Mullvad VPN: Introducing Defense against AI-guided Traffic Analysis (DAITA) ( mullvad.net )

Shadowq8 , 14 days ago

I use Mullvad really good, love how they don't care who you are and can actually maintain complete anonymity even in payment.

Propably going to be banned soon for some stupid reason if gets popular, like free speech is allowing the terrorists make bears cry or something.

MTK , 14 days ago

I can tell you that this exists way before AI, I wish that there was more awareness earlier but it's good that now its starting

Sunny , 15 days ago

Love they called the defence framework "Maybenot".

pyrosis , 15 days ago

How about defense against dhcp option 121 changing the routing table and decloaking all VPN traffic even with your kill switch on? They got a plan for that yet? Just found this today.

https://www.leviathansecurity.com/blog/tunnelvision

cypherpunks , 15 days ago

https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision

pyrosis , 15 days ago

I doubt it would matter in some environments at all.

As an example a pc managed by a domain controller that can modify firewall rules and dhcp/dns options via group policy. At that point firewall rules can be modified.

SpaceCadet , 15 days ago

Don't you control your dhcp server?

thatsnothowyoudoit , 15 days ago

The Option 121 attack is a concern on networks where you don’t.

Exactly where you’d want a VPN. Cafes, hotels, etc.

SpaceCadet , 15 days ago (edited 15 days ago)

True that. Hadn't thought of that as it's not my typical VPN use case.

I'm not sure what a VPN provider could do about that though, they don't control the operating system's networking stack. If the user or an outside process that the user decides to trust (i.e. a dhcp server) adds its own network routes, the OS will follow it and route traffic outside of the tunnel.

The defenses I see against it are:

• Run the VPN and everything that needs to go through the VPN in a virtualized, non-bridged environment so it's unaffected by the routing table.
• Put a NAT-ing device in between your computer and the network you want to use
• Modify the DHCP client so that option 121 is rejected

Edit: thinking about it some more, on Linux at least the VPN client could add some iptables rules that block traffic going through any other interface than the tunnel device (i.e. if it's not through tun0 or wg0, drop it). Network routes can't bypass iptables rules, so that should work. It will have the side effect that the VPN connection will appear not to work if someone is using the option 121 trick though, but at least you would know something funny was happening.

pyrosis , 15 days ago

Of course but you don't control rogue dhcp servers some asshat might plug in anywhere else that isn't your network

MashedTech , 15 days ago

Windscribe had something similar already? Not exactly this, but they had a feature to add other random traffic to your network specifically to work against systems like these.

MigratingtoLemmy , 16 days ago

I love these guys. Let's see if somebody can just bootstrap the FOSS framework directly on TCP to work on the internet without a VPN. Fantastic project

potatopotato , 15 days ago

Those words sound cool and mean literally nothing

AstralPath , 15 days ago

Bootstrapping See the Application section specifically.

FOSS = Free/Open Source Software
TCP = Transmission Control Protocol
VPN = Virtual Private Network

These words mean a lot actually. Pretty basic terms when it comes to the internet.

explore_broaden , 15 days ago

I think they meant the comment as a whole doesn’t really make sense, it’s a bunch of technical terms kind of shoved together. If you understand it can you explain what it means?

trolololol , 15 days ago

That means the same as fossing the tcp so it bootstraps your privacy.

See I can sound like a bot too. Or a journo.

mangaskahn , 15 days ago

Yes, the individual words have meanings, as words tend to do. Those words, in that order, form a NCIS, two people typing on the same keyboard, level word salad that has so little real world relevance that it tips soundly into the absurd.

OsrsNeedsF2P , 15 days ago

Err... Like.. a 2009 Java applet? Those were built straight on TCP. And the lack of security let anyone else in the same LAN cafe steal your password.

The closest thing I can think of that goes for the vibe you're talking about is I2P

Phoenix3875 , 16 days ago

The Chinese Great Firewall (GFW) has already been using machine learning to detect "illegal" traffics. The arms race is moving towards the Cyberpunk world where AIs are battling against an AI firewall.

possiblylinux127 , 16 days ago

Careful criticizing China you will awake the Tankies.

oce , 16 days ago

You can conviniently block a whole instance from your account now, it reduces this kind of disagreement a lot.

spraynpray , 16 days ago

[Thread, post or comment was deleted by the author]

aBundleOfFerrets , 16 days ago (edited 16 days ago)

Instance blocking is dependent on client implementation, as it isn’t provided by lemmy itself.

edit: no longer the case

spraynpray , 16 days ago

[Thread, post or comment was deleted by the author]

aBundleOfFerrets , 16 days ago

Huh, neat

oce , 15 days ago

I think you are correct, but not having the opportunity to participate in a thread on those instances because you can't see them anymore is part of the ways to avoid troubles.

phoenixz , 16 days ago

Should you though?

I get it, it's annoying, but the entire "let's block people with opinions I don't like" is probably the single source of pillerization and increased extremism on the internet.

If I'm not allowed to have a discussion or disagreement with you, and get kicked out instead, I'll just go to places where they will talk with me and where it's chock full of other idiots like me who are much more extreme and in our safety bubble we can all continue not beat the same dead horse and circle jerk and make eachother more extreme because there are no dissenting voices, there are no voices or reason and calm, there are no cooler heads around.

This entire moderation where we simply started dumping people with who we disagree has made the world a.much, much worse place.

Granted, it sucks to have to deal with crazies and extremists, but at least whilst they're in the group we can all keep them grounded in reality.

Cavemanfreak , 15 days ago

I was planning to, but ultimately didn't. I have handed out personal blocks to obvious trolls and a brunch of hexbear users that spammed gifs in every single thread though.

acockworkorange , 14 days ago

Not even grad? Wow.

Cavemanfreak , 14 days ago

Nope. I have filtered both grad and hexbear out of my feed though, I don't need their shit there. And don't forget that many instances already are defederated with them, so there's also fewer of them through that!

Kedly , 15 days ago

I'm not on the internet or lemmy to make the world a better place, I'm on here to kill time/enjoy myself/learn some things. I dont have the mental space to deal extremists, and particularly extremists that have a world view thats incompatible with itself if taken at face value, and I certainly dont have anything valid that I can learn from tankies, and as such, my block list has gotten quite large, and my general mood has increased because of it

thrawn , 15 days ago

This is my thinking for using .world. I don’t get all my news or interaction from Lemmy or the internet as a whole, and Lemmy is small enough that it has an almost zero impact on broader society. I respect those who try, but if my internet experience was antagonistic or frustrating I’d probably just stop using it.

I also feel that conversations of that nature are best had in person, where there’s a higher chance of changing minds. I’ve no proof but it feels like internet discussions are taken less seriously and thus merely end before any opinion changing can occur.

Kedly , 15 days ago

You also have far less info on internet conversion on whether or not its being had in good faith, which is an extra hurdle on opinion change

FiniteBanjo , 15 days ago

This operates under the assumption that there are good decent people on every instance, but instances like Hexbear and Lemmy.ml are inherently corrupt and run by people who want to sow misinformation and chaos to negatively impact western powers. I'm not saying the whole thing is a Chinese operation, but if it were then it would be run exactly the same way it is now.

yolo , 15 days ago

I don't think your whole thought process differs from a tankie. They think the same in a "my team is better, other one is sowing misinformation" way.

FiniteBanjo , 15 days ago (edited 15 days ago)

Lmao, Tribalism is certainly a problem with our society, but ignorance of people clearly acting against your interests is no solution.

oce , 15 days ago

If I’m not allowed to have a discussion or disagreement with you, and get kicked out instead, I’ll just go to places where they will talk with me

I actually tried to, and if it was possible to have rational and polite discussion, without straw man arguments, dog pilling, personal attacks and finally threats of violence, I would have continued to try.
But sadly all of this happen, multiple times.

At some points I considered leaving Lemmy, thinking that this federation as a whole was not safe for debating. But then I started understanding patterns, either it was from the users from a specific instance, or it was communities from a specific instance that turned like that. Overall the pattern seem to be that if the instance mentions extreme political ideologies in its description or if the profiles of its admins do, then debating is not possible.

If they want to stay connected to people to avoid the circle jerk, they have to work on themselves too (ex: learning to debate politely), you can't except us to absorb all the damages to help them avoid radicalization. It's like walking towards a terrorist group with flowers while they are shooting around and expecting them to be inspired by your pacifism.

I do enjoy debating and questioning my own beliefs, but I am not on Lemmy to consume my mental health, so I need to take some actions to protect it.

phoenixz , 13 days ago

not safe debating

Sorry, just to comment on this one: I really dislike that phrase, its use is part of the reason why we are where we are. You ARE safe, all the time. It's not like you talking in a lemmy instance puts you at risk of being shot in the head.

You may encounter assholes, and opinions that you don't like but that doesn't make you unsafe. Uncomfortable, mayby, for having to read information you oppose?

A black man driving and stopped by US police can claim he feels not safe. We lemmies are perfectly fine. I think many people need to grow a little thicker skin in that regard.

oce , 13 days ago

Uncomfortable, mayby, for having to read information you oppose?

dog pilling, personal attacks and finally threats of violence [...]
I am not on Lemmy to consume my mental health

Not all violence is physical.

I think many people need to grow a little thicker skin in that regard.

Are you blaming me for not having a tick enough skin instead of blaming the behavior of attackers? Please reconsider that thought.

KairuByte , 15 days ago

I “blocked” hexbear, because a mod didn’t take the time to use their brain, labeled me a “pedophile apologist” and banned me from the entire instance. If they moderate based on “I don’t care what actually happened, I’m mad” then I’m not going to bother interacting with them.

fuckingkangaroos , 14 days ago

Hexbear mods are paid to spread propaganda, not use their brain, two fairly exclusive activities.

Texas_Hangover , 15 days ago

Being able to block what you want is great, having other people decide what to block for you is not.

bitwaba , 15 days ago

blocked

phoenixz , 13 days ago

Exhibit a

A_Random_Idiot , 15 days ago (edited 14 days ago)

Because engaging in discussion with certain groups, does nothing but legitimize and amplify their messages of hatred and bigotry you fucking genius.

You don't engage in polite discussion with people that want you dead, that want to seize power and implement fascist authoritarianism, and who want to purge the "impure".

How you deal with it is by aggressively reacting to and putting down their bullshit, and denying them platforms which to spread their messages and hatred.

People like you, who want to wring your hands and play nice and polite with nazis and their ilk, are doing nothing but pushing their agenda for them. People like you are nothing but collaborators, and people like you will end up on the wrong side of the stick alongside everyone else once you've outlived your usefulness.

I eagerly await your reply of "oh well that just means you're intolerant and that makes you worse than the (insert authoritarian flavor of choice) that i want to politely talk with!"

fuckingkangaroos , 14 days ago

I didn't vote on your post, but want to say that you're not going to convince many people with an antagonistic approach.

A_Random_Idiot , 14 days ago (edited 14 days ago)

Well thats a condemnation of yourself, then. Not of me.

Cause if you cant see what engagement, and by extention, legitimization of their points due to that engagement, has done by this point.. Then honestly you're either blind and ignorant, or one of their agents trying to open the door with a soft approach..and I will always be antagonistic to them. If you find offense to that, then you just reveal that you're on the wrong side of that line.

sugar_in_your_tea , 14 days ago

Yeah, I don't block instances, just individuals that have proven to not act in good faith. I try to expose myself to as many diverse opinions as possible, but know if the people holding those opinions can back it up with facts, or are at least willing to consider the possibility that they're wrong, and I try my best to do the same.

Melvin_Ferd , 14 days ago

Problem I see with this is that a lot of "I block people who act in bad faith" have hair triggers when it comes to what they consider bad faith. I see their comments all over the place where its a disagreement and 6 comments in they're claiming the other person is acting in bad faith and they're blocking them

sugar_in_your_tea , 14 days ago

Yeah, that certainly happens.

I personally have only blocked like 2 users. It takes a lot for me to do it.

phoenixz , 13 days ago

I very well get what you're saying but a lot of people don't understand the difference between "has a valid opinion I disagree with" and "is a flame troll LLM" and just block anyone with an opinion they don't like, loudly proclaiming"you are a bad fatig actor!"

I think it really made the entire world a worse place to be in, everyone is in their own echo chambers now, nice and safely shielded from scary opinions that don't align with their warped world view.

sugar_in_your_tea , 13 days ago

Yup, and I don't know the solution here, but I'm honestly giving it a solid try. I intentionally place myself in online groups where people disagree with me to hopefully learn something from them and challenge their own preconceptions. I'm working on a ranking algorithm that should help highlight insightful content based on a web of trust (trick is to trust people who vote based on constructiveness, not agreement).

People point to media companies and politicians for the reason we're so divided these days, but really that finger should be pointed back at us, the people. Those politicians wouldn't be in power and media companies wouldn't optimize for divergent opinions if we vote them in and reward them.

I don't know the solution here, but I try to do my part. I live in a very conservative area, have libertarian views, and spend my time on leftist social media. I just hope it all balances out in the end.

fuckingkangaroos , 14 days ago

"let's block people with opinions I don't like"

I don't think a lot of them are actually people, but rather LLMs. Also, does it count as "people with opinions" when it's shills paid to spread authoritarian propaganda?

I do agree we should limit personal blocking, but that's because we need to collectively manage the Fediverse. There's no budget for countering misinformation campaigns, just us.

Instances blocking propaganda instances, on the other hand, is fantastic. It's what we need for the Fediverse to survive instead of going the way of Voat and other extremist communities.

phoenixz , 13 days ago

While LLMs have become a problem recently, this problem existed since way before that

overcast5348 , 14 days ago

Okay, which instances should I block to get rid of the tankies?

fuckingkangaroos , 14 days ago

Lemmy.ml, lemmygrad.ml, and Hexbear.

oce , 14 days ago (edited 14 days ago)

Lemmygrad and Hexbear are the most obvious ones, sadly lemmy.ml is also part of them in my experience despite not being obvious about it (you have to check the admins and mods profile to see the link) and having some good content when it's not about politics such as tech. There may also be some defederated by my home instance admins that I may not be aware of.

phoenixz , 16 days ago

HI WINNIE POOH! How have you been, have you had your daily dose of honey yet?

Linkerbaan , 16 days ago

One day those tankies people here keep talking about are going to show up.

One day.

I always check under my bed each night to make sure there's no tankies.

possiblylinux127 , 15 days ago

After I blocked hexbear and similar instances I haven't scene them which is nice. Occasionally I'll see a Lemmy world one but that is pretty rare.

jaybone , 15 days ago

I’d say they are more common on Lemmy.ml than Lemmy.world

OsrsNeedsF2P , 15 days ago

Lemmy.ml was originally only federated with Lemmygrad.ml, so most people who stayed around in those days were quasitankie themselves

Linkerbaan , 15 days ago

Lemmy.world has many tankies. You keep seeing them pretend israel is not committing Genocide and America needs to kill all student protesters Tiannenmen style. They are also called liberals

Lemmy.ml does not have many tankies.

jaybone , 15 days ago

This is some top level spin here.

fuckingkangaroos , 14 days ago

no u!!!

Socsa , 14 days ago

Muh historical nihilism

Syntha , 14 days ago

mental illness

sugar_in_your_tea , 14 days ago

Yup. I generally avoid communities on lemmy.ml and I'm much happier for it. I used to sub to several because that was the biggest instance, but now other instances (this one, mine, and some others) are big enough to replace the stuff I don't like there.

I don't like that the community is divided like this, but it's more pleasant I suppose.

jaybone , 15 days ago

I think our instance defederated with hexbear.

No_Eponym , 15 days ago

Drums, drums in the deep ...

https://gifdb.com/images/high/gandalf-saying-fly-you-fools-fw8cj8jprsxh1omb.gif

Socsa , 14 days ago

I have some first hand experience with this. Brand new XMPP server, never before seen by anyone in the world, blocked within about 12 hours. Wireguard VPN on AWS lasts for a few hours on some networks, more on others. Never longer than a few days though.

dubyakay , 14 days ago

From China?

Dempf , 14 days ago

I was there in 2017 or 2018 and set up a Shadowsocks server before I went with whatever the latest mitigations were that I could find at the time. My server wasn't completely blocked, but ended up getting throttled to hell after a few days.

linearchaos , 16 days ago

I swear the defense against the dark arts teacher just keeps getting weirder and weirder.

impure9435 , 16 days ago

That's one of the reasons why I love Mullvad, they actually care about their customers, not just about their bottom line

dojan , 16 days ago

I wonder how much of a bottom line they actually have given how cheap their service is.

impure9435 , 16 days ago

I'm pretty sure they are profitable, considering they were founded in March of 2009. You can't really run a company without profits for 14 years, right? Just routing network traffic isn't that expensive after all. They are the only ones being honest about it, other VPNs charge way more because they only want to extract money from their customers.

dojan , 16 days ago

Cheers. Network related stuff isn't my forte so I really have no idea about the costs. I just figured that the moment you start adding a decent amount of users the costs will go up, and €5 seems like a really fair price.

impure9435 , 16 days ago

It's actually the other way around, the more users you have the cheaper everything eventually becomes

dojan , 16 days ago

Economy of scale?

impure9435 , 16 days ago

Yes, there's no reason this wouldn't apply to a VPN provider. It's also the reason NordVPN or Surfshark is so incredibly cheap.

They have lots of users -> They can pay lots of money for advertising -> They get more users -> Everything becomes cheaper -> They can pay more for advertising

You get the point

Linkerbaan , 16 days ago

Mullvad is 5 bucks a month and never has promos.

Weigh that against Nord which often has a year for like 15 bucks...

But Mullvad is one of the few that actually seems to care about privacy.

dojan , 16 days ago

Oh wow, I had no idea Nord could go that cheap. To me €5 a month felt really inexpensive.

DoucheBagMcSwag , 16 days ago

If only they didn't bend the knee to the five eyes and drop port forwarding

impure9435 , 15 days ago (edited 14 days ago)

They got rid of port forwarding to improve the reputation of their IP ranges. That makes it less likely for Mullvad users to get blocked by CDNs like Cloudflare and Akamai when visiting websites. If you want port forwarding, just use AirVPN or rent a VPS and use that. Not sure what you're talking about, but Mullvad is based in Sweden, which is not a part of the five eyes alliance. It's a part of 14 eyes, but Sweden has very strong privacy laws, Mullvad even has an entire page about privacy legislation in Sweden: https://mullvad.net/en/help/swedish-legislation

They also have a page that explains how Sweden being part of the 14 eyes alliance doesn't really affect Mullvad: https://mullvad.net/en/blog/5-9-or-14-eyes-your-vpn-actually-safe

Their office was also raided by prosecutors last year, and they weren't able to seize any customer information, because Mullvad doesn't store anything about their customers:
https://mullvad.net/en/blog/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised
https://mullvad.net/en/blog/update-the-swedish-authorities-answered-our-protocol-request

Socsa , 14 days ago

5 eyes shit is dumb pop security anyway. As if the CIA can't rent colo space in Kazakhstan and market you some extra spooky VPN.

fine_sandy_bottom , 16 days ago

So it's like a VPN-busta-busta?

What if they have a VPN-busta-busta-busta though?

Alk , 15 days ago

Then we have to wait til they drop the legendary VPN-quad-busta

nivenkos , 16 days ago

No port forwarding really kills the utility though - I mainly use the VPN to do port forwarding (e.g. for video games, Plex, etc.) as my ISP is shit.

Like I'm not worried about state-level de-anonymisation, I just want to be able to share services remotely and have a minimum level of anonymity.

far_university1990 , 16 days ago

Port forwarding removed because hosting threatened to kick mullvad out. Lot of shit hosted through that. No hosting, no vpn, so needed to remove to continue operate.

ForgotAboutDre , 16 days ago

Port forwarding means torrents. People using a VPN to torrent likely have much more traffic, especially those that seed (which is why they want port forwarding). Not enabling port forwarding means mullvlad can operate at a higher profit to cost ratio, and less risk.

far_university1990 , 16 days ago

No. https://mullvad.net/en/blog/removing-the-support-for-forwarded-ports

ForgotAboutDre , 16 days ago

That's what mullvlad say. It's not necessarily the reason why they don't offer port forwarding.

It was always possible for them to continue allowing port forwarding. They could use separate servers for those that want port forwarding, stopping any impact port forwarding had on those customers.

sramder , 16 days ago

Hum… this was one of the original reasons I signed up with them. I totally missed them dropping support. I’m not mad about it because I don’t torrent much anymore, but it’s still a pretty lame excuse.

I want all my services supporting maximum fuckery at all times as a matter of general principle.

Any alternatives that you know of?

Salix , 16 days ago (edited 16 days ago)

I personally like AirVPN. Pretty good speeds depending on the server. You can port forward and have up to 5 devices connected simultaneously. Make sure you're using the Wireguard protocol.

Only issue is that Eddie (their GUI) kinda sucks. Works okay on Linux, and probably same on Windows. The Android one just really sucks.

I personally just download the wireguard configs to use.

sramder , 16 days ago

Thanks for the tip, I’ll check them out.

Aceticon , 16 days ago

Torrenting works fine with Mullvad in my personal experience, and will pretty much up to my current ISP speed limits (which is 200Mbps download).

Can't really guarantee you that it will be as good if you're hosting your own seedbox over their VPN (then again if you're doing that you should probably pay for a proper seedbox hosted elsewhere) but if you've downloade something and the just leave it seeding, it seems fine.

sramder , 15 days ago

I can’t honestly say I’ve ever had much trouble with it either. No trouble receiving files at least… there wasn’t much outbound traffic, but that could just have been a lack of interest :-)

I’m happy with Mulvad’s service and now that the initial shock and indignation is wearing off I’ll probably stick with them.

Besides I read about their new traffic obfuscation and I’ve got to give that a try. We need proactive innovation like that, now more than ever.

nivenkos , 15 days ago

ProtonVPN has it, and Wireguard support.

sramder , 15 days ago

Thank you. It’s good to know I have a few options.

far_university1990 , 16 days ago

If so easy to fix issue, why not make company and fix it?

ForgotAboutDre , 16 days ago

There are plenty of other options in the market, including ones with port forwarding. It's a very saturated market.

MigratingtoLemmy , 16 days ago

You should be using a seedbox to torrent in this age. Let the company run their business, if they don't want to be a part of the group that allows torrents, so be it.

Aceticon , 16 days ago

That sounds strange given that Mullvad works fine for torrenting in my personal experience and even up to quite a good speed (it can use the full 200Mbps download speed from my ISP)

Also modern NAT will do deep packet inspection on common well known protocols to automatically adjust the port of your machine listed on any "here I am" protocol messages being sent out from your side to be an actual port on the VPN Router and to have an internal association of that port in the Router with the actual port in your machine so that connections of that port can be sent to your own machine and the actual port in it that are used.

It's only the pure listenner services (such as webservers and e-mail servers) were the port is pre-defined by convention and not a variable one sent out on any "here I am message" that require explicitly configured port-forwarding on the VPN Router side, plus because the port is fixed by convention for each type of service (such as port 25 for SMTP and port 80 for HTTP), off all the clients connected by VPN to that VPN Router at any one time, only 1 will be able to get that specific port.

ForgotAboutDre , 15 days ago

You need port forwarding to connect on torrents. Your able to torrent because everyone you torrent from has port forwarding enabled. If you want to access more seeders, and more commonly leechers you need port forwarding. This is useful for people using private trackers that want to maintain a ratio.

Aceticon , 15 days ago

I can download at the maximum rate my ISP supports and I can seed after downloading (probably only to those clients which my own client has connected to).

However I cannot seed in a brand new session during which I did not download that specific torrent (as I just tested).

I expect this is because, as I explained, the NAT implementation actually tracks which IP addresses your client connected to and through which VPN Router port that went so that subsequent connections from those IPs to that port get sent to the right port in your own machine, but it doesn't support uPNP/NAT-PMP port forwarding so the bitttorrent client cannot configure on that VPN Router a static port-forwarding so that it can listen for connections from any random client.

So if I understand it correctly it totally screws self-hosted seedboxes and if you want to give back to the community you have leave it seeding immediatelly after downloading and it's not going to be seeding anywhere as fast since its limited to peers connected to during the dowload stage.

nivenkos , 15 days ago

ProtonVPN has it though, which is what I'm using now.

far_university1990 , 16 days ago

Alternative maybe i2p or tor network. Or make vpn to anon vps and host from there.

starman , 16 days ago

You can use Tailscale for this

MrPoopbutt , 16 days ago

How does port forwarding help with videogames?

gamermanh , 15 days ago

Opens up your NAT for matchmaking

nivenkos , 15 days ago

I host a server, I forward the port, my friends can connect to the open port on the VPN side.

My ISP does not offer port forwarding.

qjkxbmwvz , 16 days ago

Someone else pointed out Tailscale; I've had luck with free tier VPS+WireGuard.

I have an Oracle one which has worked well. Downside is I did link my CC, because my account was getting deactivated due to inactivity (even using it as a VPN and nginx proxy for my self hosting wasn't enough to keep it "active"). But I stay below the free allowance, so it doesn't cost.

That said: as far as anonymity goes, it's not the right tool. And I fully appreciate the irony of trying to self-host to get away from large corporations owning my data...and relying on Oracle to do so. But you can get a static IP and VPS for free, so that's something.

MashedTech , 15 days ago

Zerotier could also work for you

ramble81 , 16 days ago

So… Tor?

possiblylinux127 , 16 days ago

Tor is much better than a VPN privacy wise. However, you are limited on speed and stuck with TCP.

AFLYINTOASTER , 16 days ago

Still waiting for Defense Against the AI Dark Arts to drop

just_another_person , 16 days ago

?

RememberTheApollo_ , 16 days ago

Harry Potter reference.

x4740N , 16 days ago

DAIDA

brbposting , 16 days ago

And Dumbledore’s AIrmy for when they forbid DAAIDA as an anti-terrorist measure