(OLD) (ARCHIVED) Puppy Linux Discussion Forum Forum Index (OLD) (ARCHIVED) Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info

This forum can also be accessed as http://oldforum.puppylinux.com
It is now read-only and serves only as archives.

Please register over the NEW forum
and continue your work there. Thank you.

 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups    
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 04 Dec 2020, 01:46
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
VPN Comparison Chart & How to choose the best VPN
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
Page 17 of 20 [292 Posts]   Goto page: Previous 1, 2, 3, ..., 15, 16, 17, 18, 19, 20 Next
Author Message

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Tue 03 Sep 2019, 09:17    Post subject: VPN Killswitch on Linux Desktop  


A killswitch prevents your VPN from connecting to clearnet when disconnecting.
If you use riseup-vpn, a free and anonymous VPN, which has not a killswitch, vpn-killswitch.deb can be used. Other VPNs similarly without a killswitch is a candidate for this app.

The killswitch overrides the launch of the torrent application and launches it as a subclient, so it can monitor the presence of the VPN tunnel. The killswitch is able to bind to it, without modifying the torrent app core. (Removal of the .desktop launcher the killswitch modified will restore your original setup.)

(The desktop launcher version) also prevents the torrent application from even being launched if the VPN is not on.

The GUI/graphical user interface version will automatically detect and configure your torrent application to work with the killswitch.

wget https://github.com/angela-d/vpn-killswitch/blob/master/vpn-killswitch.deb?raw=true -O vpn-killswitch.deb

To run:

Desktop/GUI: Search for VPN Killswitch on your system to launch the config interface (only needs to be ran once, for initial config, then launch your torrent app as normal).
CLI (long way): cd ~/vpn-killswitch/debian/source && ./vpn-check
CLI (short way) Make a symbolic link so you can run vpn-check from anywhere, without needing to call the full file path or cd into a directory:

ln -s ~/vpn-killswitch/debian/source/vpn-check /usr/local/bin/vpn-check

Further reading :
ANT Downloader
A lightweight, feature-rich, easy-to-use and nice-looking BitTorrent Client developed by golang, angular 7, and electron.
AppImage :

Rats on The Boat
BitTorrent P2P multi-platform search engine for Desktop and Web servers with integrated torrent client.
AppImage :

Free (And Legal) Movie Download Sites

Streaming file transfer over WebTorrent (torrents on the web)

A full-featured download manager
Supports BitTorrent & Magnet
wget https://dl.motrix.app/release/Motrix-1.4.1-x86_64.AppImage

How to create a private torrent using qBittorrent

Easy Info Hash to Torrent Magnet Converters

Last edited by labbe5 on Thu 03 Oct 2019, 16:03; edited 5 times in total
Back to top
View user's profile Send private message 

Joined: 21 Sep 2010
Posts: 1767
Location: Drøbak, Norway

PostPosted: Tue 03 Sep 2019, 15:25    Post subject:  

Hi labbe5, I have a thread about How to make NordVPN to work with Puppy, and I have also sent you a pm. I would be grateful for your comments.
True freedom is a live Puppy on a multisession CD/DVD.
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 04 Sep 2019, 19:36    Post subject: VPN Providers That Support WireGuard In 2019  


This is a short list of VPN provider that currently support WireGuard:

VPN.AC: One of my recommended providers — will start supporting Wireguard in beta this month (February 2019)
Mullvad: A good provider that supports WireGuard — including support via their iOS app
IVPN: Reportedly supports Wireguard
AzireVPN: This service supports Wireguard
WireVPN: Currently supports Android with its own native app and also Windows, MacOS, Linux in Desktops via configuration files.
Private Internet Access: Helped to fund WireGuard development — support is coming soon.

Further reading :
New WireGuard Snapshot Offers Better Compatibility With Distributions/Kernels
Hopefully WireGuard can be revved soon for another round of kernel review so ideally it could aim for inclusion in the Linux 5.5 kernel. If WireGuard could get into Linux 5.5 at long last, it would open the door for WireGuard support in the likes of Ubuntu 20.04 LTS

Last edited by labbe5 on Mon 16 Sep 2019, 14:46; edited 1 time in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 11 Sep 2019, 07:35    Post subject: Firefox Private Network
Subject description: proxy server provided by Cloudflare

This extension is currently available to US desktop users only. Try it free during our beta trial.

Private Network encrypts the web addresses you visit and the data you send to websites. This helps keep passwords, emails, and credit card numbers safe from hackers.

Get started by adding the Private Network extension to Firefox for desktop and sign in with your Firefox account.

The Firefox Private Network proxy server is provided by our partner Cloudflare. Their strong privacy controls limit what data they collect and how long they keep it.

The protection is limited to your browser. It is a proxy, not to be confused with a VPN.

Further reading :
Mozilla pilots its VPN service for Firefox desktop users in the US

Google Unlocked
Google Unlocked is an open source browser extension, which unlocks hidden google search results.
The extension scans hidden search results that were censored by Google due to complaints. The tool scans those complaints and extracts the links, returning them back to the search results, all in a matter of seconds.

U.S. Lawmakers Push To Criminalize Streaming
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 18 Sep 2019, 08:00    Post subject: Creating a secure distro from a minimal install
Subject description: adding VPN, SSH, Firejail, browser and some addons

To create a secure distro from a minimal installation, i use Vuu-do.

Vuu-do does not have ssh, a firewall, apparmor and no browser included. It is based on Devuan Jessie.

I upgraded Vuu-do to Devuan Ascii. Feel free to upgrade it to Devuan Beowulf, even Ceres.

I want to use a VPN, so i install SSH from Ascii repositories. Easy peasy.

I launch my VPN as root, activating killswitch. You do not want your VPN to switch to clearnet, even if it is very stable.

Now, i want apparmor to be installed. If you are using Debian 10 "Buster" or newer, AppArmor is enabled by default.
apparmor apparmor-utils, apparmor-profiles apparmor-profiles-extra are what you need. Some extra packages are installed as dependencies.

Enable the AppArmor Linux Security Modules :
$ sudo mkdir -p /etc/default/grub.d

$ echo 'GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=1 security=apparmor"' \
| sudo tee /etc/default/grub.d/apparmor.cfg

$ sudo update-grub

$ sudo reboot

After reboot, Inspect the current state;

$ sudo aa-status

It will list all loaded AppArmor profiles for applications and processes and detail their status (enforced, complain, unconfined).

$ ps auxZ | grep -v '^unconfined'

It will list running executables which are currently confined by an AppArmor profile.

I prefer apparmor profiles in enforce mode : sudo aa-enforce /etc/apparmor.d/*


You are now protected by a VPN, and by apparmor profiles in enforce mode.

What next?

I install a firewall : ufw
$ sudo apt install ufw. Then i enable it : $sudo ufw enable. If you do not have specific needs, default configuration should be good enough.

Now i want to use Firefox with Firejail. Download here :

I prefer using latest firejail to get latest profiles. Also an older version of firejail from repositories may break Firefox.

What is Firejail? An easy to use SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities.

Now i install Firefox-esr.

Then i use Firejail with Firefox :
A user-friendly use is : firejail firefox (accessing only download folder, and keeping addons)
For banking : $firejail --private --caps.drop=all firefox -no-remote
Why -no-remote? I do not use any addon for banking, adding extra layer of security. And why --private? Firejail also includes a one time private mode, in which no mounts are made in the chroots to your home directory. In doing this, you can execute applications without performing any changes to disk.

Other applications can be used with Firejail. Default profile is applied if there is no specific profile for your application.

What addons to use for privacy and security with Firefox-esr? Just a few :
uBlock Origin (advanced mode) No need to use NoScript if using uBlock (advanced mode)
HTTPS Everywhere
CSS Exfil Protection

Never Remember History
Never accept third-party cookies
Use tracking protection : always

DuckDuckGo as search engine. Also recommended : Startpage, Qwant, Searx.

Now you have got a secure distro based on a minimal install of Vuu-do. Half hour of work.

You could have choosen Devuandog as your minimal install and make it a more secure distro or use EasyOS Buster featuring containers.

Here is a quote from the Apparmor wiki:

AppArmor is an effective and easy-to-use Linux application security system. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing even unknown application flaws from being exploited. AppArmor security policies completely define what system resources individual applications can access, and with what privileges. A number of default policies are included with AppArmor, and using a combination of advanced static analysis and learning-based tools, AppArmor policies for even very complex applications can be deployed successfully in a matter of hours.

Using firewall rules as a killswitch
Some VPN clients have no proper killswitch, but use firewall rules to act as one.
If you followed instructions to use NetworkManager as a way to manage ovpn files, make sure you have ufw installed. We will use some firewall rules to act as a killswitch.

Tutorial here :

After you’ve ensured that your VPN is using tun0, disconnect from it, and copy and paste this into your favourite text editor, before saving it as your filename of choice (such as firewall.sh) in your home folder:

sudo ufw reset
sudo ufw default deny incoming
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable

What this script does is reset all your ufw firewall rules, and then change them to only allow traffic to go in or out on tun0. Of course, you’ll eventually need to undo this. For that, you’ll want to copy and paste the following into a text editor as well, and save it in your home folder (I called mine unfirewall.sh):

sudo ufw reset
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw enable

This script once again resets your ufw firewall rules, and then sets them to a regular sane default (allow outgoing, but deny uninvited incoming traffic).

Now we need to make these two scripts executable. To do this, we will type the following into our terminal (assuming you have named your scripts the same as I have):
sudo chmod +x firewall.sh unfirewall.sh

To actually operate these, all you’ll need to do is connect to your VPN, and then execute the first script by typing into your terminal:

Once you’ve done this, no traffic will be allowed to enter or leave your computer that isn’t through the VPN interface. I recommend testing it though to make sure everything is set up correctly by disconnecting your VPN. If your internet doesn’t work, that’s a good sign.
Whenever you’re done with your VPN and want to be able to connect back to the regular internet, just execute the second script by typing into your terminal:

Further reading :
How To Check Open Ports In Linux

Last edited by labbe5 on Thu 10 Oct 2019, 08:13; edited 9 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 18 Sep 2019, 12:38    Post subject: VPNs and Net Neutrality
Subject description: Can a VPN safeguard net neutrality?


Tiered Internet packages are a dire threat to online freedom, and many netizens are searching for their own solutions. Can a VPN safeguard net neutrality?

Simple answer : No.

How effective VPNs will be without net neutrality remains to be seen. It all depends on which control methods ISPs deploy and how they put them into practice. The sad truth is that for every censorship-breaking method VPNs use, ISPs have ways of fighting back.

In addition to issues VPNs can’t affect, ISPs can also deploy specific measures to stop people from using VPNs. Encrypted traffic is usually sent through a different port, for example. If an ISP blocks that port, none of your data can get through. ISPs can also block VPN IP addresses or quietly throttle the connections to discourage anonymous use.

In an ideal world, we’d never have to use a VPN for any reason. Hackers wouldn’t exist, government agencies wouldn’t spy on people, and ISPs would provide fast service to everyone without begging for more money. Since we don’t quite live in a utopia, however, we need to do all we can to save net neutrality.

Further reading :
Restoring Net Neutrality with the Decentralized Web
How the world’s top websites track your online behavior
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Fri 20 Sep 2019, 14:33    Post subject: VPNs & Play Store  


VPN apps with 500M+ installs caught serving disruptive ads to Android users
The apps in question are Hotspot VPN, Free VPN Master, Secure VPN, and Security Master by Cheetah Mobile. It’s notable that all these apps originate from Hong Kong and China, where citizens have typically relied on VPNs to get around the Great Firewall.

This is not the first time the Google has struggled to curb the spread of harmful apps on its official mobile software distribution platform.
In August, Lukas Stefanko, an ESET security researcher, compiled a list of 204 apps on Google Play that had over 438 million installs and were found to engage in ad fraud, adware, and serve other kinds of malware. And this was just for last month.

The fact that a legitimate app store like Google Play repeatedly harbors malicious apps is a cause of concern. Android users are often advised not to download apps from third-party sources to avoid malware. Unfortunately, it seems sticking to the Play store isn’t always safe either.
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Fri 20 Sep 2019, 14:47    Post subject: Trust DNS
Subject description: A free tool that helps you bypass censorship, access blocked websites, & browse privately


Trust DNS - increase privacy without VPN or proxy

Trust DNS is a simple, secure, & fast DNS resolver that uses a VPN tunnel to change your DNS.

We recommend to use DNS over HTTPS as the primary protocol. Here’s why: DNS requests are sent over HTTPS & cannot be distinguished from normal HTTPS traffic.
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Fri 20 Sep 2019, 20:35    Post subject: Swiss Copyright Law
Subject description: Downloading Stays Legal

Swiss Copyright Law: Downloading Stays Legal, No Site Blocking

A major complaint is that the country’s private copying exception shouldn’t apply to content obtained from illegal sources, i.e pirate copies of movies circulating on peer-to-peer networks such as BitTorrent. The USTR also had issues with the current liability framework for sites and hosting services that facilitate and profit from piracy.

First up, regular citizens who download copyrighted content from illegal sources will not be criminalized. This means that those who obtain copies of the latest movies from the Internet, for example, will be able to continue doing so without fear of reprisals. Uploading has always been outlawed and that aspect has not changed.

Second, the drive to have pirate site-blocking introduced into Swiss law has been rejected. Unlike elsewhere in Europe, where the practice is widespread and supported by EU law, ISPs will not be required to block ‘pirate’ platforms as some copyright holders had demanded.

So small a country, so fearless

Further reading :
Flixtor. A Review
The content offered by Flixtor is in clear violation of every copyright law ever written. In most countries, however, it is not illegal to simply watch (stream) infringing content.
It is usually illegal to download content. In theory, a case could be made that buffering data preloaded to memory while streaming counts as downloading rather than simply streaming. No attempt has yet been made to test this notion in court.

Flixtor Alternatives
Best Plex Alternatives

Last edited by labbe5 on Mon 30 Sep 2019, 18:38; edited 1 time in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 25 Sep 2019, 15:09    Post subject: Cloudflare's Warp VPN
Subject description: Available to all


Before today, there were approximately two million people on the waitlist to try WARP. That demand blew us away. It also embarrassed us. The common refrain is consumers don’t care about their security and privacy, but the attention WARP got proved to us how wrong that assumption actually is.
Let me start with the apology. We are sorry making WARP available took far longer than we ever intended. As a way of hopefully making amends, for everyone who was on the waitlist before today, we're giving 10 GB of WARP Plus — the even faster version of WARP that uses Cloudflare’s Argo network — to those of you who have been patiently waiting.

Privacy First

The free consumer security space has traditionally not been the most reputable. Many other companies that have promised to keep consumers’ data safe but instead built businesses around selling it or using it help target you with advertising. We think that’s disgusting. That is not Cloudflare’s business model and it never will be. WARP continues all the strong privacy protections that launched with including:

We don't write user-identifiable log data to disk;
We will never sell your browsing data or use it in any way to target you with advertising data;
Don’t need to provide any personal information — not your name, phone number, or email address — in order to use WARP or WARP Plus; and
We will regularly work with outside auditors to ensure we're living up to these promises.
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Mon 30 Sep 2019, 17:02    Post subject: ExpressVPN and HP provide VPN protection to PC users  


Our work with HP reflects the fact that VPNs are now seen as the new indispensable tool for protecting consumer privacy and security. And HP is not the only major technology brand that recognizes the need for VPNs—we’re excited to say that in the coming months we’ll have even more partnership announcements to share.

We’re glad to see that consumers and device makers alike are increasingly recognizing the essential privacy and security protections that VPNs provide. For example, without a VPN, you could be exposing your private data to hackers when you connect to unsecured or untrusted networks, such as public Wi-Fi hotspots at airports, hotels, and coffee shops. Governments, network administrators, and ISPs could also be snooping on your online activity, and a VPN helps to protect you against all these risks and more.

Further reading :
Best VPNs for Linux
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 02 Oct 2019, 17:32    Post subject: VPN-OnOff
Subject description: pet packages for a wide range of Puppy OS

VPN-OnOff download :

I am happy to see development of a native VPN application for Puppy simply called VPN-OnOff.

Further reading :
A Simple VPN Implementation
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Mon 07 Oct 2019, 07:40    Post subject: Pritunl
Subject description: How to setup a VPN Server using Pritunl


Pritunl is a VPN Server Software based on the popular OpenVPN platform. In this tutorial, you will learn how to set up and use Pritunl on your Ubuntu 18.04 LTS based server.

Further reading :
How to open ssh port using ufw
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Wed 09 Oct 2019, 08:35    Post subject: Distributed virtual private networks (dVPNs)
Subject description: VPN⁰ : the foundation of a decentralized VPN system



Distributed virtual private networks (dVPNs) are a new form of VPN with no central authority. In a dVPN, users are both VPN clients and relay/exit nodes as in a Peer-to-Peer (P2P) network. While dVPNs make strong privacy claims, they also carry the risk that a user will inadvertently have their machine used to transmit potentially harmful or illegal network traffic. Several incidents have been reported [2] where unaware dVPN users have been (ab)used as exit nodes.


In our prior blog post, we analyzed several dVPN proposals and reported a lack of (i) performance, (ii) privacy guarantees, (iii) traffic accountability. In this post, we tackle these issues by introducing VPN⁰, to the best of our knowledge the first distributed virtual private network offering a privacy preserving traffic authorization and validation system.

We foresee the ideas contained here to be the foundation of a decentralized VPN system, which may be combined with a set of incentives around a utility token such as BAT (Basic Attention Token). In a scenario like this, users carrying traffic would be compensated in BAT and users would pay for VPN services or subscriptions in BAT, as well. Care must be taken to make sure that token economic incentives keep this model continuously attractive for all participants and also that BAT payments cannot be used to deanonymize the participants.

Further reading :
Requirement Analysis of Decentralized Virtual Private Networks
APT Groups Exploiting Flaws in Unpatched VPNs
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2167
Location: Canada

PostPosted: Thu 10 Oct 2019, 07:17    Post subject: Free VPNs
Subject description: best-of-breed


The unabated lure of free VPNs :

While free unlimited VPNs for Windows are scams, there are a number of limited-data free VPNs that really don’t cost anything. This article lists the best.
However, free VPNs often don’t stick around forever. Sometimes previously free offerings change to a subscription model. Some switch to a freemium mode. And some seem to actively compromise your privacy.
But are there any free VPNs that will simultaneously protect your privacy in a reliable way? Absolutely.

CyberGhost for Chrome
Opera VPN
Hotspot Shield

CyberGhost VPN best offer :
CyberGhost is based in Romania, which is not part of the 14-Eyes Alliance. The company offers a strong zero-logging policy, meaning it doesn't record or store any information about your browsing activity.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 17 of 20 [292 Posts]   Goto page: Previous 1, 2, 3, ..., 15, 16, 17, 18, 19, 20 Next
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies. View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.7904s ][ Queries: 11 (0.6430s) ][ GZIP on ]