
Free Open Source VPN – AES 256 – WireGuard and OpenVPN - AtmaBhava
https://openinternetaccess.com/vpn.html
======
magicconch
The OpenVPN configuration uses AES-128-GCM as the cipher, which itself is fine
but the website claims it is using AES-256.

More concerning is the 'Tor VPN' and bridge being offered. The Tor bridge here
is not a proper bridge, instead the SOCKS port is being exposed on a public IP
rather than the usual 127.0.0.1. SOCKS is an unencrypted protocol so
everything being sent to the bridge is exposed on the wire, and your ISP can
trivially see that you are connecting to a VPN over it. This is dangerous and
misleading - Tor even warns you that the protocol is not encrypted when you
expose the SOCKS port publicly. _Real_ Tor bridges are simply relays not
listed in the consensus file. Connections using them are still encrypted using
TLS. The website incorrectly claims that by using the VPN over Tor
configuration files, you are masking your VPN connection from your ISP.

This free VPN is so misleading that I felt the need to make a HN account just
to write about it.

~~~
Snawoot
Also only available cipher for wireguard is Chacha20Poly1305. I wonder how
comes technical information presented by this VPN service is such inaccurate.

------
buckohfive
Some googling finds the following:

\- OpenInternetAccess domain name registration is privacy enabled (who isn't)

\- VanwaTech runs this VPN, according to their website

\- The phone number listed for VanwaTech is (315) 754-4728

\- This number is also the contact for Northwest Hydropower
([https://nwhydropower.com/](https://nwhydropower.com/))

\- Northwest Hydropower hosts asic crypto currency miners

\- u/Nick-Lim has posted advertising OpenInternetAccess VPN, Northwest
Hydropower, and VanwaTech

Just so you know who runs this VPN.

------
ronsor
It's as if everyone here suddenly forgot all free VPNs are honeypots.

~~~
14
Do you have a VPN you do recommend?

~~~
bemeurer
Not OP, but I've used Mullvad for a couple years and have 0 complaints.

~~~
voidwtf
I'll second Mullvad. Their interface is dead simple and the list of supported
platforms/protocols is great. Quite permissive with 5 connections and port
forwarding options. They actually detail how they attempt to never log the
payment -> account link for most payment methods on their site. The account
has no authentication, it's just an account number with no other identifying
information.

They also list all their servers so you can modify your config to have any
combination of servers/locations to use and fall back to.

