privacyguides/privacyguides.org
1
1
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2026-03-13 09:50:36 +00:00
Code Issues Activity

update!: Clarify VPN kill switch criteria (#3204)

Browse Source 
Signed-off-by: Mare Polaris <ph00lt0@privacyguides.org>
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
Signed-off-by: Jordan Warne <jordan@privacyguides.org>
This commit is contained in:
Jonah Aragon
2026-03-10 18:14:05 -05:00
parent 23b37858ab
commit 6a954c6c0d
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/vpn.md
View File

@@ -298,19 +298,20 @@ It is important to note that using a VPN provider will not make you anonymous, b
### Technology ### Technology
We require all our recommended VPN providers to provide standard configuration files which can be used in a generic, open-source client. **If** a VPN provides their own custom client, we require a kill switch to block network data leaks when disconnected. We require our recommended providers to support modern technologies currently available to VPNs.
**Minimum to Qualify:** **Minimum to Qualify:**
- Must provide standard configuration files which can be used in a generic, open-source client such as the WireGuard apps.
- Support for strong protocols such as WireGuard. - Support for strong protocols such as WireGuard.
- Kill switch built in to clients. - Functional kill switch built in to service-provided clients on our recommended [desktop](desktop.md) and [mobile](android/distributions.md) platforms. This kill switch should be able to block all internet traffic when the VPN connection drops unexpectedly.
- Multi-hop support. Multi-hopping is important to keep data private in case of a single node compromise. - Multi-hop support. Multi-hopping is important to keep data private in case of a single node compromise.
- If VPN clients are provided, they should be [open source](https://en.wikipedia.org/wiki/Open_source), like the VPN software they generally have built into them. We believe that [source code](https://en.wikipedia.org/wiki/Source_code) availability provides greater transparency about what the program is actually doing. - If VPN clients are provided, they should be [open source](https://en.wikipedia.org/wiki/Open_source), like the VPN software they generally have built into them. We believe that [source code](https://en.wikipedia.org/wiki/Source_code) availability provides greater transparency about what the program is actually doing.
- Censorship resistance features designed to bypass firewalls without DPI. - Censorship resistance features designed to bypass firewalls without DPI.
**Best Case:** **Best Case:**
- Kill switch with highly configurable options (enable/disable on certain networks, on boot, etc.) - Kill switch on all major platforms with highly configurable options (enable/disable on certain networks, on boot, etc.)
- Easy-to-use VPN clients - Easy-to-use VPN clients
- [IPv6](https://en.wikipedia.org/wiki/IPv6) support. We expect that servers will allow incoming connections via IPv6 and allow you to access services hosted on IPv6 addresses. - [IPv6](https://en.wikipedia.org/wiki/IPv6) support. We expect that servers will allow incoming connections via IPv6 and allow you to access services hosted on IPv6 addresses.
- Capability of [remote port forwarding](https://en.wikipedia.org/wiki/Port_forwarding#Remote_port_forwarding) assists in creating connections when using P2P ([Peer-to-Peer](https://en.wikipedia.org/wiki/Peer-to-peer)) file sharing software or hosting a server (e.g., Mumble). - Capability of [remote port forwarding](https://en.wikipedia.org/wiki/Port_forwarding#Remote_port_forwarding) assists in creating connections when using P2P ([Peer-to-Peer](https://en.wikipedia.org/wiki/Peer-to-peer)) file sharing software or hosting a server (e.g., Mumble).