Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
Depends on your threat model - mine is to make it as annoying and difficult for data sellers and advertisers to profile me as possible so in that scenario a reputable VPN service makes perfect sense.
There's no such thing as total privacy and each service/software is simply a piece of the puzzle. If my government really wanted my data I'm sure they could find a way but making it as difficult as possible for techno-fascists is fine by me.
Privacy is a trade-off against convenience, and there is no perfect privacy.
VPNs are a mediocre privacy tool, because they presuppose trust in the VPN provider. Tor is flawed because it is open to correlation attacks.
There are low-hanging fruit that everybody should be using like sensible cookie policies, HTTPS-only mode, and DNS over HTTPS.
If you are looking for a solution on the far end of privacy/inconvenience you could look into I2P and use that situationally.
I would rather put my trust in a good VPN provider than the big CAs. And HTTPS only and DoH is not going to protect you from fingerprinting using your IP address.
Is a self hosted VPN good for daily privacy?
That depends on your threat model. It's a useful strategy to hide your traffic from your local network admin (e.g. at the workplace) and your ISP, but it's a bad strategy for hiding your identity from the sites you're visiting.
As some have stated depends on treat model. I personally use Mullvad for both pirating and accesing restricted sites in my country and evading shity laws. 5€ 5 devices with no bottleneck it's pretty good. Sometime I use tor when I try to reach a site that the WiFi provider has blocked
The problem with Mullvad is that there is not port forwarding for seeding stuff
There's no problem with seeding. There's actually more uploaded than downloaded
not working quite that well on my end. no matter how popular torrent, mine won't seed at all. and i can't download some rare ones where there's like less than 50 seeds.
What OS are you using? App? If you're using qbittorent make sure you have selected tun in advanced -> network interface
My bad
In my opinion, a VPN is a must-have, especially if you’re self-hosting, especially for a media server.
What does VPN hide that HTTPS can’t hide for media server?
I am looking at the scenario of listening to my music collection on self-hosted Jellyfin server.
IP address of my phone? That’s irrelevant.
HTTPS is way faster than VPN.
VPN into your home lab isn't about privacy, it's more about reducing your exposed services to the public internet.
If you have only the ports needed to VPN back into your network, then the rest is hidden behind your router. You only need to fully secure one thing, instead of having to ensure that everything is 100% patched.
It's not the only thing you should be doing, but it does help reduce the probability of a breach.
I don't see how exposing only port 443 makes much difference and port 80 for letsencrypt renewals.
It could hide your IP from someone on Lemmy finding your IP address
Any HTTP proxy will do it without VPN complexity.
They didn't really ask about a proxy server, I just gave them one thing a VPN could do
If you are really concerned, buy VPC from large cloud provider, install HTTPS server proxy, configure your web browser to use it. 512MB RAM server will be sufficient as long as it is given enough CPU. Free google instance is suffering from low CPU, not memory.
This way your link between you and internet provider is obscured. Your IP will be shared with others by cloud provider, so you get some obfuscation on that end.
If you use your own certificate authority, then you will get 100% man in the middle protection for link between internet provider and your home. If you use let’s encrypt, then we don’t know that status.
Advantage of this model is speed.
Your browser is still finger-printable, as always.
Securing DNS is its own topic.
You shifted your identity to cloud provider, so it is never 100% safe.
Forget about we keep no logs VPN statements. Judge order and you are logged by VPN provider and don’t know it. So what are you paying for? Slow speed and obfuscation of IP?
Or maybe a two hope vps setup should be great too, while preserving usable speeds
Maybe Orbot for phones and Carburetor for the desktop. But Proton VPN is pretty good if you ignore the drama around the company.
I use a VPN but you might look into portmaster and their spn. Its a little slow but even using portmaster without the spn you can filter your traffic and simply deny most apps access to the internet
Will look at it