I’ve used proton for a year or two now and it is fine. Great for use on my phone when I want to use public/airport wifi and it sort of kind of works with gluetun (the rotating port is annoying but it still is a forwarded port).
But I’ve increasingly been annoyed with Proton as a company and am looking to migrate my email/domain to fastmail in the very near future. I COULD continue to just pay for the vpn (60 USD a year is pretty reasonable) but also feel like this is a good opportunity to “shop around”
Checked the wiki and other FAQs (which all basically crib from said wiki) and they all basically boil down to proton or mullivad… except that mullivad apparently stopped allowing port forwarding which is a bit of an issue for any torrents and the like.
So are there any other good options?
Thanks
I thought about publishing a Terraform module one time that spins up a cheap VPS, installs OpenVPN and then gives you a config with a certificate. You could run it for just a few hours at a time, and use destroy when you’re done. But then I got really bored because I have ADHD.
Not a VPN, but you may also want to look into I2P.
https://proprivacy.com/privacy-service/guides/i2p-guide
https://youtube.com/watch?v=FNp0TRDG0BQ
Basically, a p2p protocol for the entire internet.
Its considerably more complicated to set up than most modern VPNs, where nowaday’s its usually as simple as install an app with a GUI, verify some settings and you’re good to go, and i2p is also quite slow…
… but its totally free, and you can torrent over it, and as far as I know, if you’ve set it up properly, it is basically undetectable by ISPs, due to how it uses ‘garlic’ routing: basically, a whole bunch of users net requests are encrypted, anonymized, and then smashed into a big packet… so an ISP would have to untangle all of that for every packet, and afaik, none of them have figured out how.
I2P would obviously be horrible for watching streaming content though, snail speed.
I love Mullvad, but if you need P2P its not the best option. If you just need a VPN, though, its amazing. Today I just switched to AirVPN and am running it on Arch through Eddie. Have my qbittorrent set up to only allow connections through Eddie and just forwarded my first port. I’m very happy with it.
I think the only downside is that I could get Mullvad for 5eur a month on a month by month basis. AirVPN is 7eur or 15eur for three months, so I have to lock into the three months to get the same price.
Worth noting that Italy (location of airvpn) hates vpns and is constantly fucking around with them, to the point air doesn’t even actually operate in Italy to preserve users privacy. Right now, theres no immediate risk, but it’ is worth keeping an eye on the political situation in Italy regarding VPN laws
I did read this somewhere before. I just have to take my chances at the moment. My other option was Windscribe, but unless you’re paying for a year+ their prices are astronomical.
Yeah I use airvpn myself, its just worth throwing that info out for full transparency/disclosure
mullvad
Good choice for privacy, not so much for piracy. They removed their port forwarding feature a while ago.
IMHO if you don’t have a globally-reachable address or forwarded port, you are not really a participant of the internet, you are just a receptacle xD
One service I never see mentioned is OVPN. They have a 1-to-1 feature parity with mullvad and were an easy drop-in replacement when mullvad closed their ports:
- wireguard
- port forwarding
- no usernames/emails/registration, only account numbers
- crypto payments/cash in the mail
- same price as mullvad
- multiple device keys
- multihop
- no bandwidth limits
- setup guides
- status dashboard
I used mullvad for years, sad to see them go, and all my scripts basically worked without any change other than the server addresses/public keys. Only downside is they don’t have as many users so not as many servers. I wish more people would join up so I get more IPs to choose from :D
Mullvad is so great in a vacuum, but it seems like every other website has you writing out a captcha or blocking you outright exclusively because you’re on mullvad.
Yes! And on top of it, embedded YouTube is also starting to block access
I’ve decided I’m not using websites that block mullvad anymore. I’m talking about a hard block like reddit does and not a captcha (captcha is fine by me).
If they’re doing that much trouble to prevent me from using a VPN they must me doing some pretty shady shit with my data.
I will not move to another VPN because of all VPNs I feel Mullvad respects my privacy most.
I’ve used AirVPN for this exact setup and it works great. The port forwarding is static and doesn’t change once setup. I switched to proton because it was convenient, I was already paying for ProtonMail et all, so I dropped the extra VPN subscription when it renewed.
I’ll add another recommendation for Windscribe. I’ve had a lifetime subscription since 2017 and have never had issues. I use it for normal internet usage pretty much daily and the occasional torrenting.
What’s going on with Proton the company?
Edit: ah fuck, thanks for the replies. Sigh.
Their CEO praised Trump/the Republican Party. He got widely criticised for it. Proton released a damage control statement but later deleted it after it made things worse.
People are now moving away from Proton as a result.
For fucks sake. I just started to move to proton last year…
It would be more accurate to say some people are moving away. The majority of their users are quite happy where they are.
“Time to find a CEO who has yet to publicly express their fascist sympathies…”
The irony of saying something like that when you’re using an ISP with Trump supporters on the board of directors is wild.
To be clear I’m parodying the people who think there are corporate safe havens where they can vote with their dollars.
Ah, I should have guessed that from the quotes, huh? That was my bad.
No worries, we’re all so sarcasm-and-irony pilled given internet culture and current events that I should have been more explicit too.
I am not, but it took me a year+ to move from Gmail to Proton after having a Gmail account since the start of the service, and after i was more or less settled in now comes this scandal, i will move but it will not be immediately, need to plan it well, and also likely use a custom domain to not need to change the address in the future
If this is as bad as the scandals with Proton ever get, I’ll be quite happy.
Wow! Add me to that group. I need to cancel my annual family plan.
I unfortunately bought a subscription before dickhead made his statement. Looks like I’m with them for a year >.<
I haven’t done it yet, but if you cancel your and contact them, I’ve heard you can get a refund for the months you haven’t used. Even if you cancel but don’t contact, you still can use the service until the end of your subscription.
My biggest thing stopping me rn is moving my emails away from proton mail and simpleogin (switched to mailbox.org and anonaddy free) and trying to convince myself I don’t need port forwarding 😭
https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e worth a read regarding that situation.
The CEO doesn’t own Proton, for what it’s worth. He may have founded it, but he does not have complete and total control over anything that Proton offers, as some here may believe.
Who knew pirates were such babies they can’t use a product simply because the ceo has differing political views. Insane.
No it’s insane to continue supporting companies when their leadership doesn’t align with your ideals. The only power you have is choice. Now run along and continue being the good little consumer you’ve been made to be.
People don’t support things and people they think are wrong, what a wild concept
liberals really struggle with that concept. esp democrats. they keep thinking people will show up just because they’re less fascist than republicans.
Wait til they hear that Tor was developed and is largely run by the US military.
Andy yen praising trump is one thing and I kind of don’t care about that so much. What I do care about is how proton practices predatory sales to cash in on FOMO. Or if you subscribe for one month it’s an auto renewing subscription. Or that the best rates are if you sign up for a year. It’s weird for a not-for-profit structure to do billing like this
Mullvad doesn’t play games. A flat price and you get what you pay for.
Andy Yen may have praised one situation, but doesn’t seem to support Trump overall. https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e
The CEO said that Trump chose a great pick and sided with Republicans and there was a firestorm over it, he doubled down on his position through the official Proton channel.
https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e worth a read regarding that situation.
Ffs I literally just got proton. Fuuuuuck that
Just FYI, the majority of Proton AG (which includes all Proton services) is owned by a non-profit body called the “Proton Foundation”. This are headed by a board of 5 members, including Andy (CEO) and Tim Berners-Lee (the literal father of the internet as we know it).
Proton is fine.
routing traffic through Israel is not fine.
Then don’t do that? You have your choice of servers.
This is a decontextualized post from 2015 that theorizes a DDoS attack on Proton at the time was coercion to “help” them by offering to proxy their traffic through Bynet in Israel for the purpose of tampering. Is there any other info out there to support this theory? It’s intriguing and believable but also complete hearsay absent any other corroboration, context, further info, etc.
I don’t trust proton. if you think you can trust proton, feel free to use them.
That didn’t answer the question. You made an assertion, but haven’t provided any evidence to support that claim.
I think you’re picking up subtext in my comment that isn’t actually there. If you don’t have more info that’s OK, I can do my own research.
Please elaborate
It should be noted everywhere that this person posts this, that this is an allegation without any actual evidence to support it.
the post is the evidence.
No, the post is a conspiracy theory that gives no evidence to support the claim. You can’t use an allegation as evidence to support your allegation, that’s circular logic.
Omfg why even discussing andy pathetic bootlicking when this is a fucking cia honeypot… Their business plan was way too similar to google.
Like basically all tech companies, the leadership are libertarian tech bros. It sucks, but whatever. The problem is also that the CEO (?) has been making public statements to try and cozy up to the trump administration over the past few months
Some of that still falls under the LTB effect (These policies benefit the company so fuck everyone else, etc) and it DOES make sense for a company to try and earn themselves an exception for the upcoming hellscape in a market that will REALLY want VPNs. But it still leaves a really bad taste in my mouth.
Not in an “I MUST LEAVE PROTON NOW” state since I like the products because they tend to be pretty honest about what they will and won’t do when the goons come a knocking and that mostly boils down to “cooperate. So do X Y and Z to protect yourself by preventing us from having the information they want”). But that, plus protonmail being kind of a shitshow if you want to keep offline copies of your emails, is motivation to shop around.
I wouldn’t exactly call Tim Berners-Lee a “libertarian tech bro”.
“libertarian”
Proton recently closed their masterdon account because of the mutual hostility
*Mastodon
if anything they’ve reopened their account with Master Don
Great for use on my phone when I want to use public/airport wifi
If you just want the tunnel encryption you can try hosting a VPN on your own home network. It’s what I do since I don’t need to spoof my location.
You are asking in the piracy community so I’m assuming you’re also using it to torrent (which a home VPN won’t help with) but you didn’t specifiy so I’m not sure
Just throwing in another voice for PIA. Their corporate owners may be questionable, but I’ve been with them since before they sold out and have never heard a peep from my ISP for seeding terabytes of torrents. They don’t keep logs, and they are audited to prove it regularly.
EDIT: They also have port forwarding, but not for every exit server.
AirVPN, IVPN, Mullvad, Windscribe
The requirement for port forwarding narrows that down to AirVPN and Windscribe, which is an unfortunately small set of choices.
What exactly does port forwarding do and why is it better for torrenting like I’ve heard? I’ve been using Mullvad for a couple of years now but if I could get faster torrent download speeds that would be great
Port forwarding lets you connect with other hosts peer-to-peer which a VPN would otherwise block if both sides are behind one. For torrents you’d get more peers (which doesn’t matter if you’re just downloading the latest and most popular stuff) and be able to seed more effectively.
And the way that many (most? (all?)) private trackers implement their monitoring kind of requires an open port.
Not all torrent sites require an open port. E.g. MAM works without an open port. It majorly impacts your ability to seed) but that isn’t a problem because of how much bonus points you get. TL does not either.
Thanks!
One port must be open for a torrent connection to work.
Down: open, Seed: Open = instant connection Down:closed, seed: open = connection takes a second to work Down open: seed closed = down has to wait for seed to renounce to trackers. A few minutes to an hour. Down closed: seed closed = no connection
Just adding onto the good answer you already got, but the thing that made this click to me was understanding that if you’re not port forwarding, you’re limited in the connections you can make to other peers. Specifically, you can only connect to peers who are fully available. Whereas if you’re port forwarding, then you can connect both to people who are limited, and to people who are fully available.
I imagine you would get faster download speeds if you were port forwarding, but my impression is that this mainly is a factor for seeding, which matters more if you’re on a private tracker that requires a certain download/upload ratio; it’s way harder to keep that ratio above 1.0 if you’re limited in the peers you can connect to.
AirVPN
I have been a happy customer with them. Not a fan of their GUI Client, but you’re not required to use it. Very easy to share access with friends too whenever they need it.
Mullvad, IVPN and
Nym(not tested with audits yet, do not trust as much as the other two).For clearnet browsing. PIA, AirVPN and Windscribe for torrenting. Windscribe and PIA are probably good for either but this is my classification, take it as you will
I agree on this with the exception of PIA.
- Marketing is BS like most VPN
- Company is based in the USA
- They do analytics
- You cannot register “anonymously”
It’s not the worst VPN you could choose but there is better options.
Wait don’t they take crypto? Just fake your details
They also take your IP.
Like every VPN company that operate their own entry nodes…
Over TOR?
Using VPN over TOR greatly reduces performance. Also, for most cases TOR is enough,. Why would you slap a VPN on top of it?
Ah I thought you meant during signup. I thought they were audited and provided proof that they don’t log anything? Is that fake?
They’ve been audited twice:
https://www.privateinternetaccess.com/blog/privacy-audit/
https://www.privateinternetaccess.com/blog/security-audit-2024/ (PDF)
deleted by creator
PIA user here. It gets the job done
I would not put Nym in the same category as Mullvad and IVPN. It is a new and immature product. I have not heard that they have passed any sort of audit, their claims about non-log policy have not been tested yet.
Their infrastructure is decentralized only in name. In fact, they have the same problem as session, the cost of maintaining a server discourages decentralization so much that no one does that. As a result it nullifies any advantages their mixnet might offer, as chances are all your hops are between the servers of the same owner.
Yes, Nym is new. Their mixnet has a lot of similarities with TOR.
What do you mean by “cost of maintaining a server”? I don’t think resource requirements are any different from TOR relays or exits.
It is possible in theory but I assumed they weren’t lying when they said over 800 nodes exist in their network.
Yeah maybe I should’ve put Nym as “of interest” rather than giving off the impression that it’s at the same level of reputation as Mullvad and IVPN
They do require to invest a certain amount of crypto to connect your node to blockchain. This in theory is done to prevent Sybil attacks.
Does TOR suffer from Sybil attacks? I admit I don’t know what that is, I’ll have to read about it
TOR by design is vulnerable to Sybil attacks. In fact, there have been attempts to exploit this vulnerability “in the field”. It is not clear how successful they were. There are some measures taken to prevent such attacks, but none of them guarantee safety. I2p and other p2p networks also suffer from the same problem.
In fact there is only one known way to mitigate Sybil (and alike) attacks. It is to expand the cost of operating in the network so much, that it would not be financially viable to perform it. There are two major way to achieve that: proof-of-work and proof-of-stake.
PoW is what majority of cryptocurrencies do. To operate in the network you need to perform significant calculations. The more calculations you perform the “stronger” your position is. For that you have to invest huge amount of money in hardware and energy to “outperform” other actors. That is what mining basically is.
PoS requires you instead to invest a crypto (or whatever, does not actually matter). The more crypto you invest “the bigger your ‘bank’ account is”, the “stronger” your position is as well. This is what nym and lokinet (technology behind session messenger) do.
Thank you for the explanation. It would suck to put down money just to run a nym relay. I was interested in lokinet too but I wouldn’t want to spend more than a small VPS, really
Still using Private Internet Access (PIA).
Honestly, dunno why they’ve fallen out of fashion due to the FUD about being owned by an unsavoury parent company, but the most important matter to me is if they keep logs, which they don’t. One of the few VPN companies tested on this, in court, and in a recent audit. Plus still extremely cheap (if you go for 3yr+3mo).
Port forwarding works with with this docker NAS stack. Doesn’t use gluetun, but there’s a specialised docker-wireguard-pia container as part of the stack, with a script that handles port changes. Been flawless.
Yeah they are throroughly vetted and work well, competitively priced. I’ve never seen a reason to switch.
Can you link to their court hearing, specifically where they refused to provide logs?
Also, do they accept crypto?
They didn’t refuse to provide logs - they don’t have logs to provide.
Yes to crypto, via Bitpay.
I’m curious now, though - what’s stopping a US court from ordering all US-based VPN services to retain logs?
They would shut their servers down in US. The reputable ones that is.
Sure, but I’m curious why it hasn’t already happened. Wouldn’t it be spun as “destruction of evidence” or whatever? Or could it be argued that since their “no logs” policy was established prior to any particular suspect utilizing their services, that it would not be destruction of evidence as there would’ve been no evidence to begin with?
I’m genuinely curious, this shit fascinates me.
If they end up forcing logs on US based companies then people will simply switch to European ones. Bringing something like this takes a lot of effort for barely any use.
That’s a fair point, and I suppose the majority of people who use VPN services regularly (outside of a corporate environment) would be the ones to immediately jump ship if such legislation was even mentioned.
I’m using gluetun with PIA and it works like a charm. Gluetun even has a template on their GitHub.
If you mainly do torrenting, AirVPN is a good option. I have recently moved away from ProtonVPN; it’s too expensive.
Plus it’s run by Swiss Nazis.
Swiss nazis?
Cryptostorm. Supports port forwarding, and you can buy access tokens through third parties using crypto. You do not register an account or provide them with any information to use the service, other than the token.
But honestly, Proton is the best route to go.
Not audited sadly
I’d say the proven good ones are Proton, Mullvad, and IVPN.
Windscribe has really improved a lot and is worth considering. Still probably worth waiting for Freshscribe infrastructure before considering over the 3 I mentioned above.
Nym and Obscura are up and comers worth looking at. Nym is a decentralized VPN and Obscura has partnered with Mullvad to offer a true double hop (ie one in where both hops are not owned by the same entity).
NYM is a next-generation mixnet with a VPN product built on top of it. Obscura is a VPN that provide a first hop then send traffic to a Mullvad hop.
