sicelo | who else has reasonably 'safe' free vpn - like riseup vpn for example? | 13:38 |
---|---|---|
KotCzarny | i just run openvpn at home (static ip, good symetrical bandwidth etc) | 13:39 |
KotCzarny | *openvpn server | 13:40 |
sicelo | i don't have access to that kind of setup :-) | 13:40 |
KotCzarny | well, you asked who has :) | 13:40 |
KotCzarny | check out surfshark, i think they were quite cheap | 13:41 |
sicelo | hehe, well ... if you are offering to let me connect to your openvpn | 13:41 |
KotCzarny | according to their webpage: Plan includes: No Logs Policy | 13:42 |
KotCzarny | ~4usd/mon | 13:43 |
KotCzarny | as a bonus they aim to provide netflix capable endpoints ;) | 13:43 |
KotCzarny | at least they did some time ago | 13:44 |
KotCzarny | Surfshark is owned by a company in the British Virgin Islands, which doesn't fall under 14 Eyes Jurisdiction. There are areas around the globe that have signed an agreement with US authorities to collect and share information. | 13:46 |
sicelo | i was looking for something i could run on my laptop only once in a while. on Android i find Riseup VPN usable enough the few times that I need it. let me see if i can build it for my debian system | 13:51 |
Maxdamantus | If I want to connect to things over a remote host I have access to, I just use ssh with either port forwarding or the dynamic proxy. | 14:03 |
Maxdamantus | If I really needed a VPN, I'd still do that over ssh, using tun/tap. I know you can at least do that reasonably easily using socat. | 14:03 |
Maxdamantus | Looks like openssh itself has support for tun. | 14:04 |
sicelo | yeah. normally i used simple ssh dynamic proxy. but i no longer have access to a remote ssh server, and today my government has evidently censored parts of the internet, hence the sudden/immediate need to connect via another vpn/proxy | 14:07 |
KotCzarny | best course of action is to have some vm or dedi server (ovh, hetzner, whatever) for cheap | 14:12 |
KotCzarny | there are also free plans on aws and google i think | 14:12 |
KotCzarny | you would need to recreate after few months but free is free | 14:12 |
KotCzarny | then you can create your own vpn/sshd | 14:13 |
sicelo | mmm, these guys not only blocked access to some parts of the internet, but also are throttling connection speeds | 14:21 |
KotCzarny | back to the 90s | 14:25 |
KotCzarny | setup squid proxy for home :) | 14:25 |
KotCzarny | maybe even compressing one | 14:25 |
Maxdamantus | Not squid. | 14:26 |
Maxdamantus | Should be using end-to-end TLS connections nowadays. | 14:26 |
bencoh | sicelo: I dunno what kind of budget you're aiming for, but I'd highly recommend renting a server/vps from one of the cheap european hosters | 14:26 |
KotCzarny | you can setup squid as ssl bumping one too | 14:27 |
bencoh | (although it would probably be bad latency-wise, but still) | 14:27 |
Maxdamantus | What, by trusting its MITM cert? | 14:27 |
Maxdamantus | or does "SSL bumping" mean you connect to it unencrypted and it connects using SSL? | 14:28 |
Maxdamantus | that has other security issues. | 14:28 |
Maxdamantus | anyway, bedtime. | 14:28 |
sicelo | bencoh: will consider that | 14:29 |
joerg | https://hackaday.com/2021/10/20/kicad-team-releases-warning-regarding-domain-name/ | 19:09 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!