• Green13@lemmy.zip
    link
    fedilink
    English
    arrow-up
    52
    arrow-down
    1
    ·
    9 months ago

    If you’re using a free proxy, I have some RAM for you to download

    • viking@infosec.pub
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      1
      ·
      9 months ago

      Proton is unfortunately using wireguard and openvpn protocols, both of which can be blocked with relative ease.

      I used them before moving to China, and within 3 months of arriving, the service was permanently interrupted, and their support acknowledged the outage, said they can’t do anything about it, and ghosted me on the refund request since I had an annual subscription.

      Mullvad is generally considered the industry leader btw., though for China there’s hardly anyone but Astrill that actually works.

      • smeg@feddit.uk
        link
        fedilink
        English
        arrow-up
        10
        ·
        9 months ago

        Does this cover Proton’s new(ish) Stealth protocol too? They made a big deal about it being unblockable, and I (in my relatively light usage) haven’t had any problems with it.

        • viking@infosec.pub
          link
          fedilink
          English
          arrow-up
          7
          ·
          9 months ago

          I’m not sure, haven’t read about that yet. But I’m testing it as we speak, since they make it available in the free version as well, which is nice.

          Will report back after some more testing (Lemmy isn’t blocked [yet]).

        • viking@infosec.pub
          link
          fedilink
          English
          arrow-up
          5
          ·
          9 months ago

          So far so good, I have to say. I’ve got a subscription for Astrill until November, but will keep the free proton running in parallel as a long term test and then consider switching. Thanks a lot!

        • viking@infosec.pub
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 months ago

          Yeah the problem I have with those is that they are mostly run by Chinese, be it on- or offshore, and they can be compromised or extorted. And any service that accepts payment via alipay is sketchy in my books.

          • Tommy Wang@fedi.gang.st
            link
            fedilink
            arrow-up
            2
            ·
            9 months ago

            It’s opensource, You can get a vps and run your own, very easy and the speed is enough to watch 4k youtube.

            • viking@infosec.pub
              link
              fedilink
              English
              arrow-up
              1
              ·
              9 months ago

              I had a shadowsocks server on a vps, was dead after a few weeks. Hosted on AWS Hong Kong (before China took over). They blacklist IPs very quickly.

              • Tommy Wang@fedi.gang.st
                link
                fedilink
                arrow-up
                1
                ·
                9 months ago

                @viking@infosec.pub
                SS on AWS is easy to be found and blocked, try Trojan, Hysteria v2, V2Ray…, I had one of V2Ray on GCP hong kong, and it lasted for a very long time.
                Usually GCP and Azure has the best connection to CN.

                • viking@infosec.pub
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  9 months ago

                  Interesting, thanks! My astrill subscription is still running for a couple months, but will test it as a fallback.

              • Tommy Wang@fedi.gang.st
                link
                fedilink
                arrow-up
                4
                arrow-down
                6
                ·
                9 months ago

                Have you ever been to China? I have been lived in China for many years, actually no much complains of my very own experience so far.
                And I’d been to US, Indonesia, Thailand…and the worst experience I had is in US, each time I visited there, there were gunshot incidents happened nearby, and homeless people, bad smell on subway…I am not saying all US places are like this, I only visited CA, some places are cool, but I definitely won’t go out alone after 8pm in the dark.

      • redcalcium@lemmy.institute
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Unfortunately vpn (and vps) providers are very wary about providing service that specifically target customers in china because when their service inevitable got ip-blocked by the gfw, those customers would immediately issuing chargeback, which is much more expensive to process than refund. The only providers that are still in the market for circumventing gfw now price their service accordingly (i.e. much more expensive than the usual vpn marketrate) to absorb this risk.

        • atrielienz@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          4
          ·
          9 months ago

          So, did you read the article? A rented server was breached because it didn’t belong to Nord and the company that it belonged to was at fault. I personally have had no problems with the service. They didn’t lose passwords, user data or any credit card information. At worst someone may have been able to monitor some user data and internet traffic. This also happened before I started using them (I had another VPN before that).

            • atrielienz@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              5
              ·
              9 months ago

              How is it exactly that you think large VPN’s work? Because I gotta say, no large VPN isn’t using some independent vendor. Can you prove they still do business with that vender?

      • colonial@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        9 months ago

        I’m not well versed in the machinations of the Chinese government, but if a relatively “normie” VPN like Nord works in China… it’s probably controlled opposition (i.e. they’re logging everything to a government server.)

  • PoliticallyIncorrect@lemm.ee
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    3
    ·
    edit-2
    9 months ago

    The only 3 good free unlimited options out there are ProtonVPN, RiseupVPN and BrightVPN(only for windows), limited ones Windscribe and PrivadoVPN(10GB per month).

    These are the only good free options anything else it’s a scam(you are the product) or you have to pay.

    Another option maybe could be self-hosting in Oracle Cloud but it will not be anonymous at all, secure maybe but definitely not anonymous.

    • Synnr@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      5
      ·
      9 months ago

      ProtonVPN, RiseupVPN and BrightVPN(only for windows), limited ones Windscribe and PrivadoVPN

      Where did you get this idea?

      Mullvad, IVPN, Perfect Privacy, and a few others have had independent audits of their no-log behavior and in some cases, law enforcement audits. They sure as hell don’t proxy your traffic. They all accept Monero and cash. They all have multihop.

      Edit: I see you said free. Yeah, I wouldn’t trust a free VPN, regardless. If you’re not paying for the product, you are the product.

      • trolololol@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        I agree,

        However I got to a point that I’m skeptical even with paid, well established products. I don’t need VPN but if I did I’d try something based on onion routing.

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      9 months ago

      Yeah, I don’t know how strong this defense would be when they put you on trial for CSAM.

      • pivot_root@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        9 months ago

        “Your honor, I didn’t distribute distribute CSAM. That was somebody else.” and “Yes, your honor, I did sign that internet service contract agreeing that I am responsible for all activity that originates from my network.”

    • redcalcium@lemmy.institute
      link
      fedilink
      English
      arrow-up
      4
      ·
      9 months ago

      Only if they’re stating this upfront, in a giant text. Those apps hide this capability and are thus categorized as malware. Turning the victim’s computer into a residential proxy has always been a staple in botnet operations.