Hi all, I am just getting started with Linux and wanted to know what vpns you all use. An option with a gui would be helpful but I’m open to anything you have had good experiences with.
I use Mullvad. It’s good, and doesn’t slow down my internet.
I have had no complaints with Mullvad.
Surfshark. Good privacy scores, ‘unlimited’ connections allowed and works beautifully in linux.
I use protonvpn. It has a Linux GUI client that is almost identical to the windows/Mac version and works very well
I use NordVPN. There’s a GNOME extension that provides a GUI for the official command line client. But honestly I barely use my VPN on my desktop, and I never need it to be system wide. I only use the browser extension.
I don’t use a VPN. Why should I pay money for someone redirecting all my traffic to a single point of failure/analysis? Or possibly selling my data? For geoblocking, fine. For everything else? No.
Idk why people are so obsessed with VPNs these days. They aren’t meant to do what they are advertised todo. They are there to connect 2 local networks over the internet together.
I use Softether VPN hosted on a cheap $5 VPS. It is fast and you don’t need to install anything on your manjaro (just import the .ovpn file from the NetworkManager)
I live in China so I need vpn to access most of the internet. I’m using Astrill which works well in China.
An option with a gui would be helpful
I like to go the other direction: don’t use the custom, proprietary client from the VPN company, instead use a generic VPN client either supplied by Linux (e.g. OpenVPN) or by a standard place (e.g. Wireguard project). The VPN company already sees what domains you’re accessing; why let it also run an app on your system and maybe have access to the filesystem ?
On Linux, built-in Network Manager gives a basic GUI for setting VPN parameters. You don’t have to use the CLI.
If you use it for privacy reasons, then keep in mind the lies they stated for their proton mail service.
Not the best vpn choice for tiling manager users, requires gnome tools
Why should I pay money for someone redirecting all my traffic to a single point of failure/analysis?
For compartmentalization. If you don’t use a VPN, your ISP sees all of the domains you access. And the ISP already knows FAR too much about you: your home postal address, your name, probably your phone number. You can sign up for VPN without giving ID. So a betrayal by the VPN does limited damage, and betrayal by ISP does less damage than it would if you weren’t using VPN.
For geoblocking, fine. For everything else? No.
Location change is useful to put a couple more legal jurisdictions in the way of someone trying to sue or DMCA you, too.
And some VPNs give ad-blocking, malware-site-blocking, more.
VPN hides your home IP address from web sites, let you change source IP address easily (choose a different VPN server). Mixes your traffic with that of 10K other users.
They aren’t meant to do what they are advertised todo. They are there to connect 2 local networks over the internet together.
Yes, originally VPN just meant tying together two LANs, essentially. But here we are talking about consumer-to-internet VPNs. Call it something else if you wish, but the facility is useful.
Yes, much of the advertising is deceptive or overblown. But VPNs do give certain contributions to security and privacy.
Idk where you live, but I personally live in Germany, so the following “rules” apply for me.
My ISP can, ofc, see all the traffic, it’s overall their network. That being said, if I only use ipv4, I’m most likely already sharing one address with a few people.
If I use pihole + unbound I get adblocking network wide and also use root dns servers, which don’t care over anything at all. DNS requests are now out of the network. Which sites I use isn’t hidden, but what I do there is. Even without these measures.
The ISP has to save the IP they gave to “me” for 6 months if I’m not mistaken. My IP also changes every 24 hours, if that would be a concern to you. That’s pretty standard around here. That being said, if someone files a dmca to the VPN provider and they snitch, it’s easy to correlate my connection to the VPN provider with whatever they are claiming I have done. There is nothing like “no logging”. You have an account, you have a connection to their servers and if they, or the server owner, gets forced to log even more than your IP address, you are pretty much fucked and also pay for that. Now you have, as the one who has surveillance, only one single point you have to check, to have thousands of people route their traffic through the connection you compromised. That’s just plain stupid out of a security standpoint as you have another link in the chain you have to trust with the same outcome as if you just use the connection of your ISP. Doesn’t matter if they know you already. The web is mostly https. They can’t see what you are doing, just where.
The rest is ofc true, everything you said is true, but the drawbacks are almost forgotten every time. There is no reasonable way I should/would trust another chain in the link and even pay them for MY trust. I recommend to watch the video from Tom Scott, which I linked in my first comment.
Quick example to end this comment:
ISP betrays you and says “he/she connected to this ip alot”. Now they ask the vpn provider, who does snitch. You’re fucked and paid money for it.
Let’s say the VPN doesn’t snitch, great, they file a claim and, oh well logs. Maybe not from the VPN itself, but from the VPS they host on. Also fucked and paid for it. There are so many stories about VPN provider fucking up, why should I trust yet ANOTHER corporation with my data?
Let’s say ISP snitches and I didn’t use a VPN. They hand over all the ips I connected to, In the last 6 months. Also fucked, but can pay a lawyer, because I didn’t burn my money on a VPN.
Lastly: where does the money came from, to host 3000+ servers worldwide for 3 bucks a month and pay for all the ads? Sounds kinda fishy, ngl. In that case I can rent my own VPS for a few bucks and just host my own VPN. At least I can be sure it’s as safe as I configured it.
So, thank you for your opinion and the explanation, but I don’t like to trust anyone if I don’t have to. I use Tor whenever I need to and for the rest I just have to trust my ISP, even tho I don’t think they are even allowed to sell my data in this country. If that ever happens, it’s full time Tor then.
Have fun downvoting
Everything you say against VPNs is also true, and worse, when you’re using just an ISP and no VPN. Except for the small additional money you pay for the VPN.
You don’t have to trust a VPN to use it. And in fact, by using a VPN, you’re reducing the damage your ISP can do to you, so you’re reducing the amount of “trust” you have to have in your ISP.
I didn’t downvote you, others are doing that.
So, in fact, I’m just splitting the amount of trust to two parties. I’m still not convinced that a VPN provider will shut the fuck up and doesn’t sell my data if I just have to pay 3 bucks for it a month. Only vpn I would consider would be perfect privacy, but it’s just too much money to spend tbh.
And I know you didn’t down vote, that’s why the message was for the others, don’t worry.
I’m just splitting the amount of trust to two parties
You’re splitting your DATA between two parties. So either of them can do less damage to you if they sell what data they have about you. And someone who wants to trace or sue you would have to compel BOTH companies if they want to trace you from end web site back to your ID.
As for money, maybe I’m biased, I got a $25 lifetime deal from my VPN company. Probably won’t be repeated.
25 bucks is a steal. Especially if you know what bandwidth costs. I’m in excess of 5TB of data a month. There is no way that there isn’t some kind of “fishy thing” going on. Idk, VPNs just sound to me like you are routing a lot of traffic for analysis to someone else. Yes it’s many peoples traffic, but still. Just one point of surveillance.
I have seen no evidence of “fishy going on”, and the only info the VPN has is my home IP address, my PayPal email address, and the list of domains I access. Good luck getting anything by selling that. I’d rather the VPN have that info than the ISP have it. Even if the VPN is malicious.