Buying a VPN with Sats ➕ Bonus Firewall Tips

Want an easy way to level-up your ~privacy that you can setup in minutes? Today, we're going to purchase access to a VPN service with sats. This will encrypt the data between our devices & our internet service provider (ISP) and shield us from snooping. The likes of PIA, NordVPN, Surfshark, ExpressVPN and others may be better than going without a VPN entirely, but we as Bitcoiners can do much better. We can use one that has shields our identity from our data much better. One of Mullvad, iVPN or Proton.
Today we're going to be purchasing with one of these VPN providers using Bitcoin in less than 10 minutes. Take your pick from 3 companies that Stackers have been recommending over & over again. So add a comment below in the SN chat to let us know how you get on with...
Today's Challenge: Purchasing a VPN using sats, plus advanced tips on using VPS/Routers/Firewalls.

Share Tips! ⚡

If you already use one of these services, share your tips in the comments below 🔽

Hierarchy of Network Privacy

🍕 Laszlow was the pizza guy and an early Bitcoiner. For no other reason, we're calling this segment "Laszlow's Hierarchy of Network Privacy". Like Maslow's Hierarchy of Needs except as follows:
  1. Acknowledge importance of privacy
  2. Install first mainstream VPN
  3. Buy a privacy-focused VPN (+ install firewall)
  4. Purchase new router & install own VPN on server
  5. Copy what Jameson Lopp is doing
As you know, VPNs are not only useful for obfuscating your location and protecting your user-data, they can also save you money highlighted by @Natalia's article on SN here and if configured correctly, they'll shield you from ads too.

Level 3. Intermediate - Buy a privacy-focused VPN 🌐

With this post, we're covering VPNs on our devices that interact with the internet most - our phones & computers. As mentioned, we'll be buying a privacy-minded VPN, from either MullVad, Proton or iVPN. Discussing the sign-up flow and benefits of each and tips for additional layers of obfuscation.
At the bottom of this article for instance, is a section in firewalls and DNS. DNS is how you connect with the internet, routing domain names to IP addresses. Each VPN offers their own DNS server, with some now rolling-out and "open-sourcing" known block-lists to shield you from adverts & malware before they even reach your browser. This doesn't mean they are filtering your content or seeing what you are doing, it is simply an allow/block list applied to traffic. You'll see the option to enable/disable some blocklists with the VPNs on offer below, however you may seek more control.
The additional DNS 'perks' with our VPNs are great, but at times they may be a little limiting, particularly if you need granular control over which IP addresses are blocked/enabled. For instance if doing client software development and needing to enable ads for access to a specific site. For that reason, I have included another section looking into Firewalls, considering they can be run on single machines or configured to pair with your chosen VPN on owned/cloud hardware. If you already have a firewall and custom DNS setup, here are some block-lists to take advantage of:

Where to Find IP Addresses to Block?


Level 4. Upper Intermediate - Router-Level VPN ☎️

Eventually you're going to want to step up your game and buy a new router and install your own VPN on it. Reason being, the security on your TV, security cameras, light bulbs, fridge - you name it - anything that's connected to the internet, quite frankly sucks. Plus it prevents us from needing to install clients on every machine connected to our Wifi.
If you want to become a ~privacy popeye, you might wish to take the extra time to buy a separate router for ~$100-150. To understand why you might do this, go read this article on the drawbacks of ISP/consumer routers.
One you have a new router, you can then ring your ISP and ask them to turn your existing router/modem combo into just a modem. And plug-it into your newly bought router. That way, ALL data on your home network can be separated and shielded with certainty, and easily routed through a VPN installed on the router itself. Meaning regardless of the device (inc. TVs, fridges, family and the like), ALL traffic will be shielded from your Internet Service Provider (ISP) without needing to install separate VPN app clients.
There was a great SN post as a guide recently, specifically using Mullvad. Given I am moving around a bit right now, I'm not in a position to perform these steps on a home router, but perhaps we'll do a follow-up post on this in future. Furthermore, if you have zero trust for third parties, chances are you may have your own proxy VPS setup already. There's also that option too of setting-up a VPN on a cloud server. Here is a SN post on doing that with WireGuard and also some GitHub repos to check out if this is of interest: Algo & OpenVPN.

Level 5. Advanced - Hardware Ninja-Turtle Setup 🐢

Rather than even attempt to describe what to do here, just go & read Jameson Lopp's article which was posted by @k00b here on SN . The guide runs through the entire $475 hardware stack, configuration & installation process, with some great diagrams of a 'perfect' setup. This seems to be the holy grail for us improving our network privacy. One day we'll all get there and be at the top of the pyramid yelling "yeehaa". For today though, we'll take it easy and simply buy a privacy-focused VPN with our hard-earned sats...

Time to buy a VPN with Bitcoin! 🟠

MullvadProton*iVPN*
<1 Week--$16 or $9.20 ⚡
1 Month$5.46 ⚡$9.99$10 or $6.90 ⚡
1 Year$5.46 ⚡$5.99$8.33
2 Years$5.46 ⚡$4.99$6.66
3 Years$5.46 ⚡-$6.11
Note: Prices are pro-rata monthly USD. Proton has a free plan also. iVPN pricing shown is 'Pro', they offer a cheaper plan for 2 devices, plus a light service to use for as few as 3 hours also.

1. Mullvad

Mullvad has plenty of Stackers recommending their services: here, here, here & here. It is likely going to be my preferred choice going forward, because of the additional integration & reliability when pairing with other services, like Firewalls (for custom IP block-lists) and Wireguard/Tailscale (for potentially file-sharing between devices or interacting with an LN node via Zeus).

Positives

  • No username or password - just store one (disposable) key.
  • No logging by Mullvad as seen in their policy.
    • They "want you to remain anonymous".
    • Only stores account number & expiry date of account (providing that you don't pay using a credit/debit card, purchase in app or email them).
    • If using their apps, they send the app version & operating system version to Mullvad servers (this can be avoided in advanced steps).
    • If using Wireguard, also account number, pubkey, tunnel address.
    • Mullvad VPN subject to a search warrant. Customer data not compromised.
  • 10% off when paying with on-chain Bitcoin.
  • Buy vouchers without credit card or personal information, using an external site not run by Mullvad, we can buy Mullvad vouchers over LN ⚡
  • Built-in kill switch that kicks-in automatically and prevents any data or IP leaks when switching between server or VPN locations.
  • Built-in ad blockers, multi-hops & censorship obfuscation via Wireguard.
  • Same pricing, no matter the length of term.
  • Supports multi-hops (entry and exit servers).
  • Been around since 2009.
  • Open-sourced VPN on GitHub.
  • Great external review can be found here by CNet.
  • It also has a dedicated CLI which works even when the app/GUI is closed.
  • Beta integration with Tailscale (useful to remotely access your node on mobile).

Negatives

  • Currently incorporated in Sweden, a government that is part of the "14 Eyes Intelligence Sharing" alliance & conducting mass surveillance.
  • Limited to just 5 devices per account.
  • Some reports of battery drain when using Tailscale on mobile with Mullvad on older versions of iOS - apparently now fixed with iOS 17.2.
  • No "direct" lightning purchase yet.
  • Almost all IP addresses black-listed by Reddit

Step by Step

  1. Go to https://mullvad.net/en/account/create (ideally using a Tor browser).
  2. Generate yourself an account key.
  3. Top-up using voucher (Lightning) or on-chain Bitcoin.
  4. If using voucher, go to this site to anonymously purchase a voucher.
  5. Enter voucher code on Mullvad manually and get hiding!
  6. Download Desktop app and configure Settings (location, blockers, hops).
    • Enable kill switch & lockdown mode (to prevent leaks, even when app closed)
    • Enable content blocking (Ads, Malware for example).
    • Choose location(s) & click 'Secure My Connection' then you're all set!
    • Filter by country (Entry/Exit) + owner of IP - for a full list visit here
    • Select 'Wireguard' as Tunnel protocol (since OpenVPN is often slower).
    • 'Wireguard Settings' & enable 'Multihop' & 'Obfuscation' for max privacy if latency not an issue.
  7. Create a fresh account in 3 months time, pay via Lightning and use a new account identifier, to minimise data collection!

Bonus Steps

To enable a different server proxy for a particular browser:
  • Enable SOCKS5 settings and use a 3rd hop in an alternative location to further differentiate your regular browsing vs all other apps (e.g. for Firefox).
To install WireGuard on Phone:
  • If without a privacy phone (and run Apple/Google/Samsung) and not wishing to associate yourself with Mullvad by downloading their app from AppStore, visit this link. This will avoid you showing up as customer of theirs. Note: VPN killswitch is often disabled when using this method.
  • Open desktop site and select location(s) for exit node(s) AND server.
  • Open 'Advanced Settings' toggle in browser, and enable 'Multihop' for maximum privacy if latency not an issue.
  • Click 'Generate QR Code' and scan with mobile device. Voila!
To install Mullvad on Router:

2. iVPN

It's great to see people at iVPN really engaging with the Bitcoin community, having launched a product specifically for us here on SN. iVPN has also had various stackers recommending them on SN here , here , here & here. Since having used their product, I am blown-away by the amount of advanced features, the great UX and the levels of customisation on offer.

Positives

  • Try for as little as 3 hours!
  • Pay with Bitcoin/Lightning natively at just 2nd Step! 👏
  • @viktorv the COO from the iVPN team lurks with us here on SN 🤠
  • No email or password - just store one (disposable) key.
  • Pay over Lightning with Bitcoin! ⚡🤩 using their own BTCPayServer!!!
  • Built-in ad and malware blockers - feature called AntiTracker
  • Integrates with Wireguard on mobile/desktop.
  • No logs, regularly audited VPN service, VERY clear privacy policy
  • Killswitch and really advanced settings (like custom DNS) to give you full control of ~privacy.
  • Pro plan is best offering.
    • Works on up to 7 devices.
    • Supports multi-hops (entry and exit locations).
  • Great integration with NextDNS.
  • Additional SOCKS5 proxy also.
  • Been around since 2009/2010, so been around for a while.
  • Open-sourced code on Github.

Negatives

  • 'Light' service incompatible with their own VPN apps (only Wireguard ).
  • Took a restart to get it working with latest version of MacOS

Step By Step - iVPN - Standard/Pro

  1. Go to https://www.ivpn.net/pricing/ and select plan.
  2. Copy account key, select plan length & click 'Bitcoin'
  3. Choose Lightning, scan QR code and pay with sats
  4. Download & install app(s) for your device
  5. Login using your account key from #2
  6. Enable firewall, anti-tracker and choose a Location
  7. Settings - General - Change default launch options
  8. Settings - Connection - Choose protocol & key rotation ⭐
  9. Settings - Firewall - Enable always-on & prevent access without it if wish
  10. Settings - Anti-Tracker - Add custom block lists & toggle more hardcore option
  11. Settings - DNS - Redirect DNS to your own network firewall (see later section, if wish)
  12. Settings - Advanced - Enable additional auth for ~security and require password when restarting app.

Step By Step - iVPN Light

  1. Purchase the light service with zero friction, select single/multi-hop locations and click 'Purchase access' (can do this in a Tor browser).
  2. Be taken to BTCPayServer, scan the QR code and you're in! Click the 2nd button to continue.
  3. You'll be redirected back to iVPN, where you can download the config file with the blue button at the bottom.
  4. Now download Wireguard app. The iVPN Light service is NOT yet compatible yet with iVPN app(s).
  5. Import the tunnel config file we downloaded from 3. Click 'Activate' and you're setup!

Bonus Steps


3. Proton

Last but not least, we have Proton. Proton is also a service used by a few Stackers in the community, with posts here, here, here, here and here. There was some constructive criticism of their service here on SN when using Tor. They offer a free VPN and a paid service and on their VPN service have a no-logs policy. For some strange reason they don't accept Bitcoin payments over Tor though, which has led to some scepticism.
I can certainly see the appeal from a convenience perspective with Proton offering the VPN in an 'Unlimited package' amongst other Proton services (passwords, email, calendar, drive). They are fighting the good fight, although it may be wise to spread our risk wherever possible (perhaps keeping our VPN with a separate provider to our mail/password manager and thus preventing lock-in).

Positives

  • No-logs policy.
  • Free service to try before you buy, with paid subscribers subsidising it for free users.
  • Purchase with Bitcoin (over clearnet).
  • Kill-switch and secure core for routing traffic through "privacy-friendly" countries
  • Create multiple custom profiles and switch between them easily. Create Tor profiles.
  • "NetShield" for blocking malware, ads & trackers.
  • Open-sourced VPN code on GitHub.

Negatives

  • Lack of advanced options & configuration - in comparison to alternatives
  • Requires email & password to sign-up - other options provide simple account key to remember.
  • Automatically generates passwords for users - potential big vulnerability
  • Difficult to find Bitcoin payment options (until have an existing account, and go to checkout page after sign-up)
  • Only on-chain Bitcoin supported, no lightning.
  • Proton seems to work hard to "filter" spam / track & identify users at sign-up.
    • e.g: Cannot use Proton email address for signing-up.
    • e.g: Cannot use Brave Browser with shields or Tor to sign-up.
    • Cannot create / pay for account with Bitcoin when using Tor - see here on SN.
  • More commonly used and therefore more likely to have certain IP addresses blocked.
  • Proton has previously given over IP addresses to Swiss authorities for email service, but not for VPN.
  • Reports of compatibility concerns with NextDNS.

Step By Step

  1. Go to https://protonvpn.com/pricing and click 'Get Proton Free'
  2. Enter email address and click 'Start using' Proton VPN
  3. Verify email address if needed
    • For some silly reason Proton don't allow you to use a Proton email address for sign-up, and have blocked many 'burner' / temporary email services
    • Also troublesome when using Tor or Brave with 'shields up'
  4. Choose secure password - DO NO use their own calculated default 🤦‍♂
  5. Download the correct app for your device
  6. Login, connect, enable & start using the VPN
  7. If enjoying the Proton experience, visit your ProtonVPN Dashboard and select a plan.
  8. Under 'Payment method' for checkout, choose Bitcoin. Send on-chain sats.
  9. After confirmation, restart VPN and check 'advanced' options displaying for you. Create custom profiles.

Bonus Steps

  1. To install Proton on router, buy a new router from InvizBox or other compatible hardware.
  2. Download the Wireguard configuration files from Proton - instructions here
  3. Follow the complete guide on obtaining seamless integration between your router & Proton VPN


🔥 Firewalls

Talking about DNS and firewalls could have been a post in it's own right, but using a VPN with a Firewall is a powerful combination for privacy, especially when you have both:
  1. Extremely private open-source VPN - without requiring email - all paid anonymously with our hard-earned satoshis.
  2. Fully-featured firewall that helps you restrict certain traffic - providing protection for all web traffic, apps & OS-level network operations. Open-source software.
There are a bunch of Firewall solutions out there, but I have chosen a few that cover a range of hardware / setups. There may be better options like OPNSense if installing direct on the router. Some of the recommendations are open-source and those that are not have a decent track record with no known instances of logging data.


1. PiHole

Positives

  • 100% free
  • Open-source
  • Can double as a network monitoring tool (see screenshot above)
  • Can reduce bandwidth usage
  • Blocks ads & trackers web-wide places, inc. in several video streaming platforms
  • Supports Gravity, a script which retrieves blocklists & consolidates them into one unique list for the DNS server to use.
  • Big enthusiastic and helpful community
  • Integrates with well Home Assistant (open source home-automation)
  • Only need to have 4GB space & 512MB RAM to run (recommended)
  • Configure your own local 'domain' for development on your network
  • Can be installed on other hardware besdies Raspberry Pi devices.
  • e.g. Great plug-and-play support for running on Umbrel
    • Simple setup, just set the Primary DNS on your VPN/router to the IP address of your Umbrel.

Negatives

  • If you have a device you don’t want blocking enabled on, you will have to manually change that device’s DNS settings to exclude it
  • There is no option in the web interface to disable blocking on individual devices. Or to have any parental controls.
  • Uses Coinbase to process donations via Bitcoin (and other💩)
  • Most people will need to purchase new hardware, costing minimum $35.
  • If not maintained/configured properly can cause issues, valid from @Darthcoin here on SN

2. NextDNS

I have only just started using NextDNS, but they have done a great job at providing an accessible service that integrates well with most VPNs. They do so without requiring any specific hardware to host it on, with you simply pointing your VPN at it.

Positives

  1. You can automatically subscribe-to and add existing advert block lists (in 1).
  2. Just as impressively, you can disable native tracking done by Big Tech if you have yet to migrate from their operating systems (2).
  3. Lastly, there are also certain restrictions (3) you can place on yourself or "kids" at a network level also - e.g: no StackerNews before the saloon opens at 6am EST.

Negatives

  • NextDNS accept Bitcoin via BitPay 😠
  • NextDNS are a U.S based company, and they provide no evidence they cannot see/process your information.
  • They have shared the source for their clients, but not the server software.
  • Freemium business model with free tier limited to 300k queries per month and after that their filtering stops. Free software can sometimes mean users are the product.
  • Apple's Private Relay can have issues with NextDNS.
  • No court cases to "battle-test" the zero-logging policy they reference.

Furthermore...

  • NextDNS also published theirnative tracking domains and ad blocklists on their GitHub, so even if you don't wish to use their software, you could use these lists for an alternative firewall setup.
  • NextDNS have also said they "will never engage in any data sharing or selling activities, now or in the future." And have agreed to abide by the Mozilla Policy.
  • Even on their free tier, they mention they do not log any data their clients do not specifically request.
  • You can configure your DNS settings on your device(s) using these instructions.
  • You will have most success with either iVPN or Mullvad. Proton occasionally has been known to have compatibility issues with NextDNS.
  • You may have cookie-blocking or tracking protection enabled in your browser, but with a setup like NextDNS you can now have that extra comfort in case something sneaky slips-through either the browser or an app you are using.

3. Portmaster / OpenSnitch / LittleSnitch

In this section, we have listed some firewall clients that can be installed on isolated computers and machines. I have previously used LittleSnitch on Mac to great effect. They can be configured so that every data packet from every IP address from every application needs to be approved by you if you wish. However their real power just comes from the traceability and rules you build-up over time, to create your own allow/block lists - without depending on any third parties or hardware setup.

Portmaster (Linux/Windows)

  • Linux and Windows only.
  • Some limited compatibility with certain VPNs. Look into compatibility here.

OpenSnitch (Linux)

LittleSnitch (Mac)

Positives of All

  • Portmaster and OpenSnitch (not LittleSnitch) are both Open Source.
  • Ability to set custom rules, device-wide or per app.
  • Outbound connections filtering (not just inbound)
  • Auto-block trackers, cookies and malware.
  • The ability to monitor all network activity on your computer. LittleSnitch allows you to do this via a map.
  • OpenSnitch allows you to manage multiple instances/nodes from single GUI.
  • LittleSnitch offers the ability to quickly switch between modes (see screen above).

Negatives of All

  • Slightly cumbersome and involved to setup rules & blocklists.
  • Computer device specific - don't protect you network-wide (on Smart TVs, guests etc)
  • OpenSnitch has rugged UI (LittleSnitch & Portmaster more polished)
  • Portmaster not yet available on Mac. Plans are in progress.
  • LittleSnitch is Mac specific.
  • LittleSnitch is also paid, but available for free for 30 days!

Other Firewall Options



Buy your VPN today!

So there you have it, setting-up a VPN is really simple and hopefully this post has shown just how so. In the future it'll be time to install the VPN on a newly-bought router.
Keep in mind that access to VPNs may become increasingly difficult in many countries like the 🇺🇸🇬🇧🇪🇺 in future. Thanks to draft legislation like the RESTRICT act, which would "outlaw" VPN usage in the event of 'foreign adversaries' or for 'national security' reasons. It's important therefore to use a service that offers payments via Bitcoin or anonymous vouchers, which don't need to be linked to our identity, and that can be swapped-out for your own VPN service in future. Also another reason to consider generating a new account or new service every few months, so that usage or account data of any kind is limited to a certain period. Many of the VPN services below are disposable in that aspect.
Some VPN companies may be logging meta data regarding page visits, sessions, device IDs etc, with some found to have been this as a secondary way of monetising their product/users or are feeding the surveillance-state To analyse and compare VPN providers, including those that are not found within this write-up, this website is a good start .
We've simply focused our attention above on the top 3 services in Mullvad, Proton & iVPN. If you have any extra tips, let's turn this into a real pub chat...

Upcoming Privacy Pub Challenge 🍺

Thursday 25th January - Buy a Domain + SimpleLogin burner emails Purchasing a domain name using sats, plus pairing it with SimpleLogin for segregated email signups.

Advanced Reading 🔗

There's also this VPN service -
Pay over lightning for as little as 10c for an hour
You need Wireguard to use it (DL link on the site)
Admittedly, it is much simpler than the solutions listed by OP...
reply
Thanks for sharing lnVPN. I have seen a few stackers experimenting with it. It could be that being a smaller service will be an advantage in the future.
How did you get on using it?
reply
deleted by author
reply
When you mix VPN providers through multiple nested sys-vpn qubes on Qubes-os 4.1 using qubes-tunnel, you can reduce counterparty risk from any single provider.
I have found that i make use of many of Proton+ bag of features: custom email, e2e email encryption, mail bridge for running your own email client, VPN -secure core. As always, use your own locally-generated encryption keys for storing files in the cloud. No one is worthy of your trust; keep your secrets your own.
reply
Interesting. Do you suffer any latency issues doing that with various VPN layers? I imagine it’s still far superior to Tor?
reply
I created a minimal Debian template (1vCPU, 700MB RAM) to run the sys-vpn instances. That helps with system performance. Yes, nesting can reduce performance compared to a single VPN tunnel and yes it still far outperforms TOR.
I use different sys-vpn chains for different app qubes depending on performance and privacy needs. I try to create a tree and branch structure so that normie and secure traffic have different in-points, out-points, and mid-points with some common bi-directional trunks to confound traffic fingerprinting attacks on privacy. Working on scripting more dynamic re-assembly of inter sys-vpn pathways. In general, all providers I have used have accepted multiple concurrent connections to many individual servers.
Maybe I’ll write something up for a SN post one of these days.
reply
You definitely definitely should. Please @ me in the post when you do.
reply
323 sats \ 3 replies \ @OT 12 Jan
Anyone know the best VPN for China? I tried proton, nord and express VPN but they all didn't work. Astrill works in China, but I'm not sure if they're just CCP permissioned.
reply
From what I can tell, it might take more ‘trial and error’ to configure, but here are posts directly from each provider…
I’m sure one Stacker will be better placed and have direct experience though.
reply
get a vps droplet with openvpn.
reply
I recommended friends over there to use Mullvad, and was told it's working nicely:)
reply
323 sats \ 1 reply \ @macarena 12 Jan
Wow, thank you for the excellent overview.
I'm using ProtonVPN and the Mullvad-DNS to prevent spam and tracking.
reply
That's awesome 👏 If you ever setup your own DNS, you could layer Mullvad's on-top of other ones too. How have you found Proton of late?
reply
Great post! I’ve been using Mullvad for months, paid via lightning from vpn.sovereign.engineering. Very pleased thus far. I have encountered many services that don’t let me use them while on the VPN, though. It is what it is
reply
Yes, Reddit in particular. All the motivation I need to never visit there again
reply
Yea I stopped using Reddit habitually back during the API fees issue last year. I’ll visit if it comes up in a search but I do not endlessly scroll or visit regularly any more.
reply
570 sats \ 1 reply \ @9 13 Jan
You can still use https://old.Reddit.com/
reply
Great tip!
reply
Yeah, I will heat up coffee for the reading, thanks for sharing 😁
reply
much POW!
I switched from Proton to Mullvad, and couldn't be happier, no more annoying logins! and guys, you can pay over LN here with https://vpn.sovereign.engineering/, and a better practice is to use the purchase voucher option and then redeem the voucher without even giving away the account number.
reply
100%. After going through all the experiences... It is Mullvad or iVPN for the win. Both are exceptional products. Proton is a very distant 3rd in my mind.
reply
I left Proton completely:)
reply
Such a clean experience doing it that way. Hope Mullvad offer native Lightning support soon though, without that external dependency. Here’s the exact link: https://vpn.sovereign.engineering/account?is_hidden=dummyyes
reply
did you make this one? so nice! would be nice to know what tool was used to design this.

The reading experience is really important for me, especially long-form ones ( not just content is important), and this piece is really enjoyable:)!
reply
"Forked" someone else's 3D pyramid from the interwebs and photoshopped it to have these stages.
Copying Lopp is the final boss stage, where you get super technical and have an amazingly secure local network - his article is a must read if you want to progress up the pyramid.
reply
oh! 😂
Jameson Lopp! I read a few articles from him when I was started to dig about Bitcoin:)
reply
Such a good piece! It's like this pyramid I like pfsense as an early step
reply
Love the diagram! Stacking that privacy, particularly to outsiders.
reply
I've been orange pilling globally, waking people up to Bitcoin. However, in Russia, Proton VPN stopped working, and it seems they kicked me out. Now, I'm skeptical about trusting ProtonVPN
reply
Happy user of Mullvad VPN here! Great article, thanks for this information so useful. I'll follow some of your recommendations for sure.
reply
42 sats \ 1 reply \ @denzel 12 Jan
I wish there is some decentralized open-source VPN out there. Anyone can deploy it, it would only allow end-to-end encrypted access, and should allow routing traffic via a chain which a client can build.
Thinking more about it. It is already out there Tor, I2P, Freenet and Lokinet. However, I feel if there was a paid alternative, more people would run it and there would be less abuse and better speed and less packet drops.
reply
Perhaps ~nostr will scale tech like Tor in the future. We just need Tor to get more adoption.
The problem with ‘decentralised’ VPNs is anything that’s newly built needs to get significant enough network effects to be ‘secure’. And without that being the case, how do you know who is your counter-party? And that they are not the same party every hop of the way?
At least with a company they have a track record, they have levels of transparency and their brand is on the line. Even if many do still abuse it.
To me it’s either VPN, multiple VPNs looped together like @orangecrush mentioned, or Tor.
reply
Proton needs to start accepting lightning payments. On-chain fees for a subscription of < $100 made me look into mullvad
reply
Proton works very well in Kenya
reply
Bravo, very very good resource
reply
211 sats \ 0 replies \ @Eobard 12 Jan
deleted by author
reply
100 sats \ 4 replies \ @Eobard 12 Jan
deleted by author
reply
Thanks for mentioning. Any idea why it hasn't been enabled by default yet? Seems like a pretty great tool to differentiate themselves from the competition. Says it's supported in macOS also.
Some annoying practices & email authentication during signup with Proton, making their service a huge turn-off for me.
reply
100 sats \ 2 replies \ @Eobard 12 Jan
deleted by author
reply
0 sats \ 0 replies \ @ek 12 Jan
no wonder people call them honeypot.
reply
Could not agree more. I imagine they justify it because they have a free VPN offering and need to protect themselves from 'spam' accounts.
For a company priding itself on 'privacy' though - it sure gives-off a poor first impression.
reply
deleted by author
reply
deleted by author
reply
100 sats \ 1 reply \ @Eobard 12 Jan
deleted by author
reply
Great, would love to know how you get on. It is another third party based in 🇺🇸 which is kind of 'sucky', but the control you get on a network/device level is really neat.
Free tier is rather generous (300k queries a month), which makes me you wonder how, but definitely worth trying-out. Remember to disable the logs (which are enabled in settings by default).
reply