Hey folks.
A certain country that doesnt like its people to read actual, real news is finally starting to block vpns. In fact, instead of blocking specific vpns (which would be fruitless), they are now blocking entire protocols - meaning, for example, that Wireguard and OpenVPN are completely blocked now.
Based on my research it seems best option right now would be for me to swap to Shadowsocks - however i just wanted to ask some sanity questions.
From what i see, Shadowsocks doesnt seem too different from VPN (im talking from user standpoint, not in regards to technology behind it) - it seems i would get an app that supports shadowsocks, get a paid servbice that provides me a host for it, and plug it in, similar to how i do right now with Wireguard. Is that correct? Does it work how i assume it works for purposes of web browsing, youtube, email etc? Are there any important differences between Shadowsocks and standard vpns that i might want to be aware of?
Thank you!
You’re correct. From the perspective of a user trying to circumvent government censorship they are pretty much the same.
When you get down to the technical details, Shadowsocks is a proxy rather than a VPN. Probably the most common gotcha is that proxies can’t tunnel ping traffic, while a VPN can. I think games are primarily affected by this. But most apps, websites should work the same with either.
Yep, you are correct. Shadowsocks isn’t different with VPN, you can buy the service from shadowsocks provider. Or you can buy a VPS , create a shadowcks service by yourself. It works properly for purposes of web browsing, youtube, email , even gaming. It is just socks proxy software. It is a kind of VPN. But it has a different encryption protocol with standard VPNs.
What would be the best option for configuring a router to default to one of my paid VPN IP addresses on all our household devices once they connect to the wifi or would it be better to go about this with a socks type proxy.
Also curious about changing the MAC address on the router and DNS as it allows for that. I want my families online activity to be as secure as possible and feel like insisting them to use Tor is never going to work lol.
Changing the default DNS is generally a great idea,
MAC addresses are only visable on the single subnet/VLAN and not beyond so of limited value for most people.
Using publicly (internet) routable (which is what I assume you mean by “paid VPN IP Addresses”) on your LAN devices would generally be a bad idea from the security point of view (and unnecessary unless you want to host your own servers).
Ah I see. That’s what I was referring to. So changing the DNS on the router would be my best bet? What about buying a socks proxy instead of a VPN IP? Any benefit there, in terms of routers? I have one of those stereotypical VPN applications that is accessible on all my devices, I just have to manually enable them. Just want to stay as secure and off the radar as possible or if possible. I know my ISP can see everything, I assume the VPN provider can as well, despite them allegedly not keeping logs which has been proven countless times to be total baloney! Are there any other tips or suggestions you would recommend for someone like me who values security, privacy and anonymity whenever possible?
As for changing the DNS on the router, it seems very straightforward. I just don’t know the best way to get a reliable DNS address to implement. Needless to say, I’m no computer science major. I believe I had an app at one point, DNScrypt or something like that. Not sure if that’s reliable but would love any suggestions.
Thank you for all the info!
Theoretically VPNs hide your traffic better than a SOCKS5 proxy but are slower.
This assumes that all other factors are equal. This assumption is almost certainly false.
As far as DNS server choice goes, if you’re primarily interested in speed, try to check your location using a free DNS benchmark utility like Gibson Research or Namebench. If you’re more interested in security and hiding from your ISP or the authorities there may be an option to use encrypted DNS over HTTPS although I am unsure if it’s supported on many routers.
WIll check that out. Thank you!