Hey all,
I’ve been using a commercial VPN for years on my mobile devices and home PCs. Recently I’ve started to use Tailscale and realized I can easily create a self-hosted VPN on a cheap VPS with unlimited traffic.
But I’m not really sure if that’s what I need. BTW, I’m not doing anything dangerous, no torrents, no illegal stuff, no journalism or whistleblowing, not even looking up abortion clinics. I just hate mass surveillance and I don’t want to be constantly profiled.
Commercial VPN allows to “hide in a crowd” by sharing IP with thousands of other clients. But there are a few issues:
- Often sites blacklist VPN IPs, so I can’t get in or pass captcha
- Performance is not very good
- I have to trust VPN to not keep the logs and not sell data. I used Mullvad and they are considered reliable, but you never know until it’s too late
With self-hosted VPN, I’m losing benefit of “hiding in crowd” as my VPN will be used only by me and maybe a couple of other people. My understanding is that my VPS outgoing traffic is from static server IP. So if I login to Facebook once, the address is associated with me. I’ll also have to trust VPS provider to not analyze my traffic and sell it. On other hand, I’m still protected from my ISP spying, from exposing my real IP address to web sites, from dangers of public WiFi networks. And I might get better performance for about the same price.
What’s your take on VPNs? Tell me if you are using self-hosted VPN and why.
Self-hosted VPNs are not used the same way as commercials ones.
They’re intended to access your server from outside the house without exposing it to the internet.
Commercial VPNs are intended to hide your identity across the web and to hide your non-HTTPS web traffic from your ISP.
Commercial VPNs are intended to hide your identity across the web and to hide your non-HTTPS web traffic from your ISP.
You’re forgetting a demographic that is probably bigger than this - people who don’t care and just want to go to blocked sites.
Exactly. Even for mobile use besides accessing your home resources you can avoid your cellular provider monitoring/hijacking your traffic.
Of course self hosting means you’re still sending that info from your home network over your ISP.
So it’s a trade off there but depending on your ISP vs your cellular network makes sense.
This is a good point. Maybe setting up a VPN at home would the good option for when I’m on the go
I mean you could use both in combination. Start9 will even tunnel all your traffic through TOR.
VPNs cannot hide your identity.
Well that’s an interesting take
I use self hosted VPN for many years now.
You worry that facebook would associate that static ip with you but the problem is quiet the opposite.
most website will recognize that your IP belong to a hosting company so they often suspect that you are a bot. Wikipedia wont let u edit articls, youtube wont let u comment on videos. Other than that its fine, just expect to pass more captcha.
you could pay little extra and get dynamic IP from your provider. That effectivwly changes your IP. Deleting dynamic IP and recreating it gives u a new one. But I dont do that.
I just hide in the crowed by letting others uss my VPN and rely on service providers often dismissing my IP as bot
To make it absolutely clear:
Your VPS has an ip. All your traffil will go through it if you set it up as a VPN. So your behaviour patterns will be tied to that one IP. You will be the only one on that VPN.
A commercial VPN has many users at the same time on a given Server. So the traffic and behaviour that comes from that servers IP will produce garbage data for analysis.
You could selfhost a VPN on your VPS and let others use it for free somehow to obfuscate your behaviour and patterns, but you as the VPS owner will have to deal with legal stuff then.
If you want anonymity no, if you don’t then yes.
If you want anonymity and the advantages of a VPS VPN at the same time you should look for a provider which accept crypto payments, and optionally setup tor, i2p and freenet nodes to obfuscate your traffic.
That way you will be helping the community and at the same time securing yourself.
Thanks for the suggestion, but anonymity is not my goal with VPN. I known about tor etc, and it is not working well for everyday web surfing
Tor network could always use more obfuscation.
From a privacy standpoint I don’t think it would make a big difference over not using a VPN at all. It will take a bit of time but your new IP will become associated with your identity. From the perspective of Facebook and Google, it will just look like you moved and are living inside a datacenter now.
Yay, I can get some targeted ads about data center hardware!
I route through my server or my home router when using public WiFi and stuff. I don’t care too much about the privacy aspect, my real identity is attached to my server and domain anyway. I even have rDNS configured, there’s no hiding who the IP belongs to.
That said, server providers are much less likely to analyze your traffic because that’d be a big no-no for a lot of companies using those servers. And of course any given request may actually be from any of Lemmy, Mastodon, IRC bots or Matrix, so pings to weird sites can result entirely from someone posting that link somewhere.
And it does have the advantage that if you try to DDoS that IP you’ll be very unsuccessful.
I use a self hosted vpn because my main reason to use a vpn is avoiding monitoring from my isp and whoever is managing the local network, and I don’t want websites to know where I’m located.
Your traffic will be analyzed even when encrypted because information leaks in your traffic patterns and ML can suss out what you’re browsing or talking to. If you want to avoid this you need to pad your packets and stuff random data into your packet stream to throw off the analysis.
Mullvad has a feature to add random noise into traffic patterns, actually
