WireGuard worth the risk ?

[RFT354]

I cannot pretend to speak for System Error Message, he is a particularly smart person and can explain himself just fine. But what I *think* that he meant by "...you need a proxy too" is that a proxy diverts away from the VPN connection itself, which obscures you from the VPN provider.

In other words, if your VPN is a corporate connection to your work, then obviously it isn't private or anonymous, it is just (hopefully) secure. And if you are using a commercial VPN service for privacy, your connection is still not obscured from the VPN provider, regardless of what they say. You are relying on that provider's history of resisting subpoenas and the like and kinda crossing your fingers. In a way, you are using the VPN provider *as* a proxy, and using something else in between those two connections may make it more complex to locate you.

The rest of what he is saying about Tor being government controlled, and about not being able to pick your own nodes, I do not understand. There are absolutely malicious actors running exit nodes, and many are likely state sponsored, but you can configure nodes in torrc.

Connecting to a VPN server through a second VPN provider has a speed penalty, but is a better idea than through a proxy if the intent is to make it slightly more difficult to identify a VPN user. But why is he writing “proxies have the additional benefit of being able to manipulate your request? What benefit, in this context?


Here’s another way of using a proxy together with a VPN: as a kill switch.

SOCKS5 proxy

Use our SOCKS5 proxies to further minimize your computer's identity from being revealed and reduce CAPTCHAs.

mullvad.net

Does Merlin kill switch have to check with the server every few seconds to verify there’s an VPN connection, and if not, cut the link? If that’s the case then a proxy as a kill switch seems more secure since it passively cuts the link. Mullvad’s proxy is on the same server as their VPN.

 

[distilled]

Connecting to a VPN server through a second VPN provider has a speed penalty, but is a better idea than through a proxy if the intent is to make it slightly more difficult to identify a VPN user. But why is he writing “proxies have the additional benefit of being able to manipulate your request? What benefit, in this context?

My point was just that a VPN can be a proxy. Like you are saying, I think, there are countless ways to stack things together. Things like Shadowsocks and Proxychains are good examples of techniques.

I love Mullvad, and use the kill switch on the router. My use case isn't defending my life against state sponsored APTs, it is avoiding nastygrams, so convenience and speed are major considerations.

 

[distilled]

hilarious stuff - thx... what you don't know can will hurt you today if you try hard enough and 'just believe'... old p2p 1.544 T1/E1 lines (and bonded+) at $2K plus a month weren't fast but they were capable of being made robust.

It was different though, right? At least back then, for our $2k we got a CIR, and if bandwidth dropped beyond a certain point, we got bonuses or refunds (in the form of credits, but still). Nowadays, many services won't even commit to a data rate, they just tell you a range you are likely to get. But that range is usually so gigantic (compared to the 90s) and the cost is (again, comparatively) so tiny that it is almost laughable.

This is making me feel elderly, man. SDR pulled me into wanting to get back into radio, so I bought a Baofeng UV-5R just to get my feet wet, as a "first radio since the 80s" kinda thing. Okay, so it is an exaggeration to call this tiny HT a ham radio, but dang, it has a frequency range of 136-174 and 400-480 MHz and seems to actually push close to the 5w it is advertised as, and it cost $25, the same as a decent steak. It isn't a GOOD radio, but when did electronics and information become so cheap?

 

[ColinTaylor]

This is making me feel elderly, man. SDR pulled me into wanting to get back into radio, so I bought a Baofeng UV-5R just to get my feet wet, as a "first radio since the 80s" kinda thing. Okay, so it is an exaggeration to call this tiny HT a ham radio, but dang, it has a frequency range of 136-174 and 400-480 MHz and seems to actually push close to the 5w it is advertised as, and it cost $25, the same as a decent steak. It isn't a GOOD radio, but when did electronics and information become so cheap?

Ha! That's exactly the same as me a year ago. Same time period, same radio, same reaction. When I compare it to my old Yaesu FT-202R which cost 4 times the price (without adjusting for inflation) with a fraction of the capability it's different world now.

 

[distilled]

Ha! That's exactly the same as me a year ago. Same time period, same radio, same reaction. When I compare it to my old Yaesu FT-202R which cost 4 times the price (without adjusting for inflation) with a fraction of the capability it's different world now.

Wow, a crystal controlled Yaesu, a true oldie but goodie! Yeah, times sure changed. $20 for a USB stick that can do amazing things. I bought a handful of different ones, being certain that a handful wouldn't be enough for all the cool projects they were useful for.

Fast forward a couple months, and, in order of usefulness, I have a Pi Zero reading our smart meter and feeding realtime usage data to Home Assistant, a Pi running RTL433 reporting every new gadget it happens to catch to to Influx, and a Pi catching and sending ADS-B data to ADSBExchange so I can get free flight data using their API. My wife teases me about how "important" all that data is to our day to day lives, so to demonstrate the usefulness, I wrote an automation that watches for Boeing 737 Max jets that decend to within 10 meters of our house. When triggered, the automation closes the front drapes and begins playing "Always Look on the Bright Side of Life" through the Alexas.

One day, she will be glad we have that in place, mark my words.

A HackRF clone will be here from China any day now, and that opens up some new doors for testing. And all these gadgets, and the months of joy they bring cost canned bean money. It is a new world.

 

[thecheapseats]

<snip>Nowadays, many services won't even commit to a data rate, they just tell you a range you are likely to get.<snip>

yep...

"Here's your bandwidth - you'll never ever get it - but go over our limits and we'll hammer your butt"...

 

[sfx2000]

Do you feel its still safe to use WireGuard with Mullvad, Azire and other WG supporting providers or do you feel it's a pass for now ?

I don't trust any commercial VPN provider - simply put - they are the man-in-the-middle...

With VPN - one has to own both end-points...

 

[thecheapseats]

This is making me feel elderly, man. SDR pulled me into wanting to get back into radio, so I bought a Baofeng<snip>

also HECK yes... odd how so many IT peeps started with 'real' rf via ham stuff... I node tune my own antennas because I have a disease - I go to meetings...

SDR tickles both the analog and digital itch and are 'end of the world' saavy... baofungs and the like (as RazPis are the cheap dig simile) are damn near disposable and handy as hell... two is one - one is none, so purchase accordingly ... nobody really needs a flying car...