this post was submitted on 15 Aug 2023
94 points (94.3% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55056 readers
496 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

Hello all!

I have been out of the piracy game since a little before mullvad lost port-forwarding; I know these things are ever changing, and to my understanding ivpn is a good bet at this moment in time.

I was wondering what everyone else has been using. As well as if anyone has tried the gui client for ivpn either built from source or the AUR build(I do use arch btw).

I am open to any vpn client that has a good reputation in the community, and build-able from a repository; A gui is preferred but not necessary, and absolutely NO account creation (Except for generic account numbers of course).

Thanks in advance for anyone who takes the time to answer.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 1 year ago (2 children)

Mullvad doesn't support port forwarding anymore. I use airvpn and you can just use the native WireGuard (or OpenVPN if you'r crazy) apps on different platforms if you want.

[–] [email protected] 1 points 1 year ago (1 children)

I use Wireguard on Mullvad. I don't know what you're talking about 🤷‍♂️

[–] [email protected] 8 points 1 year ago (1 children)

he is saying mullvad doesn't support port forwarding anymore, which is true. As a long time mullvad customer, I'm now looking for alternatives

[–] [email protected] 1 points 1 year ago

Is that a deal breaker? Why not just tunnel through if you need

[–] [email protected] 1 points 1 year ago (2 children)

Wait why "if you're crazy"? I know wireguard is faster but is there something I'm missing?

[–] [email protected] 5 points 1 year ago (1 children)

No, you are not missing anything. Wireguard is just much better.

[–] [email protected] 1 points 1 year ago (1 children)

I have heard that it is impossible to have no logs with wireguard because the configuration requires an static IP log and public key or something similar which normal openVPN doesn't, so it breaks the "no log" policy.

I am not suse how correct that is, but that was a discussion earlier.

https://www.reddit.com/r/PrivateInternetAccess/comments/jg98le/is_wireguard_protocol_safe_for_torrenting/

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Here is what Mullvad has to say about that: https://mullvad.net/en/help/why-wireguard/

#Is it true that a user's public IP must be logged in order for WireGuard to work?

No. When using WireGuard, your public WireGuard IP address is temporarily left in memory (RAM) during connection. By default, WireGuard deletes this information if this server has been rebooted or if the WireGuard interface has restarted.

For us this wasn't enough, so we added our own solution in that if no handshake has occurred within 600 seconds, the peer is removed and reapplied. Doing so removes the public IP address and any info about when it last performed a handshake.

If you want to hide your public IP even more, use multihopping.

#Is logging of any user activity required in order for WireGuard to work?

No. There is never a need to log user activity no matter if you're using OpenVPN or WireGuard.

#What are your thoughts on the internal WireGuard IP address being static?

We acknowledge that keeping a static IP for each device, even internally, is not ideal.

Why? Because if a user experiences WebRTC leaks, that static internal IP address could leak externally. As another example, applications running on your device can find out your internal IP, and if you've installed software that is malicious, it can also leak that information.

And theoretically, a static internal IP that is leaked, together with obtaining a payment record, could help to identify a user. (Dive into the payment info we handle for a fascinating read.)

Having said that, we still believe that WireGuard overall is in a better state than OpenVPN.

##Solutions to the problem

You as a user can mitigate this issue in two ways:

  • When connected to Mullvad, perform a Connection check. If you're not safe from WebRTC leaks, take necessary action.
  • Never download and install applications that you don't trust.

The Mullvad VPN app automatically replaces the WireGuard keys once a week.

We also want to see the WireGuard protocol itself improved, which is why we're taking part in the development of WG-dynamic. This implementation will give the ability to dynamically assign a new internal IP every time a connection is made.

[–] [email protected] 1 points 1 year ago

Ah, nice. No issue for mullvad then. I wonder if other VPNs do something similar. Otherwise they.could be stored for multiple months.

[–] [email protected] 4 points 1 year ago

Tbf, you don’t really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.

you should use openvpn in difficult network configurations such as college dorm blocking everything except tcp 443 and tcp 80 or with old clients that don't support wireguard