/review/airvpn/

AirVPN is an Italian VPN provider, which proudly boasts how it was setup by “hacktivists and activists” pays an almost unrivaled concern to maintaining users’ privacy.

Further reading :
Top Ten Privacy Tips
https://www.bestvpn.com/privacy-news/Data-privacy-day/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Fri 22 Mar 2019, 06:27    Post subject: The UK Porn Pass Law  

This April, the UK will finally roll out its much-debated porn pass system. The new age-verification system will force all British residents to prove they are over the age of 18, before accessing online pornography including RedTube, PornHub and a whole host of other adult sites.

You'd think that before rolling out a system like this, the UK government might check whether it would even work?

The problem is, The UK is the only place that has decided to impose the porn pass system. As a result, anybody will easily be able to use a Virtual Private Network (VPN) to pretend to be outside of the UK - in the Netherlands, or France, for example. This will allow them to access porn without registering for a porn pass.


Whatever you choose to watch online, when it comes to online privacy, three really is a crowd. Although the porn pass is the brainchild of the UK Government, its implementation will actually be carried out by independent third parties - such as the firm MindGeek.

MindGeek is a completely independent third party with no official ties to the government. This is worrying because it means that UK citizens are registering as porn users with independent private firms.

Even more concerning, is the fact that MindGeek is the owner of the world's largest pornography websites, including PornHub, YouPorn, and RedTube.

MindGeek is also allegedly in talks to sell its AgeID system to other third parties, meaning that other undesirable firms could end up holding people’s IDs.


And it's a massive hack risk.
https://www.bestvpn.com/privacy-news/5-reasons-uk-porn-pass-terrible/

Further reading :
https://torrentfreak.com/uk-porn-filters-could-mean-sweaty-palms-for-piracy-blockers-190418/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Torrentfreak+%28Torrentfreak%29

Last edited by labbe5 on Thu 18 Apr 2019, 17:38; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Fri 22 Mar 2019, 06:46    Post subject: IVPN no-logging claim verified by independent audit  

https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-independent-audit

From the start of IVPN, almost 10 years ago, we engineered our systems to not log any data that could be tied to an individual user account. Until now our customers had no way to verify this but today we’re proud to announce the results of an independent audit conducted by Cure53.

Cure53 was able to identify only one issue which they classified as ‘low’ impact and which they said “does not negatively impact this conclusion”. The issue was that our DNS servers temporarily cache their responses to improve performance however none of this data is related to a customer IP address or user account in any way and is only stored temporarily until the cache timeout. This means that if an adversary had access to a DNS server they could see what domains had been recently resolved but not which customer IP had sent the request. Regardless we decided to disable the caching so this issue has been fully mitigated.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Thu 28 Mar 2019, 17:29    Post subject: Russia Orders Major VPN Providers to Block Banned Sites  

Ten major VPN providers have been ordered by Russian authorities to begin blocking sites present in the country's national blacklist. NordVPN, ExpressVPN, IPVanish and HideMyAss are among those affected. TorGuard also received a notification and has pulled its services out of Russia with immediate effect.

Many kinds of sites, from alleged pirate platforms to sites hosting extremist content, have all been affected.

Local ISPs are required by law to block their domains, rendering them inaccessible. However, plenty of circumvention options are available, something the government is trying to address.

During July 2017, President Vladimir Putin signed a bill into law aiming to close this loophole. The plan was to prevent citizens from accessing banned sites using VPNs, proxies, Tor, and other anonymizing services.

https://torrentfreak.com/russia-orders-major-vpn-providers-to-block-banned-sites-or-face-blocking-themselves-190328/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Torrentfreak+%28Torrentfreak%29
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Mon 01 Apr 2019, 17:59    Post subject: Cloudflare announces Warp VPN service  

https://www.ghacks.net/2019/04/01/cloudflare-announces-warp-vpn-service/

Warp's strengths are that it is backed by a company that operates one of the largest networks on the planet, and that it will become a part of the 1.1.1.1 on mobile for ease of use. Users don't have to sign up for it if they use the free version similarly to how Opera's browser VPN works. The difference is that Warp works globally while Opera's solution only in the browser.

Desktop applications will be released at a later point in time. Warp won't convince users that distrust Cloudflare, but the success of the 1.1.1.1 application has shown that there is a huge market out there for such a product.


Further reading :
https://www.eweek.com/security/cloudflare-1.1.1.1-with-warp-accelerates-internet-privacy
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Wed 17 Apr 2019, 05:31    Post subject: How to Set up a VPN for Smart TV  

https://www.bestvpn.com/guides/install-vpn-on-smart-tv/

It is not always possible to install VPN software directly onto a Smart TV. However, if your Smart TV can access the Google Play Store (Android Smart TVs can) you can install the VPN app (for your provider) directly onto your smart TV. This is the best way to connect your smart TV, so use this method if you can. Please remember that not every Smart TV can do this, so you will need to check with your manufacturer.

Most Smart TV owners choose to connect their TV to their computer via an ethernet cable. This allows them to share their PC's internet connection (more on this later). This is an effective way of using a VPN to unblock restricted content on a Smart TV. Any Smart TV that does not allow Apps to be installed directly will need to use this method (or a VPN router).

VPN Router Method

Some people prefer to use a VPN that is installed on a flashed router. This means that all the devices in their home - including their Smart TV - are assisted by the VPN connection. This is an extremely easy method of connecting a Smart TV to a VPN service (and all the other devices in your home).

While it is true that you can flash a router yourself (if it is compatible), this is usually only undertaken by people who are pretty techy. This is because flashing a router with DD-WRT firmware (or any other third party router firmware) can "brick" the device (lock it up making it unusable).


Where to find flashed routers

https://www.flashrouters.com/#a_aid=2378876&data1=smarttv_p..intext_l.en_pid.8048_uid.227276d8-f078-445d-89bc-43f146d5e284
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Thu 18 Apr 2019, 07:36    Post subject: KeepSolid Wise
Subject description: a smart solution to get total online freedom
 

https://www.vpnunlimitedapp.com/blog/keepsolid-wise-a-smart-solution-to-get-total-online-freedom/

KeepSolid team has developed a remarkable new headway technology, KeepSolid Wise. This is a great progress in the fight against the Firewall issue that users encounter all over the world, including the growing concern about the fact that VPN protocols are being inspected and blocked by governments, corporations and ISPs via deep packet inspection (DPI).

Our security approach masks the VPN traffic, and allows you to stealthily slip by the firewall, protecting your VPN connection from being detected and throttled. Now you can experience a truly open and uncensored internet, even if standard VPN protocols are getting blocked.


KeepSolid VPN Lite (free of charge and limited to one VPN server) for casual users :
https://vpnlite.net/

For Linux users (desktop apps) :
https://www.vpnunlimitedapp.com/en/downloads/linux

About installation, update and removal :
https://www.vpnunlimitedapp.com/en/info/manuals/linux

Further reading :
https://darkwebnews.com/anonymity/russia-seek-access-to-vpn-servers-to-increase-censorship/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Thu 18 Apr 2019, 17:52    Post subject: VPNSecure: Lifetime Subscription
Subject description: 92% off
 

https://deals.ghacks.net/sales/vpnsecure-lifetime-subscription-2

Ending In: 6 days
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Yesterday, at 16:49    Post subject: That One Privacy Site
Subject description: VPN Section
 

Welcome to the VPN Section! This section is meant to be a resource to those who value their privacy, specifically those looking for information on VPNs (that isn’t disguised advertising). When I started down the path of retaking my own privacy, there was very little unbiased and reliable information with regard to VPNs.

I started researching data about VPN services for my own knowledge, then posted the information online in the hopes the Internet might find my work useful for themselves. Through the positive feedback and assistance those in the community offered, I’ve been able to take this step into compiling all of my related work in one location and moving away from the Google Spreadsheet that it was originally created on.

If you have any questions, please feel free to contact me!

–That One Privacy Guy


https://thatoneprivacysite.net/vpn-section/

VPN Comparison Chart :
https://thatoneprivacysite.net/simple-vpn-comparison-chart/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1685
Location: Canada

PostPosted: Today, at 20:26    Post subject: Outline
Subject description: Alphabet’s cybersecurity division designed the product for ease of use and maximum data security
 

https://blog.digitalocean.com/digitalocean-outline-jigsaw-vpn/
Outline is specifically designed to be resistant to censorship. Because of the protocols used, Outline is harder to detect as a VPN, and therefore is less likely to be blocked by countries who take measure to block the flow of content out of their country.

With Outline, said Keyserling, each account uses its own DigitalOcean servers, so you get complete control over your data. In addition, Jigsaw brings that power into the hands of anyone with a phone. Now users can create their own personal VPN to their own personal server, said Keyserling: “It is super simple and very affordable. They don’t need to trust a third-party VPN company.”

Outline is insanely easy to spin up, which is a critical part of the design. And because ease of use was the most important feature, DigitalOcean was the obvious choice when Jigsaw started looking for partners.

While you can build an Outline VPN on a different server, the UI was designed to work with DigitalOcean. “DigitalOcean is the default and what we recommend,” said Keyserling, “because the UI we built with DigitalOcean is nicer, slicker than the rest, and a little bit easier for our users.”


Users can create their own private VPN in three easy, self-explanatory steps following the prompts at GetOutline.org. Sign up, pick a server location, and add users and boom! You have your own secure VPN feeding into your own server in five to seven minutes. If you can create an email account, you can set up an Outline VPN.
https://getoutline.org/en/home

That five-minute magic is hiding a lot of complexity.

Once the user chooses a server location, Outline spins up a DigitalOcean server on Ubuntu, installs Docker, and imports an image that has the actual server itself. Then it installs a component of Watchtower, which makes sure that the server is always up to date so the user doesn’t have to worry about installing a steady stream of security updates.

Outline relies on the Shadowsocks protocol, which is an open-source project to create an encrypted socks5 proxy to redirect internet traffic.

By contrast, a socks5 proxy looks like normal internet traffic. What this means is that your new Outline VPN doesn’t look like a VPN, so your data doesn’t get flagged or monitored by countries that regulate data in and out of their borders. Which is crazy helpful to journalists and activists who are working in dangerous parts of the world.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 13 of 13 [195 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0710s ][ Queries: 12 (0.0117s) ][ GZIP on ]