🆕 Redo VPN Providers Section #1139
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1139
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Following up on https://github.com/privacytoolsIO/privacytools.io/issues/1131#issuecomment-520168216, we are going to delist every VPN provider and re-investigate all the options on the market for inclusion.
A quick poll among the team revealed that the only providers we utilize are Mullvad and ProtonVPN. Therefore at the moment those are the only two providers being considered for inclusion in the revamped section. If anyone feels we should research another option please list it below!
New Requirement: Independent Security Audits
✅ Mullvad, Security assessment of client software
⚠️ ProtonVPN, in progress:
❓ AzireVPN, none? Emailed with inquiry 8/16/19
❓ PenguinVPN, none? Emailed with inquiry 8/16/19
⚠️ IVPN, planned:
I mainly use AzireVPN, as it is fast and easy to set up.
However, I've heard good reviews of an ~couple~ unlisted providers:
What I would find interesting, is a blog post on how to self-host.
Maybe using a Vikings VPS or Orange Host?
Some available tools:
https://github.com/Kickball/awesome-selfhosted#vpn
Hmm, something like https://github.com/trailofbits/algo comes to mind. But regardless I like that idea.
right now i also think it would be smart to discuss a limit on the amount of VPN providers listed. this way we can only recommend the vpn providers we really stand behind, and have a word back to everyone who wants their vpn provider recommend because it has a okay-ish privacy policy. the only way to be listed if all entries are filled would be to either have another vpn removed because they do something unacceptable, or the other provider does some extraordinary things the really makes it better then the one already listed.
What about a limit of 3? Like how other sections?
That would seem reasonable and in line of what we do with other things. it also means that those recommendations will often come back on the chopping block to see if they are still the best, which means the recommendations will stay up to date better, and bad apples like #1141 wont slip through.
I think there are two main subcategories which matter here:
people who are serious about privacy, will pay for mullvad / protonVpnPaid / ivpn / airvpn / similar.
people who are friends/family/coworkers of somebody that is serious about privacy (and directed them to privacyToolsIO listings) will want free-as-in-beer, and thus will always either pick protonVpnFreemium or maybe canadian-based tunnelbear/mcafee.
The top3 listings in the revamped version of the listings should therefore be:
WorthMentioningFree: Tunnelbear (maybe?), hideDotMe (maybe??)
WorthMentioning: iVPN, AirVPN
I think that mentioning self-hosting is possibly worthwhile, but there are big caveats: most people aren't going to be able to competently harden a server on their own physical hardware & premises... the cloud-provider and/or network-bandwidth provider can see the traffic at the IP address level and infer a lot from that if they so wish... etc.
Also azirevpn cool security features like this:
The Blind Operator mode is rootkit-like Linux kernel module that removes the ability of an ordinary system administrator to query the content of the endpoint and allowed ips fields from WireGuard, and also disables the ability to run live network monitoring tools such as tcpdump and similar software. This module is loaded at boot time on all our VPN servers.
https://www.azirevpn.com/docs/security
Just a note: We are most likely going to only recommend VPN providers with independent security audits.
Side note: I think we should definitely link this recent research article about the VPN landscape to our “worth mentioning” section: https://thewirecutter.com/reviews/best-vpn-service/