Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 22 May 2018, 14:10
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
VPN Comparison Chart & How to choose the best VPN
Post new topic   Reply to topic View previous topic :: View next topic
Page 4 of 5 [61 Posts]   Goto page: Previous 1, 2, 3, 4, 5 Next
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Tue 10 Apr 2018, 14:59    Post subject: Using ProtonVPN on pfsense  

https://matya.blog/2017/05/08/using-protonvpn-on-pfsense/

If you are concerned about your privacy, and happen to have access to ProtonVPN‘s beta test and are using a pfsense firewall as router, then this might be in your interest.

Further reading :
Using ProtonVPN with routers
https://www.reddit.com/r/ProtonVPN/comments/62f0ps/using_protonvpn_with_routers/
How to setup ProtonVPN on DD-WRT routers
https://protonvpn.com/support/vpn-router-ddwrt/
How to setup ProtonVPN on a Tomato router
https://protonvpn.com/support/vpn-tomato-router/
Installing OpenVPN client and server on a DD-WRT router
https://www.comparitech.com/vpn/install-openvpn-dd-wrt-router/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Wed 18 Apr 2018, 23:18    Post subject: Mofo Linux
Subject description: for the privacy-conscious internet user
 

Mofo Linux means business in terms of privacy.

MOFO Linux is an operating system optimized for defeating all major methods of internet censorship and surveillance used by governments, corporations, schools, and internet service providers. It is a tool created to empower people for exercising their inalienable rights to privacy, freedom of expression, association, and peaceful assembly, in accordance with the International Covenant on Civil and Political Rights and the Universal Declaration of Human Rights. The system contains office, multimedia, and internet applications enabling you to read, write, watch, or listen to any media from anywhere with an internet connection. MOFO Linux is designed to unblock everything.

You like Ubuntu, you want your privacy to be respected and enforced, then Mofo Linux could be the OS you were waiting for, with more apps than you were asking for in terms of privacy and anti-censorship.

OpenVPN, i2p, Tor, to name but a few, are pre-installed :

SOFTETHER VPN
Softether is capable of fast broadband data transfers, uses strong encryption, but is highly targeted by censorship authorities. Client software for Linux is still sparse, but MOFO Linux includes the official client plus a Softether Controller application which will partially automate the connection process.


OPENVPN IS WELL SUPPORTED IN MOFO LINUX

LANTERN and PSIPHON (Domain Fronting Proxies)
Lantern works well in restricted internet environments. Simply find "Lantern" in the internet application menu. Start Lantern and it will automatically connect to remote servers and provide fast, unrestricted internet access through Firefox.

Psiphon is a circumvention system effective against sophisticated state censorship systems. Access psiphon in the internet application menu, and click to bring up the controller. Select "start" or "stop" as necessary, and the controller will handle the configuration process.


In MOFO Linux, Freenet is configured to install freshly from its java package. Use the "Freenet Installer" application to set it up for the first time. To stop or restart Freenet, use the buttons within its main browser page.

Further reading :
Link to SourceForge : https://sourceforge.net/projects/mofolinux/files/
Link to Github : https://github.com/brightflash64/MOFO-Linux
Source and scripts for building the MOFO Linux distribution
Link to tutorial for a frugal install : https://mofolinux.com/mofo-linux-grub2.html
https://www.deepwebsiteslinks.com/best-os-for-tor/
http://www.hacker10.com/anonymous-os-list/
Special note regarding disclosure law (UK, Australia, Iran, etc) :
In some countries the law forces citizens to give up their passwords under threat of jail (UK, Australia, Iran, etc), if you are at that level of risk, you will be better off running the OS as a live DVD and never installing anything. When something runs in RAM it is not possible to recover the data regardless of threats.

Last edited by labbe5 on Mon 23 Apr 2018, 22:30; edited 3 times in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Thu 19 Apr 2018, 20:58    Post subject: 10 Tips for Effective Web Unblocking With A VPN  

https://mofolinux.com/vpn-user-tips.html

Use ports that are most inconspicuous. Ports 443 and 1194 are well known to carry VPN traffic in addition to their other common uses (SSL and online gaming, respectively), and are often blocked by countries like China or Saudi Arabia.

Here are some common ports with enough traffic to make your presence harder to detect:
PROTOCOL PORTS APPLICATION
TCP or UDP 6970-6969 BitTorrent
TCP 993 Encrypted IMAP
TCP 3389 Windows Remote Desktop
UDP 123 Network Time Protocol
UDP or TCP 531, 5190-5193 AOL Instant Messenger
UDP 666 Doom, Online Game
UDP or TCP 749 Kerberos Administration
UDP or TCP 1503 Windows Live Messenger
TCP 4664 Google Desktop Search
TCP 5050 Yahoo Messenger
TCP 16080 MAC OS X Server
TCP 19294 Google Voice

More tips on Mofo Linux website.

Further reading :
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Last edited by labbe5 on Thu 19 Apr 2018, 21:15; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Thu 19 Apr 2018, 21:14    Post subject: VPN Gate: Free Public Access VPNs
Subject description: a regularly updated list of the mirrors
 

https://mofolinux.com/vpngate.html

VPN Gate provides free access to a large network of volunteer operated VPN servers. In a failed attempt to enforce censorship, certain countries have blocked direct access to the VPN Gate server directory. In response, this page provides links to the latest VPN Gate mirror sites. Direct downloads of VPN Gate's OpenVPN server files is also available here.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Sat 21 Apr 2018, 21:26    Post subject: The impossible task of creating a “Best VPNs” list
Subject description: guidelines to keep in mind when determining if a VPN can be effective for you
 

https://arstechnica.com/information-technology/2016/06/aiming-for-anonymity-ars-assesses-the-state-of-vpns-in-2016/

VPNs are not for anonymity

“Using public VPNs for anonymity is foolish and potentially dangerous, no matter how securely it’s configured, simply because the technology was not designed at all for anonymity. VPN services require that you trust them, which is a property that anonymity systems do not have.”

“Instead, the use of strong privacy tools such as the Tor Browser (possibly coupled with a reputable VPN) is a must,” he said. “Not only because of the anonymizing properties, but because the bundled browser has been heavily modified to maximize Web privacy (via cookies, Flash, and Java plugins).”

Tor and even the Tor Browser are not entirely foolproof, either. “There have been some malicious Tor exit nodes in Russia ...

In contrast to most VPNs, however, Tor and the Tor Browser are used in incredibly high-risk situations, meaning engineers work incredibly quickly to patch security vulnerabilities.

VPNs are not necessarily safe for torrenting

Some VPN providers do not permit peer-to-peer sharing and would even turn over user names to a copyright holder if necessary. Others issue warnings on behalf of the copyright holders and may cancel the accounts of repeat offenders.


VPNs do not offer robust protection from ad tracking

Although VPNs mask your IP address, they won’t necessarily protect you from spying ads and invisible trackers. “VPNs alone provide negligible protection against ad network tracking, because an IP address (which the VPN is masking) is a weak identifier,” Campbell said. “Ad networks prefer browser cookies, supercookies, and browser fingerprinting techniques ( https://panopticlick.eff.org) that VPNs cannot protect against.”

To protect against ubiquitous ad tracking, ad blockers (like uBlock or uBlock origin) and tracking blockers (like PrivacyBadger or Disconnect) provide some level of protection. Disabling JavaScript or using tools like NoScript for Firefox can offer some protection from fingerprinting.

VPNs could put you at risk

Since VPNs create a tunnel between a user and the VPN provider’s server, though, it’s again important to have trust in the VPN provider. That provider can essentially see all of your traffic, log all of your traffic, and even modify your traffic.

“You’re really putting yourself at their mercy if they’re not honest,” said White. “Your fear may be that you’re going to get hacked by someone on the local network, but [by using a sketchy VPN] you’re basically putting yourself in the hands of your worst possible attacker. All of your traffic is going through the worst coffee shop access point in the world if you pick the wrong VPN service.”

Preshared keys

VPN hall of shame
https://gist.github.com/kennwhite/1f3bc4d889b02b35d8aa

Do not use any of these providers (Provider / known "Secret" Key) :

Astril / way2stars
EarthVPN / earthvpn
GFwVPN / gfwvpn
GoldenFrog / thisisourkey
IBVPN / ibVPNsharedPSK!
IPVanish / ipvanish
NordVPN / nordvpn
PrivateInternetAccess (PIA) / mysafety
PureVPN / 12345678
SlickVPN / gogoVPN
TorGuard / torguard
TigerVPN / tigerVPN
UnblockVPN / xunblock4me
VPNReactor / VPNReactor

Many/most of these offer OpenVPN, or special clients for IPSec. But for all of the above, they are actively placing a significant portion of their user base (particularly those with older Androids and desktops) at risk by not using per-user PSKs.

PPTP instead of IPSec, L2TP/IPSec, IKEV2, or OpenVPN

Some VPNs use the outdated PPTP VPN protocol, which is fundamentally insecure. Better options include IPSec (LibreSwan and StrongSwan, which are actively maintained), L2TP/IPSec, IKEv2, or OpenVPN.

Data retention/logging

Some VPNs log information to be in compliance with data retention laws in their respective countries. And a lot of VPNs overall log information, such as when specific users connected, where they connected from, and even what connections they made. It’s not entirely easy to know whether to trust VPN claims that they do not log.

Leakage

"From a technical point of view, I think the most underrated vulnerabilities are network leaks in the client-side VPN software,” said Campbell. Even after a user has connected to a VPN server, a few outgoing packets may not be using the VPN tunnel, which could compromise their privacy.

“The advice that I would give people is that, if you’re worried about government monitoring, you should always use Tor, full stop,”

Marketing hype

“Take a really skeptical look at a service provider that makes claims of no logging, accepts Bitcoin, and makes any kind of grandiose claims about military grade or government-proof or NSA-proof encryption,” said White. Not only could VPNs have lax security, some may be honeypots run by nation-state actors. Conversely, VPNs that are very clear about their threat model and what they can and cannot protect against are likely more trustworthy.

What to look for

Campbell recommends looking at any company activism, which he says is likely to demonstrate how much an organization cares about customer privacy. He also looks for a clear and unambiguous privacy policy rather than a boilerplate policy and for companies that have been in business for at least three years.

“There has been an explosion of cheap VPN providers over the last few years since the Snowden revelations,” Campbell warned. “Many of these new providers use laughable security practices. In many cases, they are Web hosting businesses that have decided to repurpose some of their servers, effectively becoming bandwidth resellers, but with no security experience.”

Further reading :
https://thatoneprivacysite.net/vpn-section/

Last edited by labbe5 on Sat 21 Apr 2018, 22:05; edited 3 times in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Sat 21 Apr 2018, 21:32    Post subject: i2p and other darknets, such as ZeroNet, FreeNet, etc
Subject description: the underrated solutions and a replacement for VPNs
 

https://en.wikipedia.org/wiki/I2P

The Invisible Internet Project (I2P) is an anonymous network layer that allows for censorship-resistant, peer to peer communication. Anonymous connections are achieved by encrypting the user's traffic (by using end-to-end encryption), and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. Given the high possibility of paths the traffic can transit, a third party watching a full connection is unlikely. The software that implements this layer is called an "I2P router", and a computer running I2P is called an "I2P node". I2P is free and open source, and is published under multiple licenses.

Mofo Linux is pre-installed with i2p, and is working out-of-the-box.

For torrenting, i2psnark is bundled with i2prouter. Movie titles are added daily.

i2p is private by design.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Sat 21 Apr 2018, 22:01    Post subject: Streisand
Subject description: DIY VPN
 

Depending on your privacy needs, a pre-made solution may not currently exist. If that’s the case, technical users can roll their own VPNs. If a pre-made solution is more your speed, one option is running Streisand over a DigitalOcean VPS, Amazon Web Services, Vultur, OVH, or another reputable hosting provider. Created in the aftermath of Turkey blocking Twitter, Streisand's goal is to help users circumvent Internet restrictions.

Technical information :
https://bigmedium.com/ideas/private-vpn-streisand.html
Definitely cannot recommend Streisand enough. It gives you a private service with relatively easy setup at a low cost and with basically zero maintenance.

http://devops.host/blog/streisand-vpn.html

https://www.linode.com/docs/networking/vpn/set-up-a-streisand-gateway/

Historical information :
https://www.dailydot.com/layer8/streisand-vpn-censorship-turkey-china/
Without the former NSA contractor Edward Snowden’s 2013 revelations and Turkey’s social media crackdown acting as the dual catalysts, Streisand wouldn’t exist at all.

Last edited by labbe5 on Sat 21 Apr 2018, 22:14; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Sat 21 Apr 2018, 22:13    Post subject: Algo
Subject description: DIY VPN
 

https://github.com/trailofbits/algo

Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices.

Technical information :
https://techcrunch.com/2017/04/09/how-i-made-my-own-vpn-server-in-15-minutes/

https://www.pcworld.com/article/3251785/security/how-to-set-up-and-run-your-own-vpn-server-on-windows.html

https://zeltser.com/deploy-algo-vpn-digital-ocean/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Sun 22 Apr 2018, 10:38    Post subject: Tor + VPN & VPN + Tor
Subject description: pros and cons
 

https://airvpn.org/tor/

AirVPN client is chosen for its well-documented pros and cons of using Tor + VPN and VPN + Tor.

Pros and cons are similar for any VPN client.

Using VPN with Tor, your VPN provider will not see your real IP :
...our VPN server will not see your real IP address but the IP of the Tor exit node... and you benefit from a major security layer in the event you pass through a compromised/malicious Tor exit node (packets are still encrypted when they pass through the Tor exit node)
Cons : poor performance.

Using Tor over VPN, your real IP is known by your VPN provider and you are not protected against malicious Tor exit nodes if you send/receive unencrypted traffic to/from the final host you connect to.
Pros : good performance.

AirVPN is a VPN client from privacy activists.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Thu 26 Apr 2018, 16:37    Post subject: WebTorrent Desktop  

https://webtorrent.io/

WebTorrent Desktop is for streaming torrents. Whether it's video from the Internet Archive, music from Creative Commons, or audiobooks from Librivox, you can play it right away. You don't have to wait for it to finish downloading.

WebTorrent Desktop is fast, free, non-commercial & open source.


Imagine a peer-to-peer YouTube where viewers help to host the site's content. By making BitTorrent easier to use, we can get more people to participate and take the first steps to re-decentralizing the Internet.

The key word is re-decentralizing in a world of just a few platforms : Apple, Google, Facebook, etc, mining our personal data for profit.. Internet is becoming monopolistic in nature.

https://webtorrent.io/desktop/ to download a .deb file.
Or from github : https://github.com/webtorrent/webtorrent-desktop/releases

You may find this interesting too : Streaming file transfer over WebTorrent (torrents on the web) https://instant.io/

WebTorrent is to be used with a VPN.

Similar app :
utorrent for Linux :
https://www.itzgeek.com/how-tos/linux/ubuntu-how-tos/install-%ce%bctorrent-utorrent-on-ubuntu-18-04-ubuntu-17-10-17-04.html

Last edited by labbe5 on Thu 03 May 2018, 11:01; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Thu 26 Apr 2018, 18:00    Post subject: Sopcast Player
Subject description: P2P Internet TV
 

Download links for 32 & 64 .deb files :

sp-auth is a dependency to be downloaded and installed first, then sopcast-player : https://linuxhint.com/install-sopcast-player-ubuntu-download/

Other links :
http://ubuntuhandbook.org/index.php/2018/04/install-sopcast-player-ubuntu-18-04/
https://launchpad.net/~linuxthebest.net/+archive/ubuntu/sopcast/+packages

The download links are ok, but installation of 32-bit sopcast-player was incomplete with dependency libvlc-dev not available (Xenial).

The project seems to be on the back burner, not updated anymore. Bugs are not dealt with anymore. It is a hit-or-miss installation.
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 951

PostPosted: Thu 26 Apr 2018, 23:44    Post subject: Re: Tor + VPN & VPN + Tor
Subject description: pros and cons
 

labbe5 wrote:
https://airvpn.org/tor/

AirVPN client is chosen for its well-documented pros and cons of using Tor + VPN and VPN + Tor.

Pros and cons are similar for any VPN client.

Using VPN with Tor, your VPN provider will not see your real IP :
...our VPN server will not see your real IP address but the IP of the Tor exit node... and you benefit from a major security layer in the event you pass through a compromised/malicious Tor exit node (packets are still encrypted when they pass through the Tor exit node)
Cons : poor performance.

Using Tor over VPN, your real IP is known by your VPN provider and you are not protected against malicious Tor exit nodes if you send/receive unencrypted traffic to/from the final host you connect to.
Pros : good performance.

AirVPN is a VPN client from privacy activists.


Being able to connect to the vpn over tor is pretty cool.

I wonder if I can use it to port forward a UDP connection over TOR

Quote:
AirVPN also offers OpenVPN dynamic port-forwarding on 80 TCP / UDP, 443 TCP / UDP and 53 TCP / UDP. TCP is more reliable, but slower, while UDP is less reliable, but faster. TCP is a preferred method on unstable internet connection while UDP works well on fast and stable internet. Additionally, Network Lock is AirVPN Kill Switch and DNS Leak Protection feature that prevents IPv4/IPv6 communication when the device is not connected to a AirVPN servers. Network Lock is based on strict firewalls rules, therefore, providing protection against data leaks at all times even when the connection is “ON”.

https://cryptmode.com/airvpn-review/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Fri 27 Apr 2018, 16:45    Post subject: 50 VPNs share data on their users with Facebook  

Here’s the full list of VPNs that implement the Facebook remarketing pixel, according to our research:

https://www.vpnmentor.com/blog/report-vpns-share-data-users-facebook/

All of this leads to one hugely important (and, frankly, frightening) question: what happens to all this data if Facebook were to hand it over, whether willingly or by force?

While it’s reasonable enough to believe that Facebook isn’t outright selling data, they do have copious amounts of it — and the use it on a daily basis to make their ads better, which translates to “more invasive” for users.

But the bigger problem here is the absolute defeat of privacy when Uncle Sam knocks on Facebook’s door. In other words, if the US government forced the California-based social media giant to present a list of people that have a VPN (or are likely to have one), there would be no option but to fully comply, even if the users in question weren’t in the United States.
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 951

PostPosted: Fri 27 Apr 2018, 23:00    Post subject: Re: 50 VPNs share data on their users with Facebook  

labbe5 wrote:
Here’s the full list of VPNs that implement the Facebook remarketing pixel, according to our research:

https://www.vpnmentor.com/blog/report-vpns-share-data-users-facebook/

All of this leads to one hugely important (and, frankly, frightening) question: what happens to all this data if Facebook were to hand it over, whether willingly or by force?

While it’s reasonable enough to believe that Facebook isn’t outright selling data, they do have copious amounts of it — and the use it on a daily basis to make their ads better, which translates to “more invasive” for users.

But the bigger problem here is the absolute defeat of privacy when Uncle Sam knocks on Facebook’s door. In other words, if the US government forced the California-based social media giant to present a list of people that have a VPN (or are likely to have one), there would be no option but to fully comply, even if the users in question weren’t in the United States.


So then we need either a program to block all third party images smaller than a certain size:
https://en.ryte.com/wiki/Tracking_Pixel

or we need a different ip address and browser signature for each site that we visit. (the tor browser does this since each site is on a new tor circuit and the signature is generic) I think though that this is only tracking if you visit the VPN site and not what you browse via the VPN.

On another note, if the page serves adds from facebook, then facebook doesn't need a pixle to track you, any size image will do.

On another note, since cdns serve a lot of static content for many websites, they can do the same type of tracking but without needing to use a single pixle image.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1160
Location: Canada

PostPosted: Sat 19 May 2018, 17:16    Post subject: Beware Botnet: Why You Should Avoid Using Hola VPN  

https://www.cloudwards.net/hola-vpn/


Further reading :
https://www.cloudwards.net/worst-free-vpn/
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 4 of 5 [61 Posts]   Goto page: Previous 1, 2, 3, 4, 5 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0826s ][ Queries: 11 (0.0166s) ][ GZIP on ]