Why Should I Use a VPN

Discussion in 'privacy technology' started by merisi, Jan 3, 2013.

Thread Status:
Not open for further replies.
  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    No, I don't mean that. I meant that you could play with PIA a little before moving on to Mullvad. Maybe while your letter with cash was making its way to them ;)

    It's not like Windows. There is no PIA client to install. Their instructions just explain how to install OpenVPN for Network Manager, restart Network Manager, and configure a connection for your VPN service. Network Manager basically provides a simple GUI to create an OpenVPN config file.

    It's not that bad, really. And you probably won't break anything by playing with it until it works.
     
  2. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It's just $6.95 for a month! Not worth getting a refund, for me anyway.
     
  4. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    True,I'll get one month so i can try it out as you suggested.
    i have virtualbox installed and xubuntu on it, so i'm ready to rock and roll:-*

    EDIT:
    Installing the software for PIA is problematic, they have this setup:
    Ubuntu Linux 10.10: OpenVPN Setup

    In Terminal, install openvpn packages with sudo apt-get install network-manager-openvpn.
    Restart the network manager with sudo restart network-manager
    Run sudo wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
    Extract the files from the zip with unzip openvpn.zip.
    Move ca.crt to /etc/openvpn
    Open the Network Manager on the menu bar.
    Choose add and select the OpenVPN connection type, and click Create.
    Enter Private Internet Access SSL for the Connection Name.
    Enter us-texas.privateinternetaccess.com [*] for the Gateway
    Select Password and enter your login credentials.
    Browse and select the CA Certificat we saved in Step 3.
    Choose Advanced and enable LZO Compression.
    Apply and exit.
    Connect using the Network Manager.

    Not all steps worked as written ( for a linux novice), but it all stopped at the step:" Apply and exit.", the "save"button is greyed out , this seems to be a known bug i found out.
    I opened a support ticket ,no answer yet.
    Now, Mullvad was a piece of cake, just run "mullvad_35_all.deb" and that's it.so i don't think i'll bother with PIA anymore,
    i should get my vpn access next week( i just got a few hours vpn service just to get my customer id )
    So i will now get my Airvpn subscription , to install on the host.
    I hope i can get some assistance getting these 2 vpn's to run chained.
    Cheers
     
    Last edited: Mar 1, 2013
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Strange. I've never encountered such a "bug" using Network Manager with PIA or other VPNs. But hey, Mullvad is a fine VPN :)
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I finally have a draft (no sound) video tutorial for creating a pfSense VPN client VM. I used AirVPN in the tutorial, but (with minor tweaks) it works for any OpenVPN-based VPN.

    It's at -https://vimeo.com/61070499.

    Please comment.

    PS - happyyarou666, I credited you ;)
     
  7. Thanks, mirimir great tutorial!
     
  8. popcorn

    popcorn Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    239
    Hey thanks :thumb:
    Looking forward to seeing more :)
     
  9. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803

    lols , thanks :argh:, hey add some groovy soundtrack to give it some pizzaz
     
    Last edited: Mar 7, 2013
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Right :)

    Some instructions would help too, yes?

    And what music would be appropriate?

    How about "Music" by Dubvirus? Or "A Gift To" by Sugarpill?

    Or o_O

    Edit: How about "Wilderness" by Bluetech? ;)

    Edit2: But not "Mjød" by Kvelertak, right?
     
    Last edited: Mar 7, 2013
  11. jesusjesus

    jesusjesus Registered Member

    Joined:
    Jul 21, 2009
    Posts:
    61
    I have a question about the possible negative of a VPN.
    All of the reasonably priced VPN's use shared IP's as your public visible IP. So what are the chances that due to illegal actitivies of others also using your ip similtaneously you become a much larger target to Law enforcement?

    I would use a vpn as minor form of privacy. I'm not someone that would be blocking java script, flash, and i'd stay logged into google etc. So i would think government agencies would much easily be able to detect and identify my real ip compared to those engaging in criminal activity who would naturally do everything to prevent detection of real ip.

    Is it possible that my using a vpn the way I planned to could actually be really bad for me, and I get raided and computers removed just to check to see if I was the other people using the same vpn IP who was mass distributing copyright material or hacking government computers?
    So that's my concern, not actually being raided for anything I do, but raided for other users using the same public IP as I was at the same time as an incident occured & I wont be doing much at all to protect my privacy other than using a VPN.
     
  12. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    why not mix em all into one :cool: and yes instructions would help as well i suppose ;)
     
  13. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Don't see how that is possible. All query's will go to the exit server and the company that owns the service (in a foreign country possibly). If there is no info to give (logging policy), there is no info to give. They will also know that 100s-1000s of people have the same IP. I guess you could worry that 'they' would request, from every major online service provider on the planet - if that IP has ever logged in to a service, and then try to find previous IPs that were used as well (like your home IP)...but jeebus, they'd still get 10,000 people, if it worked at all, and that would be Movie Plot stuff to the hilt. I wouldn't worry about it. I personally don't use the VPN to do stuff where you're "known" - banking, Amazon buying, Gmail, etc... But I don't travel and use open WiFi. Since all of that stuff is HTTPS, you don't need the VPN anyway. If I did, I would just use one (the same, always) VPN IP, all the time for those activities, and other IPs from the VPN provider for general surfing, etc...

    PD
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    There is one negative. Some websites may block you, if the IP that you're using has been blacklisted. Even if they don't block you, they may treat you differently. Google, for example, imposes mobile text verification for creating accounts for some IPs, but not for others.

    But it's not just VPN exits. If you're using an email provider that's been blacklisted, people may not get your email.

    I doubt that anyone would go after every user of a particular VPN exit IP, unless it were a small VPN provider with generally disreputable clients. But such VPN providers would probably not log. And they would probably be anonymous, and just disappear.
     
  15. jesusjesus

    jesusjesus Registered Member

    Joined:
    Jul 21, 2009
    Posts:
    61
    Main reason I want a vpn is because my golocation data is my actual suburb, and it freaks me out when various spammy ad sites know exactly where i live.

    As for how I thought a government department might find me. It's not through vpn logs but what I assume would be their active monitoring. I would guess the US gov knows the IP's that everyone on earth use when connecting to google accounts. They don't know who the people are but know the IP's.
    So if the US gov was 'attacked' using my vpn's IP, i'd imagine theyd cross ref that ip to google accounts and even those users who were actively using the net when the 'attack' occured. When they get hits on google accounts they then cross ref with previous ip's used for those google accounts. I use the example of google, but ofcourse it could be other sites that constantly track you such as facebook etc.

    It's only then they would start requesting logs, but by then not that many people to hunt down. Or am I being paranoid?
     
    Last edited: Mar 8, 2013
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    That's a prudent assumption.

    Yes, that would be prudent for them to do.

    Right. An adversary knows an IP address. From Google etc, it gets all accounts that were ever accessed from that IP address. Then it gets all IP addresses that ever accessed those accounts.

    Maybe you are. But for now, let's say that you're not :)

    There's a simple solution. Never access any site that's associated with you, especially through an account, from IP addresses that you don't want associated. Even without an account, cookies and/or browser signatures might be enough. And if it's a site that gets very few hits, such as my video tutorial, even the fact of browsing it might be enough.

    Is that paranoid?
     
  17. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    sure you are , as long as theres no actual IRL info tied to your internet accounts , gmail or whatever , then yes your being paranoid .. abit too much , and that coming from me xD


    simple as mirimir stated just make sure to use one certain ip for IRL stuff from your vpn and for the rest use other ips from your vpn , hell ive been thinkin and discussing this with mirmir in the past , suggestion was to simply use your real isps ip for IRL stuff , but tbh , not even then with https , would i trust my stuff on an open ended line , hell no !, makes me feel naked, not always a good thing , lol , paranoid , no , untrusting of the worlds isps , hell yeah ;)
     
    Last edited: Mar 9, 2013
  18. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    I'm back asking for some more help:)
    i have Mullvad vpn installed in the Xubuntu VM.
    And Airvpn on the win x 64 host.
    I have some issues which i am not sure about:
    1. i can't seem to grasp the actual routing of the 2 vpn's , it is explained here, but it is still abstract to me....
    example: in the vm i click on a link, so mullvad vpn would encrypt the request and normally take this to a server,say in sweden,
    which sends the request to the destination and gets the return traffic and sends it encrypted to my vm,
    where it gets decrypted and i see the page in my browser .
    Now, if this is correct,what route ( physical) is taken if the VM request is sent trough the host( which has airvpn ,with the server in Singapore) ?

    2.in the virtual box settings, should i set the network adapter to "NAT" ?
    3. Are there any settings in Xubuntu or/and the host which i have to change?
    I did a leaktest, the host leaked my dns, i changed the dns server to google, and the leak has been closed.
    4. How can i check the "chain" is working as expected?

    Any assistance is appreciated ! i'm not exactly a noob, but networking , vm's and Linux are unfamiliar to me.
     
  19. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Host: Main OS: VPN (1)
    VM: Virtual OS: VPN (2)

    VPN (1) IP: 1.1.1.1.1
    VPN (2) IP: 2.2.2.2.2

    FireFox on (VM) Virtual OS: (IPCHICKEN.com) IP: 2.2.2.2.2
    FireFox on (Host) Main OS: (IPCHICKEN.com) IP: 1.1.1.1.1

    FireFox on (VM) Virtual OS: (IPCHICKEN.com) (Tunnels HOST: Main OS) Through VPN (1) to VPN (2) and ends up at (IPCHICKEN.com) as 2.2.2.2.2

    FireFox on (VM) Virtual OS: (IPCHICKEN.com) (VPN 1) -> (VPN 2) (Internet Will See Only (VPN 2).

    Your VM VPN will be what shows up as the IP while using the VM. It will still go through the Host OS VPN as well. So in effect you are tunneling (VPN 2) Traffic through (VPN 1) which is your host machine even though you will only see the IP address for (VPN 2) To Quote A Certain Someone.
     
  20. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    Thank you for explaining the routes, have to digest it some more though:-*
    But my ip in the host is the Airvpn ip (VPN 1), should this be VPN2?
     
  21. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    In your set up, this is what happens.

    : Traffic gets tunneled through the AirVPN server and out to the internet through the Mullvad server.

    You -> AirVPN -> Mullvad -> Internet.

    Its kind of a mind bender to understand how it all works.
     
  22. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    Well , i'm going to get a few beers first ,this might get the creative juices flowing and make my mind somewhat more "bendable"
    Jokes aside ; it is really a hard concept to visualize.
     
  23. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    It really is.

    Yo dawg, we put a tunnel in your tunnel so you can be tunneling while your tunneling. Then we put a operating system inside of your operating system so you can be operating while your operating. Then we put it inside of a box, so you don't have to look at it all the time.
     
  24. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    This concise , clear explanation will become an internet classic, in the spirit of "All your base are belong to us" !
     
  25. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    That's good, bro :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.