Hello all!

I have been out of the piracy game since a little before mullvad lost port-forwarding; I know these things are ever changing, and to my understanding ivpn is a good bet at this moment in time.

I was wondering what everyone else has been using. As well as if anyone has tried the gui client for ivpn either built from source or the AUR build(I do use arch btw).

I am open to any vpn client that has a good reputation in the community, and build-able from a repository; A gui is preferred but not necessary, and absolutely NO account creation (Except for generic account numbers of course).

Thanks in advance for anyone who takes the time to answer.

  • bartolomeo@suppo.fi
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Wait why “if you’re crazy”? I know wireguard is faster but is there something I’m missing?

    • lud@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      No, you are not missing anything. Wireguard is just much better.

        • lud@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Here is what Mullvad has to say about that: https://mullvad.net/en/help/why-wireguard/

          #Is it true that a user’s public IP must be logged in order for WireGuard to work?

          No. When using WireGuard, your public WireGuard IP address is temporarily left in memory (RAM) during connection. By default, WireGuard deletes this information if this server has been rebooted or if the WireGuard interface has restarted.

          For us this wasn’t enough, so we added our own solution in that if no handshake has occurred within 600 seconds, the peer is removed and reapplied. Doing so removes the public IP address and any info about when it last performed a handshake.

          If you want to hide your public IP even more, use multihopping.

          #Is logging of any user activity required in order for WireGuard to work?

          No. There is never a need to log user activity no matter if you’re using OpenVPN or WireGuard.

          #What are your thoughts on the internal WireGuard IP address being static?

          We acknowledge that keeping a static IP for each device, even internally, is not ideal.

          Why? Because if a user experiences WebRTC leaks, that static internal IP address could leak externally. As another example, applications running on your device can find out your internal IP, and if you’ve installed software that is malicious, it can also leak that information.

          And theoretically, a static internal IP that is leaked, together with obtaining a payment record, could help to identify a user. (Dive into the payment info we handle for a fascinating read.)

          Having said that, we still believe that WireGuard overall is in a better state than OpenVPN.

          ##Solutions to the problem

          You as a user can mitigate this issue in two ways:

          • When connected to Mullvad, perform a Connection check. If you’re not safe from WebRTC leaks, take necessary action.
          • Never download and install applications that you don’t trust.

          The Mullvad VPN app automatically replaces the WireGuard keys once a week.

          We also want to see the WireGuard protocol itself improved, which is why we’re taking part in the development of WG-dynamic. This implementation will give the ability to dynamically assign a new internal IP every time a connection is made.

          • JustEnoughDucks@feddit.nl
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Ah, nice. No issue for mullvad then. I wonder if other VPNs do something similar. Otherwise they.could be stored for multiple months.

    • ancoraunamoka@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Tbf, you don’t really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.

      you should use openvpn in difficult network configurations such as college dorm blocking everything except tcp 443 and tcp 80 or with old clients that don’t support wireguard