Skip Navigation
82 comments
  • Pick one that has a wireguard config generator, so you don't need to use any client software besides the normal linux wg client.

    I'd also look for one that accepts anonymous payment methods. Even if you don't intend to go to the trouble to use that yourself, it's probably a good sign if it's available. Mullvad is pretty safe and served me well until they stopped doing port forwarding. Proton, windscribe, azire, and airvpn were the ones that seemed most recommended when I went to look for a new one a few months ago.

    • Mullvad: Very privacy focused, ok priced, very robust. Sadly they removed port forwarding not too long ago.
    • AirVPN: Good speeds, many servers, cheap, port fowarding.
    • ProtonVPN: Works well, specially if you like the idea of getting their services together (mail, cloud, vpn)
  • As you may read elsewhere, Mullvad and ProtonVPN are the go-to for many people. But what Linux distro are you running? both of them don't have an OFFICIAL client for Arch, you can install them from the AUR though but I read the from proton rep in reddit that they don't recommend these packages as they're handled by the community.

  • If you wanna torrent make sure it supports port forwarding.

  • I use Proton VPN to bypass censorship. Use Remote Torrenting for torrent.

  • Safing.io portmaster with SPN. It's better than any of the other recommendations so far.

    • I didn't see anything about not keeping logs (please correct me if I just missed it). Also, they don't have any built-in DNS protection, and it's expensive at $8.34usd/month.

      It's an interesting idea to stratify your VPN and force individual apps to bind to their own tunnels, but seems like a lot of extra setup for little payoff, and if you can't be certain they're not keeping logs, there's little benefit to having multiple VPN connections vs one.

      Please, feel free to correct me if I've misunderstood something.

      • They do have built in DNS protection, it's just not DNS servers controlled by them. You can pick presets from AdGuard, Cloudflare, etc. Or, use your own.

        Regarding logging, I'm not sure I understand entirely how it's relevant to a service such as SPN. Have you used Tor and wondered if the nodes are logging? SPN is also an onion router. So, the exit node will not know your origin, even if they are logging. Of course, we could go down rabbit holes about speculative traffic correlation and/or timing attacks, but that's a separate discussion. A large portion of the SPN network is also community operated nodes.

        SPN nodes can also be run by anyone without needing a large investment of staked cryptocurrency, unlike another onion router Lokinet. This lowers the barrier to entry for a more diverse number of community contributed nodes to SPN.

        These aren't necessarily multiple VPN connections. Instead, every network request is sprayed across the SPN network based upon your desired number of hops and other settings. This means one app might see you as being in Iceland while another in Australia, etc. It bounces every connection around the network. If someone were trying to track you, it'd make it just a little more difficult than a static location connection with a traditional VPN.

        Hope this helps and you give it a try.

82 comments