Even if you have encrypted your traffic with a VPN (or the Tor Network), advanced traffic analysis is a growing threat against your privacy. Therefore, we now introduce DAITA.

Through constant packet sizes, random background traffic and data pattern distortion we are taking the first step in our battle against sophisticated traffic analysis.

53 points

Still waiting for Defense Against the AI Dark Arts to drop

permalink
report
reply
6 points

?

permalink
report
parent
reply
14 points

Harry Potter reference.

permalink
report
parent
reply
12 points

DAIDA

permalink
report
parent
reply
5 points

And Dumbledore’s AIrmy for when they forbid DAAIDA as an anti-terrorist measure

permalink
report
parent
reply
3 points

So… Tor?

permalink
report
reply
19 points
*

Not just tor. Tor plus random traffic.

Let’s say across your VPN you always sent one megabyte per second of traffic even if you had nothing to say. And then everybody connected to the VPN endpoint did the same thing. Then it gets very difficult to actually follow the traffic flows of the encrypted packets. You don’t see a large chunk of data passing through the network

permalink
report
parent
reply
-2 points

Tor does this to and is much better than a VPN

permalink
report
parent
reply
6 points

It does not generate random traffic on your link to Tor.

permalink
report
parent
reply
5 points

Tor is much better than a VPN privacy wise. However, you are limited on speed and stuck with TCP.

permalink
report
parent
reply
39 points

No port forwarding really kills the utility though - I mainly use the VPN to do port forwarding (e.g. for video games, Plex, etc.) as my ISP is shit.

Like I’m not worried about state-level de-anonymisation, I just want to be able to share services remotely and have a minimum level of anonymity.

permalink
report
reply
34 points

Port forwarding removed because hosting threatened to kick mullvad out. Lot of shit hosted through that. No hosting, no vpn, so needed to remove to continue operate.

permalink
report
parent
reply
7 points

Port forwarding means torrents. People using a VPN to torrent likely have much more traffic, especially those that seed (which is why they want port forwarding). Not enabling port forwarding means mullvlad can operate at a higher profit to cost ratio, and less risk.

permalink
report
parent
reply
5 points
*

That sounds strange given that Mullvad works fine for torrenting in my personal experience and even up to quite a good speed (it can use the full 200Mbps download speed from my ISP)

Also modern NAT will do deep packet inspection on common well known protocols to automatically adjust the port of your machine listed on any “here I am” protocol messages being sent out from your side to be an actual port on the VPN Router and to have an internal association of that port in the Router with the actual port in your machine so that connections of that port can be sent to your own machine and the actual port in it that are used.

It’s only the pure listenner services (such as webservers and e-mail servers) were the port is pre-defined by convention and not a variable one sent out on any “here I am message” that require explicitly configured port-forwarding on the VPN Router side, plus because the port is fixed by convention for each type of service (such as port 25 for SMTP and port 80 for HTTP), off all the clients connected by VPN to that VPN Router at any one time, only 1 will be able to get that specific port.

permalink
report
parent
reply
5 points

ProtonVPN has it though, which is what I’m using now.

permalink
report
parent
reply
4 points

Alternative maybe i2p or tor network. Or make vpn to anon vps and host from there.

permalink
report
parent
reply
4 points

You can use Tailscale for this

permalink
report
parent
reply
6 points

How does port forwarding help with videogames?

permalink
report
parent
reply
5 points

Opens up your NAT for matchmaking

permalink
report
parent
reply
3 points

I host a server, I forward the port, my friends can connect to the open port on the VPN side.

My ISP does not offer port forwarding.

permalink
report
parent
reply
6 points

Someone else pointed out Tailscale; I’ve had luck with free tier VPS+WireGuard.

I have an Oracle one which has worked well. Downside is I did link my CC, because my account was getting deactivated due to inactivity (even using it as a VPN and nginx proxy for my self hosting wasn’t enough to keep it “active”). But I stay below the free allowance, so it doesn’t cost.

That said: as far as anonymity goes, it’s not the right tool. And I fully appreciate the irony of trying to self-host to get away from large corporations owning my data…and relying on Oracle to do so. But you can get a static IP and VPS for free, so that’s something.

permalink
report
parent
reply
3 points

Zerotier could also work for you

permalink
report
parent
reply
6 points

So it’s like a VPN-busta-busta?

What if they have a VPN-busta-busta-busta though?

permalink
report
reply
3 points

Then we have to wait til they drop the legendary VPN-quad-busta

permalink
report
parent
reply
104 points

That’s one of the reasons why I love Mullvad, they actually care about their customers, not just about their bottom line

permalink
report
reply
15 points

I wonder how much of a bottom line they actually have given how cheap their service is.

permalink
report
parent
reply
38 points

I’m pretty sure they are profitable, considering they were founded in March of 2009. You can’t really run a company without profits for 14 years, right? Just routing network traffic isn’t that expensive after all. They are the only ones being honest about it, other VPNs charge way more because they only want to extract money from their customers.

permalink
report
parent
reply
6 points

Cheers. Network related stuff isn’t my forte so I really have no idea about the costs. I just figured that the moment you start adding a decent amount of users the costs will go up, and €5 seems like a really fair price.

permalink
report
parent
reply
63 points

Mullvad is 5 bucks a month and never has promos.

Weigh that against Nord which often has a year for like 15 bucks…

But Mullvad is one of the few that actually seems to care about privacy.

permalink
report
parent
reply
14 points

Oh wow, I had no idea Nord could go that cheap. To me €5 a month felt really inexpensive.

permalink
report
parent
reply
6 points

If only they didn’t bend the knee to the five eyes and drop port forwarding

permalink
report
parent
reply
41 points
*

They got rid of port forwarding to improve the reputation of their IP ranges. That makes it less likely for Mullvad users to get blocked by CDNs like Cloudflare and Akamai when visiting websites. If you want port forwarding, just use AirVPN or rent a VPS and use that. Not sure what you’re talking about, but Mullvad is based in Sweden, which is not a part of the five eyes alliance. It’s a part of 14 eyes, but Sweden has very strong privacy laws, Mullvad even has an entire page about privacy legislation in Sweden: https://mullvad.net/en/help/swedish-legislation

They also have a page that explains how Sweden being part of the 14 eyes alliance doesn’t really affect Mullvad: https://mullvad.net/en/blog/5-9-or-14-eyes-your-vpn-actually-safe

Their office was also raided by prosecutors last year, and they weren’t able to seize any customer information, because Mullvad doesn’t store anything about their customers: https://mullvad.net/en/blog/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised https://mullvad.net/en/blog/update-the-swedish-authorities-answered-our-protocol-request

permalink
report
parent
reply
5 points

you don’t even have a “real” user account with them ffs. I think if they really wanted to fuck people over they’d have introduced mandatory email linked to accounts long ago

permalink
report
parent
reply
3 points

You could always tunnel a publicly routable IP address over your VPN… I.e. https://tunnelbroker.net/

permalink
report
parent
reply
1 point
*

5 eyes shit is dumb pop security anyway. As if the CIA can’t rent colo space in Kazakhstan and market you some extra spooky VPN.

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 15K

    Monthly active users

  • 13K

    Posts

  • 568K

    Comments