Since IVPN and Mullvad are both phasing out port forwarding, are there any alternatives? I am not looking for something like NordVPN which is a privacy nightmare. AirVPN is also not private enough considering I’ve seen reports online of ISPs sending out DMCA letters of gold to its users.
I switched to protonvpn recently and it seems pretty good, I was getting a lot of websites blocking me when I was using PIA and that seems to not be a problem with proton.
Personally I don’t trust Proton. I know I’m paranoid, but can’t be too sure about anything these days. To my knowledge MV and IVPN are the only ones with a nice privacy reputation. Shame they are cutting port forwarding
Proton only started logging his IP after they were legally forced to do so, just like any other law abiding company would have to do.
Proton offers an onion site of Protonmail which the activist should have been using since he allegedly committed
theft and property damage, crimes - the latter two - that enable surveillance
this is a case of user error and bad opsec, not a company bending over backwards to share their users information. If you’re going to do things that are likely going to get you arrested, no matter how noble the cause, make sure you have excellent OpSec
To add to that, email and vpn are different. It’s easy to force logging of a specific email address when forced to by law, but doing that based on vpn ip address only is more problematic
and iirc Proton took the Swiss government to court after that and won a case reclassifying email legally so that they can’t be forced to disclose IPs like that again in the future
This is huge, would love to see any other info on this.
Here’s an article about it:
Can’t they just log your account? You have to have an account with Proton to use their VPN. They can absolutely log your activity such as logging in, when you connected/disconnected, to which servers, and, more importantly, where from exactly (your original IP address)
Proton doesn’t keep logs by default unless legally forced to.
Law enforcement would have to know the email account to make them log it. If they know the email account you’re using with ProtonVPN then thats user error and bad OpSec.
In the example you linked, if law enforcement didn’t know the guys email address then they couldn’t have forced Proton to log his IP.
Bad opsec? It’s a bad VPN if it needs an email at all. Look at what IVPN does, they don’t even have a requirement for emails to register. I’m pretty sure Mullvad just recently was raided by authorities seize whatever they want they said, won’t find any user data they said. And they didn’t. Also proton redirects or used to redirect from onion to clearnet when you signed in. It simply isn’t up to par with IVPN and Mullvad. What’s the point of a VPN where a government can just request them to leak your data? No matter how, AT ALL! What constitutes a big enough crime for them? What if next day it’s downloading Frozen II.mkv?
Proton requires an email because they offer a free tier, without some way of regulating users their servers would be overrun with bots and spam…
The difference between what recently happened with Mullvad and what happened in the article you linked about Proton is that with Mullvad they were looking for general user data for VPN usage, not a specific persons email account like with Proton.
If a copyright holder or law enforcement is in a torrent swarm and logs all of the IP addresses of the seeders of Frozen II and then goes looking for the users of those IPs then ProtonVPN and Mullvad VPN would have the same response - No logs, no idea
Sure, not having to register with an email with Mullvad and IVPN is great but they’re not offering port forwarding any more so we recommended ProtonVPN and you said you didn’t trust them because they followed the law, if Mullvad or IVPN offered email services then they would have to do the same thing Proton did.
If you make a ProtonVPN account with the sole purpose of torrenting then all you have to do is not publicise your Proton email along with the fact that you’re torrenting and then nobody can really do anything about that because law enforcement can’t go to Proton like they did with that guy because they don’t know the account linked to you.
I didn’t hear about the onion issues, but again unless Proton was specifically told to log specific users IPs then even if they were redirected, their IPs wouldn’t have been logged in those instances.
Its still user error, he must have publicised his Proton account, law enforcement found out about it and his IP was logged under Swiss law, thats user error. Its crappy that thats law but if you’re going to do things like that then you should know how to protect yourself properly
At least personally to me it goes to show that it’s not out of the question
ProtonVPN
Personally I don’t trust Proton. I know I’m paranoid, but can’t be too sure about anything these days. To my knowledge MV and IVPN are the only ones with a nice privacy reputation. Shame they are cutting port forwarding
I think it’s worth reading Proton’s response on this and also worth noting Proton recently won Swiss court ruling (as in they paid for the lawyers and brought the case up et al.) that should help make it so proton isn’t legally obligated by the Swiss government to do such things again.
You can also avoid what happened here by using the TOR endpoint Proton provides to login to their services.
I suspect ProtonVPN will remove port forwarding soon enough. Mullvad had valid concerns with removing port forwarding, and I expect the industry to agree. I’m not sure what the answer to this problem is.
They literally just launched portforwarding on proton vpn this year
Hi, check this comment. It seems like it will be able to work without the concerns that Mullvad has had. I suppose in theory the bad actors can use a synchronized scheme like this as well - if they realize that, ProtonVPN may still end up with the same amount of problems and need to shut it down.
Some people here are saying i2p may be the future https://lemmy.dbzer0.com/post/259433 Sounds like Qbittorrent is planning to provide i2p support too. So hopefully port forwarding won’t matter as much for future releases.
The main issue with I have with how the current i2p implementation works is that it essentially creates a walled garden in the torrent network, as i2p users can’t seed out to non-i2p users, they can only leech from them. I feel like that would needlessly split the network, which relies on having as many people as possible seeding. Frankly I don’t know if its even possible to work around that, but I’ll need to see how it plays out. Also, there needs to be at least one person with a port forwarded on any given torrent. utp only peers cannot seed independently, from my understanding.
I think i2p or something similar where people can run a router and provide bandwidth to the network and help hide what other users are downloading (which is how i2p works but its not super fast sadly)
I saw someone say that Proton implemented their port forwarding in a different way than Mullvad that negates a lot of the issues that caused them to axe it
Hi, I looked into this and from what I can gather, ProtonVPN gives out temporary ports for port forwarding. I’m not 100% how long these ports are leased for, but as long as you run a script like this to move your torrent client’s port around to match ProtonVPN’s, I can see how this would work. It’s not perfect, but it’s workable. I wonder if Mullvad will implement something like this to achieve parity.
Yeah that sounds right. I use Proton and the ports are randomly assigned when you connect. I just manually put the port in qbittorrent each time, it’s not too much trouble.
What about Windscribe? They seem to have port forwarding available.
But they fixed the issue, and documented on why it happened and how it got fixed on their blog. Pretty transparent to me.
Yeah, they fixed things and owned up to it, best you can do when you fuck things up: https://blog.windscribe.com/ukrainian-server-seizure-a-commentary-and-state-of-the-industry-e71e8d205b26/. I feel like people give them too much shit for this, just like with that Proton climate activist case
Agreed. Though Proton was barely affected since everyone started to dickride them for all their other services. Unfair treatment, but that’s what the privacy community does nowadays 🤷
It’s refreshing being on Lemmy and being able to see a good discussion on vps with (unlike reddit) no bot comment spam and no users engaging in paid shilling.
AirVPN! Been a customer for 7-8 years.
Edit: I see AirVPN was mentioned by op in its post. Regarding it being “not private enough” and reports of users receiving DMCA notices: I highly doubt these reports are correct, and even it they were, I don’t think it would be the fault of AirVPN. From a technical perspective AirVPN is excellent. They offer every feature you can imagine and allow you to work with native WireGuard, OpenVPN or their own client.
But this technical freedom might lead to some misconfigurations out there, like DNS leaking due to not enforcing changes to resolv.conf etc. if you’re not that technical, use their official client.
Big fan of Air. The owner is a cool guy, they support privacy orgs, and the VPN itself is great.
Yep, they’re my main VPN as well. Not super good at avoiding being caught by VPN blockers though, I have proton for just sites that scream if you’re trying to use a VPN.
Is AirVPN out of the question? They’ve still got port forwarding
No public audits - I don’t trust. Italy is also not exactly a privacy (and personal rights) haven.
Would you consider server seizures by LE with no data found to be valid proof of no logging? If so there are a couple VPNs I know which you would probably like.
Sure, shoot. I’ll research anything. Just that everything so far has either been a privacy disaster or “oh don’t worry they only leak your entire data when you break the law! it’s your bad opsec!”
Some lesser known ones :
- Perfect-privacy, they have had 2 or 3 server seizures in the past and 0 information was found on them. It is a little pricy at $13 a month, but I do believe they stand up to their promises.
- Cryptostorm, they are very transparent on their forums (which you can only access on an onion service) aswell as their blogs. Iirc $6 a month and $16 per 3 months.
- nVpn, pretty sure they’ve have a server seizure with 0 information found, but when you buy this you can only get one server, huge downside imo.
All of them have port-forwarding, only Perfect-privacy is missing wireguard, which is a downside if you have 1gbit fibre. Lmk if you got questions!
how exactly do you trust a company because of an audit that they dont log? they can easily just turn off logs for when they are going to be there then turn them back on afterwards
Audits check that too
how exactly do they check that
IVPN is getting rid of forwards!? Shit I just bought a year worth after mullavad stopped their port forward.
You keep ports until September (forgot the date). I would recommend looking at Blackhat/scene VPNs if you want port-forwarding and a low chance of them disappearing.
Sept 30th. Ya, I set a alert. Thanks.
PIA have port forwarding.
I know they’ve been one of the top recommendations from TF for years.
they are owned by a umbrella company which owns multiple big name VPN providers so I wouldnt really trust them anymore https://embed.kumu.io/9ced55e897e74fd807be51990b26b415#vpn-company-relationships/private-internet-access
Which also used to spread adware through their applications (search Cross Rider I believe, now names Kape)
yup
AzireVPN added port forwarding, it’s also sweden based but lags the audits
I moved from mullvad to ivpn and now again on the lookout. I guess i2p is “the future” but right now I’m not sure how that works with private trackers.
Whilst you can still torrent without port forwarding I don’t think seeding works right?
Seeding still works without port forwarding but uploading your owns torrents is not possible
You also can’t be the only seeder on a torrent for the same reason.
Good to know. I am on a private tracker that requires it so will test proton vpn. If they remove it then I guess I just leave the tracker. 🙁
deleted by creator
Which one is that? Any I have seen just requires to seed with no mention of port forwarding.
Without port forwarding your tracker will show you as disconnected and not give you credit.
That’s not entirely true- you can upload your own, but you can only seed to users that do have port forwarding. On many trackers, that initial seed is all going to seed boxes with an autograb script enabled anyway, and those do have port forwarding.
There are other alternatives, mainly Blackhat/scene VPNs which have server raids multiple times because of very illegal shit being done by the users, which I doubt will remove port-forwarding simply because of DMCA lol…
maybe have ID you can put into a client to send when your downloading? or maybe just private trackers fade away out of relevancy?
Torguard supports port forwarding. I’m not sure how it ranks in privacy though.
I bought 2 years from them a while ago but was required to:
- enter an email
- use my address to purchase
Good product though. Horrible SOCKS5 proxies though, almost 90% downtime. Not to foremention the horrible support from the admins - the normal support was amazing though.
Really up to you if you want the compromises, though there are better VPNs for privacy out there.
Honestly i don’t really use port forwarding at all but it sucks its being removed, we need more privacy in this day and age.
OVPN still seems to support port forwarding, though it’s worth pointing out they were recently acquired by Pango.
US-based is really a no-go for me privacy and piracy-wise. Paranoid, prejudiced, but true more often than it should be.
They are swedish
IVPN, takes Monero and still has port forwarding.
IVPN is actually removing port forwarding: https://www.ivpn.net/blog/gradual-removal-of-port-forwarding
Ah ok. They hinted that they might remove it at Monerokon but I wasn’t sure if it was publicly announced yet 😂
I have bad news for tou: https://www.ivpn.net/blog/gradual-removal-of-port-forwarding/