[PLUG-TALK] VPN anyone?

Rigel Hope gnu at rigelhope.org
Tue Feb 18 01:12:19 UTC 2020 

so, VPN services for the individual user are always going to be garbage.
you're sharing your pipes with a bunch of other people.

but even self-hosted VPNs are pretty slow, at least in part because of
encryption overhead, and in part just because of the nature of the beast.
you're piping TCP (connection-based) and UDB (conectionless) traffic over a
connection-based, encrypted protocol.

VPN services are advertised as maintaining your privacy, but they are in
actual fact just offloading traffic that you're concerned about to a single
point of failure. i'm sure that if i actually did some research there'd be
a Schneier or Krebs article on how such and such VPN provider was
subpoenaed or whatever and that traffic data was used to prosecute someone
doing some thing.

when i last did this 5 or 6 years ago, it was a pain in the butt to set up
OpenVPN on my remote virtual server and get it working with my android
device, but at least android had advanced enough by that point that it
worked without rooting your handset. that wasnt the case a few years prior.

but theyre always going to be fairly slow and you're never going to
actually know what the in-practice data retention is of your provider.

my take is it's a scam to appeal to paranoids who haven't actually done the
assigned reading.

On Sat, Feb 15, 2020 at 6:30 PM John Jason Jordan <johnxj at gmx.com> wrote:

> On Fri, 14 Feb 2020 14:01:07 -0500
> Tomas Kuchta <tomas.kuchta.lists at gmail.com> dijo:
>
> >I will stay away from recommending VPN - though PIA or Mulvad are
> >considered one of the best in terms of privacy - that is what you are
> >looking for correct?
>
> Yes, really just privacy.
>
> >Other (primary) purpose of VPNs is to connect/extend private networks
> >over the internet. Think of it like going to cafe/conference/Hawaii and
> >connecting to your network at home, like being at home. So, that you
> >could access your files on NAS, browse interwebs from there, etc.
>
> I never travel, so that is irrelevant to me.
>
> >As about what you do and what to expect - there is currently no way you
> >could get whole network (understand VPN on your router) running at
> >1Gb/s. I guess, that you should realistically expect 50-100Mb/s in
> >ideal situation.
>
> I got better than that from PIA, and at the moment I am using
> FastestVPN, which is giving me up to 300Mbps. After much trial and
> error I have concluded that 300Mbps is probably the best I can get. But
> it's usable, so I don't mind.
>
> I kind of like FastestVPN over PIA. PIA has its own little GUI app, but
> it doesn't allow you to select which of their many servers you are
> going to connect to. FastestVPN uses the built-in Linux network
> manager, and you can set up as many of their 60+ servers as you want.
> It took me hours to figure out how to do it, but now that it's done I
> like it. The weird thing is that speedtest.net gives me about the same
> speed for all of the servers that I set up, but on most of them I
> found that web browsing was slower than the second coming. I mean, just
> accessing any web site would often fail due to timeout. I had to try
> half a dozen of their servers before I got one that works well. And
> it's in the Netherlands - their servers in the US were awful.
>
> >To use your 1Gb/s ISP link you will most likely need to separate VPN
> >and not VPN traffic either by setting up VPN on client PCs or by
> >network separation using Vlans or by connecting through VPN proxy
> >when/where you need it.
>
> That might be a way to get better speeds, but it sounds like a lot of
> work. Originally I just assumed that I would connect to the VPN and
> life would continue as before. Then I ran into the speed issue, and
> almost gave up. But now I realize that 300Mbps is really fast enough,
> and I don't need to be connected to the VPN 24/7. If I need faster
> speed for something (like downloading a distro ISO) I can just turn it
> off for a while.
>
> I still have the problem with Gmail. Today I was blocked three times,
> and had to go through all the hoops to get reconnected. At the same
> time my gmx.com mail seems to have no problem with accessing mail from
> constantly changing IP addresses. My current plan of attack is to set
> up a new gmx.com account and set Gmail to automatically forward
> everything to it.
>
> >I hope this gives you some ideas what/why/how you could do to improve
> >your privacy where it matters to you without losing the benefits of
> >1Gb/s internet connection.
>
> You have given me some good ideas. And it has been a learning
> experience. :)
> _______________________________________________
> PLUG-talk mailing list
> PLUG-talk at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug-talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pdxlinux.org/pipermail/plug-talk/attachments/20200217/e7fd8da5/attachment.html>

More information about the PLUG-talk mailing list