Skip Navigation

You're viewing a single thread.

144 comments
  • Now just watching uTorrent slowly download them all. Hopefully my VPN keeps the eyes off of me…

    1. qbittorrent is better in many many ways compared to utorrent and hasa very similar interface. qbit is open-source, utorrent isn't. qbit doesn't have ads or malware, utorrent has or has had both many times. qbit allows you to bind to a specific network interface (e.g. you VPN connection instead of regular ethernet one) which offer better protection if your vpn drops. feel free to do your own research here or elsewhere on the web if you doubt any of my points.
    2. if your VPN is a free one, that wont protect you at all. those guys will squeal and turn over server logs with ip address at the drop of a hat. Even a lot of paid-for VPNs are shitty lying bastards. So picking a good vpn can be challenging there are probably posts here covering recommendations but generally you want ones that have either been taken to court and were unable to provide logs OR ones that have been audited by a respected 3rd party firm that can confirm they are truly a "no log VPN". I can recommend PIA, NordVPN, and Mullvad as some ones that are highly unlikely to turn over any logs (bc they don't have them) but there are others and doing your own research isn't a bad thing. The site torrentfreak.com does an article once a year or so that covers a few of the more popular VPNs and different aspects of thier privacy but they don't declare a "best vpn", just rate them on varius privacy and security aspects.
    3. Even if you have a good VPN, check that you aren't leaking your real IP via dns lookups: ipleak.net or dnsleaktest.com
    4. Check that you torrent client set up not to leak: search for 'torrent ip leak test' and do one of the torrent ip leak tests. ipleak.net hasone of these if you scroll down on the page; look for "Torrent Address detection" and click "Activate" button and it will give a magnet link to start test with
    5. additionally, you can set up a "vpn killswitch" to prevent traffic from going over regular internet if you vpn drops. If you using qbit, this probably isn't strictly required but many people here like to have this as an additional safety. i can't really provide details on this bc the process varies widely. A lot of VPN client apps have this feature built in. But even if they don't, you can set something like this up in most firewalls but exact steps will vary depending on OS (Windows/Linux/Mac) and which firewall you are using (or I guess whether or not you even have one installed).
    • you can set up a “vpn killswitch” ...... A lot of VPN client apps have this feature built in.

      Most quality VPNs will have a killswitch built in and enabled automatically, with nothing to setup, but they are notoriously unreliable and can fail. The key term people want to search for is "bind." You want to bind qBit to your VPN. If your VPN isn't working, qBit doesn't have a connection. Most decent, privacy first, "no log" VPNs (Mullvad, Proton, AirVPN, iVPN, etc.) will provide instructions on binding. This is above and beyond their built-in killswitch.

      I can recommend PIA, NordVPN

      I'm not saying you shouldn't recommend these, or that people shouldn't use them, but IMO, people should at least be warned to search for the following, so they can make an informed decision:

      1. “kape technologies malware” (Kape owns Private Internet Access, which is why I switched to Mullvad years ago when Kape bought PIA)
      2. "nordvpn data breach"
      • NordVPN also doesn't have port forwarding so you're unlikely to be able to seed anything back. This'll get you banned from private trackers and goes against the whole concept of torrenting.

      • Most quality VPNs will have a killswitch built in and enabled automatically, with nothing to setup, but they are notoriously unreliable and can fail.

        Fair. I do all of my setup manually these days (networkmanager on linux, openvpn client app on the rare occasion i'm on windows, not a mac guy so no clue there). I implement one using a firewall but that is more complex than most people want. Still, as long as it is done in addition to the qbit network interface bind, then it's not bad to also set a VPN killswitch.

        The key term people want to search for is “bind.” You want to bind qBit to your VPN.

        Agreed. This is what I was referencing in the first bullet about network interface

        I’m not saying you shouldn’t recommend these, or that people shouldn’t use them, but IMO, people should at least be warned to search for the following, so they can make an informed decision:

        1 - Fair points. TBH, I had my doubts about that initially but have been with them the whole time (before and after kape acquisition). FWIW, I have not seen any change in PIA service quality. In fact, I have seen them add Wireguard support and release all of the code as FOSS (see here). I agree that Kape did some sketchy shit in the past but from what I have seen over the last several years, they are not doing anything sketchy in the VPN/technology sector part of their business (aside from maybe advertising which I consider to be separate). I don't even really think about Kape anymore tbh. If they were ratting me out, I would have had enough dcma notices to start a bonfire with by now.

        2 - I had not been aware of that. I haven't used them in a few years. Any sort of data breach definitely sounds bad but since I haven't reviewed the details, I don't want to jump to any conclusions either.

        I like Mullvad from a tech and privacy standpoint but IMO they are a bit on the expensive side compared to some of the other options. Nord and PIA you can usually get multiyear deals on periodically and that can drastically lower the overall cost ($80 for a 3yr VPN plan = monthly about 2.22 USD/2.04 euro vs 5 euro/month for mullvad). Not saying price is the be-all-end-all or that Mullvad is unaffordable but it is going to be a consideration for many, especially people that already don't want to shell out for a paid VPN over the free ones. With that in mind, I think there is still value in PIA (and possibly Nord - I haven't reviewed the details of what exactly was breached - e.g. vpn service vs blog server vs etc, what data was exposed, what steps they took to address, etc). There are many other no-logs vpn options besides Nord, PIA, and Mullvad out there, I just don't have any personal experience with them.

        • I should have also mentioned that I otherwise thought your initial post was good.

          then it’s not bad to also set a VPN killswitch

          At least with Mullvad (and I imagine the other three I mentioned), there is nothing to set. It's already there in the app, and automatically enabled after install. The only thing that can be done is to turn it off.

          This is what I was referencing in the first bullet about network interface

          Understood. I was just providing the specific term ("bind" or "binding"), used by VPN companies & users, for anyone else who wants to search for instructions on properly connecting qBit to their VPN.

          I agree that Kape did some sketchy shit in the past

          It's not my place to fault or criticize you or anyone else for choosing to go with Kape/PIA (or Nord). I just think people should at least know of their past. For me, there is zero chance of me returning to PIA. Someone tells me the girl I'm interested in cheated on their past boyfriend, or tried to somehow spy on or sabotage him? Zero chance I'm getting involved. Too many other good/better options available. My brother has had no issues dating cheaters. To each their own. None of my business why others make the choices they do.

          Any sort of data breach definitely sounds bad but since I haven’t reviewed the details

          It's not necessarily that they had a data breach, it's how they handled the situation that many people found troubling.

          Nord and PIA you can usually get multiyear deals

          Same with this. I don't fault you for trying to save some money. Everyone has their own situation to deal with, and I've been "there" before. For me, I'm not rich or a boomer, but I'm old enough now and have enough disposable income that I make decisions that work for my privacy and reliability requirements. I see something that cheap now and I ask myself, "why is that so cheap?" It could still be a good product, but I know enough to at least ask the question & research. I also don't pay for long term, multi-year deals anymore (I had about six months remaining on my PIA deal when I "noped" out of being a part of Kape's acquisition), but I still try not to be an idiot and just give away money either. As an example, I buy the Mullvad gift card, with a scratch-off code from Amazon, $29/6mo ($4.83/mo) or $57/12mo ($4.75/mo). No euro exchange rate or transactions fees, etc. My preference is to incentivize my favorite companies to stay in business, providing the service and continual upgrades that I want and expect, like the following:

          https://mullvad.net/en/blog/we-have-successfully-completed-our-migration-to-ram-only-vpn-infrastructure

          -and-

          https://mullvad.net/en/blog/moving-our-encrypted-dns-servers-to-run-in-ram

          When people talk about "zero logs," I'm not aware of anything better than having everything run through RAM. Going out to lunch/dinner or watching a movie is roughly $10 to $20/person these days. I'll happily pay a couple extra bucks a month for a VPN with this kind of privacy and continual upgrade in service, or from the other three I mentioned (and I believe Mullvad is still even the least expensive of the four). No criticism from me on your choices though.

        • I have qBit bound to my VPN (Nord), but it basically stops every few minutes. So I had to stop and use killswitch.

          This, I think, is actually an issue with qBit. But maybe it only ever happens to me.

          • every few minutes is a lot. havent been on nord for a few years but even when i was on them i dont remember getting drops that frequently. i suspect it is likely not an issue with qbit as many others use it without running into drops like that - including myself.

            probably an issue with either nord or your isp. if you are on wifi, there are also some routeres with known issues when it comes to dropping wifi signal - but there's too many different models and firmware versions to really guess this accurately without detailed info (and sometimes it only happens in specific versions of firmware on specific routers).

            i get occasional drops on PIA but its usually after running for something like 3-7 days straight. i'm not using the official pia client app but instead download manual ovpn file configurations from pia and import them into generic client. under windows, you need the openvpn free community client for this. under linux, you can import them into networkmanager. iirc, nord has manual ovpn files too but they make you select a specific server and download 1 config file at a time.

            alternately, if you setup wireguard that might also work better but haven't tested myself

            • I used Nord proxies when I still used uTorrent, never had issues. I'm definitely hardwired, and my isp is shit, don't get me wrong, but the only change I can see is qBit and proxies. I tried every server they had available, and the issue just stops when I don't use their proxies. Maybe I should try proxies from some other service, but I'm not really in a place to shop around... and I don't know that free vpn services have proxies that you can try.

              I also say "stops every few minutes", I should clarify, it stops and doesn't resume. I have to close qbit and reopen.

              I don't know enough about ovpn or wireguard to know how that would help me... Is that not a VPN/tunneling that you have to have both sides to use? So I would go to a server that has another VPN running on anyways?

              • I don’t know enough about ovpn or wireguard to know how that would help me…

                OpenVPN and Wireguard are different protocols that VPN providers can use. Technically, there are also groups and client apps of the same name for both too. I think there are other protocols too (pretty sure there's one called IPsec and maybe some others) but OpenVPN and Wireguard are 2 of the most common. Wireguard is newer and generally is regarded as faster than OpenVPN protocol but there are some privacy issues with it if using the unmodified version. Some VPN companies use a modified version of WG that address those issues (Nord and PIA). But since customers can't inspect the server configs, I would definitely recommend only using VPN companies that have undergone a third party audit to confirm that they keep no logs and have a server configuration without privacy issues (off my head: PIA, Nord, Mullvad, expressvpn, surfshark, cyberghost).

                Is that not a VPN/tunneling that you have to have both sides to use?

                Yes, if your VPN provider doesn't have servers configured with Wireguard, then you can't use it. And even if they do, it probably won't be all the servers so you need to choose one with it. So if say your provider was Nord. Nord calls their modified WG as "NordLynx".

                If you wanted to connect to Nord's WG (aka NordLynx) servers, AFAIK you have to use the official Nord client app. Some providers might release a WG config file that you could use to manually set it up but last time I checked Nord only offers manual config files for OpenVPN (here's an old reddit thread basically saying the same thing). This is annoying if you are trying to have a setup where you can switch between multiple providers and protocols easily (like me) or in places where you can't install client software (like routers) but probably not a big deal to most users connecting from a computer/tablet/phone/etc.

                For PIA, it is similar although they don't rename their Wireguard as something else. But again, they don't provide manual WG configs and you have to use their official app to use it. However, they do have some github repos and more technical users can run some scripts to generate temporary manual configs (my understanding is that unlike the OpenVPN manual configs, these will eventually expire and you will need to rerun the scripts again at some later time).

                I used Nord proxies when I still used uTorrent, never had issues. I’m definitely hardwired, and my isp is shit, don’t get me wrong, but the only change I can see is qBit and proxies. I tried every server they had available, and the issue just stops when I don’t use their proxies. Maybe I should try proxies from some other service, but I’m not really in a place to shop around… and I don’t know that free vpn services have proxies that you can try.

                Not sure. Hard to debug without concrete details and I'm probably not the best for that anyway. Could be proxies; I connect to vpn servers but not via socks proxies so not sure how those are different speed wise.

                If not that, could be qbit settings or version (several years ago some various builds of qbit could be hit or miss but I thought that was more or less done with nowadays). If you are interested in working it out, my recommendation would be to take some screenshots of qbit settings. Then create a post asking about improving qbit speeds and also list a) who the vpn provider is - nord or whatever you use now, b) how you are connecting - nord app or proxy url etc, c) if you are testing with same torrent in each, then what kind of approx numbers you are seeing in qbit and what you expect based on network test. That would probaby be enough info for folks to help you get it sorted and would be a good resource for anybody else having similar troubles.

    • Excellent info. Thank you!

    • You didn't even mention QBittorrent's best feature: it has a search engine that searches across lots of different torrent sites, so you don't need to check each one!

      • I agree that that is a very nice feature. So are the rss feeds.

        But to me "best" is anything that makes it easier to avoid getting caught so the network interface binding is still my favorite 😉

      • Wait, really? I'm going to have to go check next time I log into my torrenting box.

        • IIRC you have to enable it separately, but it's not very difficult to do. Just google it if you run into trouble

    • Any setup required? I tried it out and my speeds were in the tens of megabits max. Pretty sure nothing was capped in settings.

      • Maybe? Been awhile since I've messed with my setup and while I don't like slow, I prioritize security over speed so my settings might not be what you want anyway. so I'd recommend just looking up a guide; it is an extremely popular torrent client and there should be tons of guides out there. Or if you not sure which guide to use, just create a new post here - lot of people use it and probably have set it up from scratch more recently than me. I know some people say to open ports on the router but i've never liked the idea (I view it as less secure) but some people swear by it.

        I can recommend that you test the following:

        • make sure you are using a VPN server that isn't too far away. If you were in say San Franciso and selecting a VPN in New York or Europe, your speeds will be less than if you selected one in Seattle or Los Angeles
        • do a speed test off your vpn vs on it (e.g. speedtest.net). ALL VPNs will be slower than regular non-VPN due to the encryption and having less hops. But you can see how much difference it makes when you switch servers and if you have more than one VPN service, then you can find servers in the same city for both and compare which service is faster.
        • If your VPN has a modified WireGuard service (PIA and Nord both do IIRC), then that should be faster. I say modified bc the unaltered Wireguard spec has a privacy red flags so if you have a VPN service that offers it, make sure you read up or at least skim some reviews and whatnot to make sure they handled those issues that in a way that doesn't leave your identity exposed. PIA and Nord both did that (I think Nord's was called something else not actually WG but idr).
        • make sure you do your testing on popular torrents - but if it is anything you could get in trouble for, then you should do all the leak tests I mentioned above FIRST. Only mentioning, bc I had a friend that was testing his shit on some obscure thing he was looking for and saying it was slow but when i helped him configure his settings, we tested with something popular (i think whatever the current hottest show was) and he was actually getting a lot better speeds than he thought.

        edit: just searched on dbzer0 and wasn't seeing much on this. I did find a reddit post and a makeuseof guide that both mention stuff about improving speed. For the reddit one, I think the patched exe they are talking about is likely a dev build and since that was from a few years ago, whatever fix is probably already merged in and no longer needed. will compare the other settings vs mine and post back


        edit2: are are the differences i have from the guide:

        • makeuseof has (Tools > Options > Speed) "Upload and download rate limits are set to infinity by default, and it's recommended not to tinker with these limits. Most often, users limit the upload rate to save bandwidth and get faster download rates, but the torrent client's choking mechanism compromises download rates when upload rates are limited, making the download process much slower." - on mine, i had infinite down and was restricting upload. But I kind of think MUO's advice is better and increased my upload amount. Mine was 100 KiB/s, now 1000 KiB/s. Only reason I don't put it on infinite is I am on a capped internet and tend to leave my downloaded stuff around for sharing so I want to avoid uploads consuming too much of my monthly bandwidth and I don't leave my client running 24/7 so not sure how reliable bandwidth settings are.
        • makeuseof has (Tools > Options > BitTorrent) "In the dropdown menu next to Encryption mode, select Allow Encryption. " but on mine I have it as "required Encryption" - probably this would make mine slower than the suggestion tho
        • Tools > Options > Connection settings I have "TCP and uTP" (same as MUO) but that old reddit thread was recommending only TCP.
        • MUO has (Tools > Options > Connections) : "Ensure the box beside Use UPnP / NAT-PMP port forwarding from my router is checked. " - as I mentioned, I don't do port forwarding so I leave mine unchecked but there is probably a speed hit for this.
        • There was also something about "Don't download multiple torrent files at the same time. This will then allocate all available bandwidth to downloading a single file, resulting in a faster download. " - I generally ignore this but there IS some truth to it. I have had hundreds of things queued before and gotten awful speeds. I recommend just not going overboard with how many you are running at once.
        • Tools > Options > Advanced: Find the network interface and select the one that corresponds with your VPN. If you aren't sure, for most Windows users you can connect to VPN then find from command line using ipconfig /all and look for something that is NOT disconnected and probably has TAP-Windows Adapter Vx if using OpenVPN-Protocol (most VPNs) but might be different for wireguard. For Linux users, to show network interfaces run ip -4 -o -br addr - usually in linux ethernet interfaces start with an E and wifi interfaces start with a W, lo is localhost, and 99% of the time the vpn interface will be named tun0 if you are using a VPN with OpenVPN-protocol (most of them) but might be something different for wireguard or if you have customized things.
144 comments