(LINUX USER)What VPNs would you lovely people recommend?
Hello all!
I have been out of the piracy game since a little before mullvad lost port-forwarding; I know these things are ever changing, and to my understanding ivpn is a good bet at this moment in time.
I was wondering what everyone else has been using. As well as if anyone has tried the gui client for ivpn either built from source or the AUR build(I do use arch btw).
I am open to any vpn client that has a good reputation in the community, and build-able from a repository; A gui is preferred but not necessary, and absolutely NO account creation (Except for generic account numbers of course).
Thanks in advance for anyone who takes the time to answer.
Mullvad doesn't support port forwarding anymore. I use airvpn and you can just use the native WireGuard (or OpenVPN if you'r crazy) apps on different platforms if you want.
I have heard that it is impossible to have no logs with wireguard because the configuration requires an static IP log and public key or something similar which normal openVPN doesn't, so it breaks the "no log" policy.
I am not suse how correct that is, but that was a discussion earlier.
#Is it true that a user's public IP must be logged in order for WireGuard to work?
No. When using WireGuard, your public WireGuard IP address is temporarily left in memory (RAM) during connection. By default, WireGuard deletes this information if this server has been rebooted or if the WireGuard interface has restarted.
For us this wasn't enough, so we added our own solution in that if no handshake has occurred within 600 seconds, the peer is removed and reapplied. Doing so removes the public IP address and any info about when it last performed a handshake.
If you want to hide your public IP even more, use multihopping.
#Is logging of any user activity required in order for WireGuard to work?
No. There is never a need to log user activity no matter if you're using OpenVPN or WireGuard.
#What are your thoughts on the internal WireGuard IP address being static?
We acknowledge that keeping a static IP for each device, even internally, is not ideal.
Why? Because if a user experiences WebRTC leaks, that static internal IP address could leak externally. As another example, applications running on your device can find out your internal IP, and if you've installed software that is malicious, it can also leak that information.
And theoretically, a static internal IP that is leaked, together with obtaining a payment record, could help to identify a user. (Dive into the payment info we handle for a fascinating read.)
Having said that, we still believe that WireGuard overall is in a better state than OpenVPN.
##Solutions to the problem
You as a user can mitigate this issue in two ways:
When connected to Mullvad, perform a Connection check. If you're not safe from WebRTC leaks, take necessary action.
Never download and install applications that you don't trust.
The Mullvad VPN app automatically replaces the WireGuard keys once a week.
We also want to see the WireGuard protocol itself improved, which is why we're taking part in the development of WG-dynamic. This implementation will give the ability to dynamically assign a new internal IP every time a connection is made.
Tbf, you don’t really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.
you should use openvpn in difficult network configurations such as college dorm blocking everything except tcp 443 and tcp 80 or with old clients that don't support wireguard
Tbf, you don't really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.