2020 Post-pandemic VPN?

dvsman

2[H]4U
Joined
Dec 2, 2009
Messages
3,256
So I haven't had a vpn since PIA got bought out by foreign owners. With that in mind, I've been searching for a replacement that is not owned by a foreign country - whether it's China / India or other.

While reviews suggest the same names as always, though PIA seems to have dropped off some of the top 10 lists Like this one: https://www.comparitech.com/blog/vpn-privacy/best-vpn-for-usa/

Anyone have firsthand experience with Express VPN, NordVPN or Surfshark (the top 3 from that review)?

This isn't for anything tha requires conspiracy-levels of secrecy but I would prefer my stuff not getting piped directly to Beijing or wherever if at all possible.
 

SamirD

2[H]4U
Joined
Mar 22, 2015
Messages
3,788
With the domestic awareness of foreign interference increasing at the federal level, at some point all the ties from the US Internet to the rest of the world will be severed to prevent the weaponization of the Internet to harm the US. You can already do this with enterprise routers that have options for 'geoblocking', but as the damage costs continue to rise from being 'wide open' the way we currently are, there will be a point when someone in control realizes that 'the only winning move is not to play'.

That all being said, you probably have more of a chance to have your data funneled to a foreign power via a vpn service than without. ISPs have very strict rules by which they have to play by and the law here still (mostly) work so there are penalties for overstepping those bounds. You have no control or rights to your data when it reaches any foreign soil so I wouldn't bother with any of that vpn nonsense.

Now, if you really want to do it right, get an ipsec vpn router at home and setup an account with azure/amazon/etc to have all your traffic routed up to their cloud over an ipsec tunnel and out to the Internet that way. Then you are paying for business level services where they can't monkey around with you.
 

cjcox

[H]ard|Gawd
Joined
Jun 7, 2004
Messages
1,770
With TLS 1.3 and DNS over HTTP(s).... should see a ton of VPNs no matter what the country as a lot of things become private.

Of course, if such protocols are mandated more, VPN for circumvention, might not be as necessary.

(I take it you're mostly interested in "circumvention" of location?)
 

dvsman

2[H]4U
Joined
Dec 2, 2009
Messages
3,256
Pretty much my only use is for when I'm out and about. Coffee shops, hotels, airports are my main concern. Like I said, nothing confidential or anything, just personal security / privacy.

I take it you're mostly interested in "circumvention" of location?
 

Shoganai

Gawd
Joined
Dec 5, 2018
Messages
852
Been with NordVPN for years. I've used many others, but I keep sticking with Nord.
 

SamirD

2[H]4U
Joined
Mar 22, 2015
Messages
3,788
Pretty much my only use is for when I'm out and about. Coffee shops, hotels, airports are my main concern. Like I said, nothing confidential or anything, just personal security / privacy.
Oh, then you need my setup. :D I basically remote in to home via an ipsec tunnel and then rdp into a system at home and work using it.

A couple of advantages to this. One is that you never have to start/stop work--need to make a quick run somewhere? Just leave and take a system. You can rdp back into your system right where you left off. Another advantage is data--you can use a simple thin client laptop or even an older laptop running linux to connect to your network so no data on the system you're connecting from so no risk of physical data theft. And because your data never leaves your home network, no risk of interception either.

Setting this up right requires an enterprise vpn router and client setup on your system, but that's basically it. Enable rdp on your system behind your router and you can log in via your home network systems or via your ipsec tunnel.
 

Shoganai

Gawd
Joined
Dec 5, 2018
Messages
852
Oh, then you need my setup. :D I basically remote in to home via an ipsec tunnel and then rdp into a system at home and work using it.

A couple of advantages to this. One is that you never have to start/stop work--need to make a quick run somewhere? Just leave and take a system. You can rdp back into your system right where you left off. Another advantage is data--you can use a simple thin client laptop or even an older laptop running linux to connect to your network so no data on the system you're connecting from so no risk of physical data theft. And because your data never leaves your home network, no risk of interception either.

Setting this up right requires an enterprise vpn router and client setup on your system, but that's basically it. Enable rdp on your system behind your router and you can log in via your home network systems or via your ipsec tunnel.
Sounds a lot more complicated than just clicking the connect button in my VPN.
 

cjcox

[H]ard|Gawd
Joined
Jun 7, 2004
Messages
1,770
Oh, then you need my setup. :D I basically remote in to home via an ipsec tunnel and then rdp into a system at home and work using it.

A couple of advantages to this. One is that you never have to start/stop work--need to make a quick run somewhere? Just leave and take a system. You can rdp back into your system right where you left off. Another advantage is data--you can use a simple thin client laptop or even an older laptop running linux to connect to your network so no data on the system you're connecting from so no risk of physical data theft. And because your data never leaves your home network, no risk of interception either.

Setting this up right requires an enterprise vpn router and client setup on your system, but that's basically it. Enable rdp on your system behind your router and you can log in via your home network systems or via your ipsec tunnel.

Since ultimately this is a proxy like approach, you could eliminate the ipsec altogether and do (any) encrypted tunnel. (just saying... and btw, this is the most secure approach)
 

dvsman

2[H]4U
Joined
Dec 2, 2009
Messages
3,256
What Shoganai said, plus having to tunnel back into your own home network really only works when you are close / in the USA. when you travel ... especially abroad, not very handy.
 

Shoganai

Gawd
Joined
Dec 5, 2018
Messages
852
What Shoganai said, plus having to tunnel back into your own home network really only works when you are close / in the USA. when you travel ... especially abroad, not very handy.
And if your home internet is spotty like mine, I could never rely on it when away from the house. And like you said, when traveling abroad, it’s nice to be able to change your country IP location.
 

SamirD

2[H]4U
Joined
Mar 22, 2015
Messages
3,788
What Shoganai said, plus having to tunnel back into your own home network really only works when you are close / in the USA. when you travel ... especially abroad, not very handy.
I've actually used this from India and Canada without issues, so not sure why it would be an issue.
 

SamirD

2[H]4U
Joined
Mar 22, 2015
Messages
3,788
And if your home internet is spotty like mine, I could never rely on it when away from the house. And like you said, when traveling abroad, it’s nice to be able to change your country IP location.
Yeah, if home Internet isn't reliable then that's an issue on its own. :(

Personally, I wouldn't want my IP to be local. I'd want a fully encapsulated tunnel back to home base--just like enterprises do it.
 

Vengance_01

Supreme [H]ardness
Joined
Dec 23, 2001
Messages
6,212
I would just use my work VPN but I would setup an ipsec tunnel to home if feasible
 

Nicklebon

Gawd
Joined
May 22, 2006
Messages
661
Sounds a lot more complicated than just clicking the connect button in my VPN.
Once setup it really isn't. I have pretty much the same style setup SamirD describes and it works flawlessly. On the road I literally just slide the vpn button to on and enter my RSA code when asked as I have that extra layer of security. All my traffic appears to be coming from home so never any security warnings or other hassle from service providers becuase they don't recognize my IP.

I should add that I wrap everything in TLS vs IPSEC. There are too many places that will block IPSEC.
 
Last edited:

Nicklebon

Gawd
Joined
May 22, 2006
Messages
661
What Shoganai said, plus having to tunnel back into your own home network really only works when you are close / in the USA. when you travel ... especially abroad, not very handy.
I find the opposite to be the case. When abroad, especially Central and Eastern Europe, many service providers lose their mind and lock you out which then requires unlocking them only to be relocked out the next time you get a new IP. I had zero issues tunneling all my traffic home literally from Siberia over public wifi and LTE. I could even argue that some things worked better as my home DNS server is more reliable than many abroad.
 

blackmomba

Limp Gawd
Joined
Dec 5, 2018
Messages
397
Nord is good, connection speeds are good
Their Windows client is Ok, Linux client is horrible
I've had cyberghost too. Theyre based in Germany though iirc
 

Shoganai

Gawd
Joined
Dec 5, 2018
Messages
852
I've actually used this from India and Canada without issues, so not sure why it would be an issue.
I guess it would be the same as using a VPN server based in your location. Dunno why I thought of it any differently. But again with the spotty internet thing. :(
 

SamirD

2[H]4U
Joined
Mar 22, 2015
Messages
3,788
I guess it would be the same as using a VPN server based in your location. Dunno why I thought of it any differently. But again with the spotty internet thing. :(
Well, kinda. A vpn service still can do anything to your traffic. Your isp can do the same, but probably has a lot more oversight to prevent too much nonsense.
 

tangoseal

[H]F Junkie
Joined
Dec 18, 2010
Messages
8,911
Go read my mini review of Malwarebytes VPN. Its like 2 threads under this one.
 
Top