- cross-posted to:
- hackernews@lemmy.bestiver.se
- cross-posted to:
- hackernews@lemmy.bestiver.se
The IT company Mullvad’s founder Daniel Berntsson is behind a giant donation to the populist Örebro Party, which advocates “comprehensive re-immigration” from Sweden. “It’s sad that it’s needed,” he told Flamman.
~ https://www.flamman.se/techprofil-ger-miljoner-till-orebropartiet/
God bloody dammit. I genuinely LOVE Mullvad and have tried to use their (not so cheap) services. I feel in this economy, privacy comes at a price and I was happy to do this.
Now, I realise my money is going to fund a POS far-right asshole.
Proton supports Trump.
Mullvad suports the far right.
Is there any major privacy respective service provider that isn’t a bloody cunt?
also thought mullvad was legit. also want to know if there’s any alternative
Proton VPN have had one of their chefs praising donald trump, but that’s the worst I have heard about them. Swiss based (they have among the most protective privacy laws out there), email servers are deep down in the mountains (I don’t know about the VON ones), no logs (for what I remember, maybe short lived ones?), made by the dudes at CERN.
So compared to others quite flawless IMO.
Only technical problem I have had is the VPN switches port from time to time and you have to rebind the network interface of your favourite torrent if you’re running a tight ship. I have found no simple way of detecting when it happens.
If you’re using qbt and gluetun https://gitlab.com/jopiermeier/gluetun-qbittorrent-port-manager
Interesting!
So it pings some entity and they send back your external port? I speed read the code (but I’m on mobile) and that’s what it looks like. Any information greatly appreciated.
Gluetun itself already knows the forwarded port via NAT-PMP, this program just gets it from gluetun and assigns it in qbt via the qbt api and if it returns a 200 response it considers it confirmed, here’s an example log:
waiting for qBittorrent WebUI…
qBittorrent WebUI is ready (authenticated).
port file did not contain an integer: /tmp/gluetun/forwarded_port
port file did not contain an integer: /tmp/gluetun/forwarded_port
gluetun provided forwarded port: 36884
syncing port 36884 to qBittorrent…
successfully updated qBittorrent to port 36884 (confirmed)
port file did not contain an integer: /tmp/gluetun/forwarded_port
port file did not contain an integer: /tmp/gluetun/forwarded_port
gluetun provided forwarded port: 39293
syncing port 39293 to qBittorrent…
successfully updated qBittorrent to port 39293 (confirmed)
Where is the Gluetun server running? I mean if you run it yourself you have to like forward all ports to it?
Thanks for the writeup!
So gluetun is for docker networks and lets you isolate traffic to/from other docker containers into a VPN, you run it and qbt inside docker containers with gluetun configured to your vpn, then qbt configured to route all its traffic through it.
Edit: I didn’t have to port forward at all on my network for this to access it locally (I run it on a separate computer), because all the “outside” traffic in qbt is going through the vpn that has a forwarded port seeders/leachers can connect (which is dynamically updated as it changes with the aforementioned qbt port manager)
For example (truncated docker compose just the part related to above): services: qbittorrent-vpn: image: lscr.io/linuxserver/qbittorrent:latest container_name: qbittorrent-vpn depends_on: gluetun: condition: service_started restart: true restart: unless-stopped network_mode: “service:gluetun”
Then gluetun: services: gluetun: image: qmcgaw/gluetun container_name: gluetun restart: unless-stopped networks: - default cap_add: - NET_ADMIN devices: - /dev/net/tun - 8888:8888/tcp # HTTP proxy volumes: - /appdata/gluetun:/gluetun - /appdata/gluetun/tmp:/tmp/gluetun environment: TZ: $TZ VPN_SERVICE_PROVIDER: $GLUETUN_VPN_SERVICE_PROVIDER VPN_TYPE: $GLUETUN_VPN_TYPE # wireguard / openvpn WIREGUARD_PRIVATE_KEY: $GLUETUN_WIREGUARD_PRIVATE_KEY WIREGUARD_ADDRESSES: $GLUETUN_WIREGUARD_ADDRESSES VPN_PORT_FORWARDING: on VPN_PORT_FORWARDING_PROVIDER: protonvpn # or your provider VPN_PORT_FORWARDING_STATUS_FILE: /tmp/gluetun/forwarded_port # OPENVPN_USER: $GLUETUN_OPENVPN_USERNAME # OPENVPN_PASSWORD: $GLUETUN_OPENVPN_PASSWORD healthcheck: test: [“CMD”, “/gluetun-entrypoint”, “healthcheck”] interval: 5s timeout: 5s retries: 1 start_period: 10s
gluetun-qbittorrent-port-manager: image: jopiermeier/gluetun-qbittorrent-port-manager:latest network_mode: “service:gluetun” container_name: gluetun-port-manager depends_on: gluetun: condition: service_started restart: true qbittorrent-vpn: condition: service_started restart: true environment: - QBITTORRENT_USER= - QBITTORRENT_PASS= - QBITTORRENT_PORT=$QBITTORRENTVPN_PORT volumes: - /appdata/gluetun/tmp:/tmp/gluetun
I’ve semi-seriously been thinking about bootstrapping a VPN service just to have one “not an asshole” service (and that’s setting the bar low - I’m definitely an asshole, just not that kind of asshole). But I’m also a US citizen living in the US, so not the best choice for the job either.
JAVS - just another VPN service, let’s fucking go.
If you build it, they will come
I’ve been using IVPN.
I originally stopped using IVPN because of slow speeds. Has that improved?
Hey,
No.
Are you able to get through geo-restrictions on streaming services with IVPN? They have fewer servers than Mullvad it seems. Like for Singapore, they have 2, Mullvad has 5. In Japan, they have 1, while Mullvad has 9.
Number of servers is less relevant than users per server.
Mullvad is a much bigger company so I’d expect them to need more servers.
It is, when you want to evade geo-restrictions. More servers spread over different IP blocks means there’s more chances the streaming services aren’t aware of some of those IPs yet, so they aren’t blocking them yet.
I’ll preface this by saying I used to work in the industry.
The restriction evading isn’t really related to the number of servers. VPN companies for streaming block evasions buy IP addresses that aren’t data centre specific. Those ranges are well known and easily blocked. So for example when you browse you’ll generally use a “standard” IP but while connected to the same endpoint if you fire up a netflix session it’ll route that traffic out the “streaming” IP. This is also partly to try to prevent steaming companies from getting easy access to a list of those IPs
It’s quite expensive to get IPs that aren’t blocked by steaming services so that is a cheaper cost per user for larger companies. Where I was that cost was way more than the cost of any individual server per month (and some of those servers were hefty). That is one way that Mullvad would have an edge but it’s minor.
For what it’s worth I did have a call with the iVPN lads (twice I think) and found them lovely. Never interacted with Mullvad but I will never give them money after reading this. Weirdly I’m in the market for a new subscription and they would have been my go to. Their fiver a month thing is really very smart.
Edit: for geo blocks on standard browsing it would generally present to us as a support ticket. We’d raise it with engineering and they’d assign a new outgoing IP with whoever our provider was. We used M247 a lot and they were very responsive when that happened. Usually a few hours and it was sorted.
Thanks for the info, I learned something new. So if for example I run my tv through my VPN and I’m watching youtube. When I switch to the netflix app, the VPN service determines that I’m trying to hit a netflix IP, so it routes it out to an outgoing IP specifically for netflix geo-blocking evasion that is separate from what youtube was using?
Yeah that’s exactly it. That’s how we did it anyway. I guess other providers may have their own secret sauce but I have to assume it’s some variation of that. We paid for a pool of, I think, 1000 non-contiguous residential / business IPs and if any of them got blocked we just immediately rotated.
Honestly we never had much trouble with it after the initial engineering work was done. I don’t think the providers really give a shit beyond best initial effort to make the rights holders happy.
Its been a couple of years but I didn’t have much luck with IVPN and mlb.tv but that was really the only one I tried at the time.
safing
Fuck me, this is gonna ruin mullvad, I hope. Never saw it coming though, wtf?
I personally use dnsforge.de which is essentially a public Pi Hole with additional configuration choices for strict or porn/gambling blocking. While this one is specifically german, I think there are probably other such services or you could always host your own. (I know you said “major service” but it’s about the concept)
Can we stop with the “proton” supports trump. This has been echoing since the tweet. I understand the initial recoil, I had it myself, but proton as an entity very clearly does not support trump.
By that logic, Mullvad is fine too, because the entity doesn’t support the far right. You are just sending your money to the company which pays the people that do… so…
I mean I’m okay expanding that logic here as well for consistency. This is all on a spectrum, one of Mullvad’s top employees donates millions to far right politician is on the more extreme end of that spectrum than a tweet that failed to read the room.
Taking your counterpoint even further, if you found out some low level employees at any company used a portion of their paycheck to support far right politics would you boycott? Obviously not, which should show you that you don’t believe this should be a binary decision.
To be clear, I feel mullvad crossed the line here, my point was that the proton hate doesn’t compare and is overblown.
Proton itself sponsored a fascist influencer in france like just a couple weeks ago… You can pretend that having a MAGA CEO doesn’t have anything to do with that, and that they would have stopped the sponsorship and caught their “mistake” without significant public backlash if you like, but the dots are connecting to a lot of us watching.
Also, nice strawman, but are they paying the low level employee enough to donate literally millions of dollars? Probably not. Does that low level employee have direct influence over the company? Probably not.
The idea that you stop using Mullvad because the founder personally made a donation to right-wing extremists, but you are fine with using Proton that sponsors fascists and has a CEO that platforms far-right extremists talking points is bonkers. The claim that you are separating “the entity” from the “people” doesn’t even hold water.
That was a sponsorship link anyone was able to use.
They them immediately denounced the fascist and are changing how sponsorship links work.
Vs
Literal founder of company donates millions to literal neo-nazis, doubles down on supporting them
I thought it wasn’t an actual sponsorship, just a referral link system anyone could sign up for and promote.
Exactly correct… And their apology sounded genuine and they took ownership.
OP talking about strawman in my post, yet uses a prime example in theirs.
You’re right. But for some reason, Lemmy has a hate boner for Proton
People just easily believe whatever sounds close enough because everything is awful. I hate these far right fuck heads but honestly the witch hunts for literally everything are just exhausting. I can’t spend my whole life boycotting fucking everything. I just don’t have the fucking energy.
They don’t have a MAGA CEO. That was reddit doing its thing and has been debunked since.
Uh no? Show me where proton donated millions of dollars to fascists. Their CEO made an unbelievably stupid statement, and then walked it back, but they have not materially supported actual Nazis.
Proton’s VPN is sketchy anyway and JS crypto isn’t revolutionary… Or even a good idea really. See tuta and torrent freak for alternatives
https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e
Really good article, definitely worth reading
the fact that it’s been posted by random account that hasn’t been active in any way before or ever since makes me suspect that it’s just some PR damage control.
Proton doesn’t support Trump. Their CEO cherished some judge trump put in, and reddit had a field day with it.
It’s made by CERN scientists, so I guess their PR is suboptimal.
You seem to be downplaying his support for Trump and the current Republican Party. And if I remember correctly, when the backlash happened, he doubled down on his support.
Signal was kickstarted by the CIA, so dissidents in regimes they wanted to topple could communicate securely, but at least that seems genuine.
Matrix was an Israeli spy company’s invention.
Telegram is Russian.
Reddit started out as the creation of Aaron Schwartz, but he got demonised and committed suicide. Then it was left to that shit eater spez, who sold his soul to the Epstein crowd making Ghislaine Maxwell a powermod among others, also hosting r/the_donald and bridging Trump’s popularity from 4chan into the mainstream. Now he sells everyone’s data to Google, while still not paying the manufacturers of that data anything.
TrueCrypt got shut down because it was too cool.
Do you have Signal confused with TOR?
No lol but I guess they did it twice?
It was in the news a year or few ago that the CIA was ceasing its funding of Signal.
If that was in the news you’d think I would be able to find an article…
Thus was the first hit I got when searching.
https://www.kitklarenberg.com/p/signal-facing-collapse-after-cia
That article and sources are bollocks. They received donations in the past, from there the claim is that they are entirely compromised. There’s a list of almost a hundred other apps and services, from fdroid to let’s encrypt. Are they also compromised?
Fear mongering and tinfoil
Like I said. It was the first hit I got when searching.
And that wasn’t wrong.
I never claimed Signal was compromised. I said it was funded by the CIA. In another comment I even explicitly caveated that it is actually seemingly secure, in spite of that financial connection.
The truth is in between.
The CIA funded Signal to be a truly secure and open source messaging platform for overseas dissidents to use, wherein they could support their efforts, while pursuing US political objectives.
Eventually, people in the US started to use it to evade oppression, and the CIA went “NO!! NOT LIKE THAT!!!”
Regardless, the proven facts of the matter are that the CIA funded Signal.
VeraCrypt exists
And we should be thankful that. But merely existing isn’t cool.
How is it now cool that VeraCrypt exists?
And Veracrypt?
Matrix does have fundamental design issues you would expect from cellebrite devs…
Simplex, Monero and Whonix are all as cool as veracrypt!
and the SimpleX creator is a far righter, too https://mstdn.social/@rysiek/114630877715286899
You’d think with all the trans programmers out there we would have more tech companies built by leftists…
But I suppose the leftists are the ones building the platforms for a pittance while the generationally wealthy right-wingers are the ones paying people to do all that work…
The ones built by leftists don’t pay as well.
Doesn’t matter as much here. It’s open source and has passed two audits. Look at the code. Use different servers if you want. Reimplement the protocol if you can.
No really, please somone do it in go or rust. I don’t want to learn kotlin 🥲
Man, after his death Aaron Swartz has gone from an early employee of Reddit, to a founder of Reddit to now the creator of Reddit. Give it a few years and he’ll have provided the VC money for it too.
Aaron Swartz is and always was the guy who coded the core functionality of reddit. He was the man who Tim Burners Lee said would lead the charge for the internet into the 21st century.
Instead, the FBI drove him to death.
Spez and that other dude had the idea to make reddit, but Aaron built it for them. Then Randall from XKCD made the “Best” sorting algorithm.
Then Spez shat all over everything for personal gain.
Then you came here to post.
And he had superpowers too, and was about to bring peace to the middle east.
AirVPN?
Didn’t air have a data mining scandal like nord and others? Cryptostorm is legit though.
Not as far as I’ve heard? Any links?
No. There have been so many over the years, i had to dig for half an hour the last time I tried to find stories on nord
AFAIK AirVPN is run by Italian hacktivist enthusiasts and are not part of the mess with NordVPN and other highly advertised. At least I’ve only heard positive things from nerds as they seem to fly under the radar of the commercial circuit. Like Mullvad did until some years ago when they started running ad campaigns.
Not related to nord whatever I’m remembering was seprate. Maybe they just had a security fuck up or I’m thinking of one of a dosen other data mining VPNs ¯_(ツ)_/¯
Yeah, I usually round Robin AirVPN, IVPN, and cryptostorm. Sometimes they leap frog each other in terms of features
Same here, we’re left with AirVPN at that point.