Hi guys!
What would you recommend for highest threat model:
- Self hosted custom VPN or Mullvad/IVPN?
- Wireguard vs OpenVPN?
- If self hosted, which servers provider do you recommend that wont give details no matter what.
Thank you for reading!
This conveys nothing.
You probably really want Tor.
Lastly the technical choices are only half the issue here.
5 Likes
-
Mullvad/IVPN’s track record / ability is probably better than yours. (Or otherwise you wouldn’t ask.) And you probably want to share the IP with as many people as possible to stand out less.
-
Ultimately doesn’t really matter. Wireguard is better, more lightweight, easier to use in most cases, and has an option that should make traffic more resistant to potential attacks with quantum computers, which you want as an adversary might log encrypted traffic now for decryption later in 10, 20, 30 yrs or so.
-
There are no providers that “wont give details”, at most there are some that don’t collect them in the first place so that they can’t. If you want 0 leaks at all, you have to be very careful and don’t slip up even once. Make a good plan before you act.
For example if you connect to the VPN server from any internet connection that can somehow backtraced to you, that could be an issue. If you pay for a service in a way that can somehow be backtraced to you, same. So for internet access in general you probably need some place with a shared wifi (restaurant, cafe?) without any security cameras inside and in the vicinity (you have to get there somehow), you probably want to rotate this place frequently and it should not be related to where you actually live. Paying with crypto etc. is all great, but not so much for “highest” threat model, so you might want to use some store like http://digitazyyxyihwwzudp5syxxyn3qhcd63wqcha2dxpfqiyydmrgdiaad.onion/ to pay for a coupon code with cash, but here you also have to be careful with how you send the cash etc. for example the post office probably has cameras. Also whatever you’re trying to accomplish, think about if there are better ways than using the internet or technology that might leave less traces overall.
Wow thank you so much for all the info.
Is there a way I can contact you privately for further advice?
Ill pay if needed of course.
Do you have telegram?
“Higest” is not a threat model / not what threat modeling means.
You need to be much more specific than this, a threat model cannot be represented as a level (“high” “low” “average”) (this thread has some good introductory resources, I suggest you check it out, especially the 2nd and 3rd posts)
At your current level of knowledge/experience, I would strongly strongly suggest you don’t self-host
There are reasons to prefer Wireguard over OpenVPN, but I don’t know if any of them relate to security.
- If self hosted, which servers provider do you recommend that wont give details no matter what.
Circling back to point #1, I strongly feel you shouldn’t be self hosting at this point. Beyond that, The question stated above indicates you have unrealistic expectations about what a company will do for you and your ~5-10 dollars a month. Some companies are better than others, minimizing the info they collect in the first place, policies that limit logging, jurisdictions that protect privacy/civil rights better, good legal teams, etc can make a difference. But companies will almost never break the law, go bankrupt, or refuse to comply with legally enforceable court orders on your behalf.
2 Likes
Trusting random people on the internet is maybe also not something you should do with your “highest” threat model (whatever exactly that means).
Maybe become a comedian instead of a spy. No, sorry for that condescending tone, but stop using random apps like Telegram if you actually cannot risk to be tracked. Not only are their chats not encrypted by default, but even if they were, they still store plenty of metadata and you don’t know where that ends up. Consider using something at least as secure/private SimpleX, if you’re gonna use a messenger at all.
That’s a no btw to your overall question.
6 Likes
OK! Sorry I didn’t mean to insult LOL.
I only need advice thats it…
Anyway why is telegram not good? I thought a lot of people use it.
Will you feel comfortable to contact with me anywhere or that is just a BIG NO?
Whether something is used by a lot of people, is 100% unrelated to whether that thing is good or not. This is especially true with respect to privacy and security, since most people don’t think about or understand these subjects with any depth.
With respect to Telegram specifically. Here is an entry level explainer of why it is not as private as you think
2 Likes