
Free VPNs are a privacy nightmare. You shouldn’t download them - Anon84
https://www.wired.co.uk/article/free-vpn-android-ios-privacy
======
newscracker
Like this article says towards the end, I would just recommend ProtonVPN for
anyone looking for a casual free VPN service. None of the free services is
going to be enough for fast streaming or downloads anyway.

For those who trust the "cloud" and just want (only) a VPN service under their
control are capable of logging in to servers and running some commands, I'd
recommend Algo [1] with WireGuard.

[1]:
[https://github.com/trailofbits/algo](https://github.com/trailofbits/algo)

~~~
GekkePrutser
It depends what you're using a VPN for.

If you're looking for anonimity, using a VPS with Algo is counterproductive as
you now have a single IP you're always using and that only you yourself is
using. This is worse than your Dynamic IP on your home/phone connection. For
this purpose commercial providers are better because you're hiding in a crowd.

If you're just looking to encrypt your traffic on an untrusted wifi or trying
to connect to your own services, then Algo is great. I use it too for that
purpose.

~~~
newscracker
I agree. But the simplicity of deploying Algo (for those who can) means that
you can always spin up a new instance, use it and trash it regularly to avoid
being tied to a single IP (though I'm not convinced that hiding in a crowd
based on IP address is going to be of help; it would still require several
other mitigating measures in place against tracking).

------
auganov
The whole idea of VPNs (or extra hops in general[0]) providing security is
very context specific. For the vast majority of people they seemingly chose to
trust a VPN provider over their ISP which is hard to justify.

If you don't have a reason to be afraid of surveillance the best thing to do
is nothing.

[0] usually even worse if not VPNs used by many

~~~
tw04
>The whole idea of VPNs (or extra hops in general[0]) providing security is
very context specific. For the vast majority of people they seemingly chose to
trust a VPN provider over their ISP which is hard to justify.

The whole idea of VPNs and why I encourage people to use them is so that when
they're sitting on public wifi at a coffee shop, their traffic is going out
encrypted. It has almost nothing to do with hiding from authorities or
authorities surveilling you. It has everything to do with the kiddiot in the
corner hoping to steal a login because your mom re-used the same one 400 times
and her favorite cross-stitch site doesn't use SSL.

~~~
auganov
Well, using public WiFi is a good example of a situation where there is a
reasonable expectation of tampering. Point is there's no easy win if you don't
adequately understand your threat model.

If you then end up using the VPN even when you're not on an untrusted network
then it's questionable.

The concern with VPNs isn't state level players either. Much more likely to
have a rouge admin or hackers at a VPN provider than a big ISP. They get to
see your clear text connections too.

Not even talking about minor concerns like the fact that some VPNs won't put
you behind a NAT like most networks would. Had an http proxy running and was
sending tons of spam traffic to Russian and Ukrainian (I hope that's all they
were doing!) websites for weeks before I realized I had to lock down ingress
traffic myself.

------
diegoperini
I deploy this[0] to my own personal EC2 on AWS where I also deploy many other
small, hacky projects for personal use. I didn't create this but whoever did,
it's a remarkable and very easy to use setup. Highly recommend it. I give
access to it to my close friends and family. They love it!

[0] [https://github.com/mobilejazz/docker-ipsec-vpn-
server](https://github.com/mobilejazz/docker-ipsec-vpn-server)

~~~
np_tedious
Would you mind sharing how much this usually costs you a month?

The EC2 is easy to figure out, but the network traffic I have a harder time
with

~~~
diegoperini
I pay $60 for t3.medium on N. Virginia , without any EBS volumes attached. An
additional $2 for Route 53 also. (VAT included)

The average traffic consists of:

\- 2 people heavily using it, video streaming and stuff.

\- 2 people using it every once in a while per week, mainly for social network
sites.

This much data usage only costs $0.11 as of August 2020.

A much smaller instance would work if it is gonna be used solely by this
container. I believe you can get away with as cheap as $20.

~~~
np_tedious
Thanks for such a thorough answer! Somehow I thought the network costs would
be worse. I have a micro with some room to spare, it's quite possible I could
pull this off at very little marginal cost.

------
GekkePrutser
General rule: If you're not paying you're not the customer, you're the product
;)

However they contradict themselves a bit by recommending ProtonVPN and
Windscribe at the end. So there ARE good free VPNs. But they're promotions
with the intent on you becoming the customer in the future.

------
SomeoneFromCA
Free VPNs are great for evading censorship. For everything else, you need
you'd probably be better of using VPN + Tor.

------
varbhat
[https://bitmask.net/](https://bitmask.net/)

------
sidcool
I use NordVPN. Is it safe?

~~~
varbhat
No. Use Bitmask

~~~
sidcool
Reasons being?

~~~
jstarfish
They've been compromised at the hypervisory level before.

~~~
sidcool
Oops

