Hey,
This is my first post here. I am interested to know about vpn. I am going to use vpn for myself. But not sure which is better to use free or paid? I want to know your interest here which do you use usually?
Also tell the difference between free and paid?
Hi, sort of depends on what you want to do with your VPN / how you want it configured …
Options;
a. Hub/Spoke configuration - OpenVPN
b. Mesh configuration - tinc
OpenVPN is easier to setup and maintain, and has better cross-platform support. [good for dial-in]
tinc is better for resilience, performance, failover recovery. [good for static / server networks]
Paid options are more likely (IMHO) to give you pain, either technically, in your pocket, or both.
Linux has two IPSEC implementations that will talk to commercial offerings, the one I’m familiar with is “racoon”.
Relatively speaking this is a pig to configure compared to the above two, more difficult to operate, and harder to support.
hth
I don’t think that’s what the OP is asking … I think he means what would probably be more correctly called an anonymising proxy service over an encrypted VPN tunnel.
The kinda thing people use to torrent anonymously (or at least in the hope that the service won’t divulge their IP if/when asked/summonsed), such as:
or
http://mybestvpn.com
(BTW, I’m NOT recommending the above two services … nor do I know what would be their policy on providing IP’s, and/or payment details if they were asked by the authorities … they were purely used above as examples)
or at least in the hope that the service won’t divulge their IP if/when asked/summonsed
Erm, I think hoping that any such services will defy a court order is a false hope … or at least it is if they’re hosted in ‘the west’. I guess if you can find such a service in China or Russia then it may be fairly ‘safe’ … but latency might be a bit of an issue … or of course you could use Tor …
Trouble is if you look at the stuff Snowden is putting out, it’s a job to workout where the NSA/GCHQ don’t already have eyes … (!)
Difference between free and paid…
Some of the paid ones actually ARE in countries unfriendly to the west, and “say” they don’t log IP’s in the first place … some even accept bitcoin payment to anonymise payment too.
but the main reason is probably that less people are likely to be using their bandwidth so you MAY get a faster connection.
But at the end of the day you’re still relying on their word … and as Mad Penguin points out there’s no 100% guarantee that the tunnels contents can’t be monitored anyway.
I’d say they definitely add another layer of security … how reliable that security is though is another question.
Something you should read and note if you live in the UK …
https://torrentfreak.com/sky-customers-receive-new-movie-piracy-threat-letters-150713/
and in particular the pdf they point you at:
https://torrentfreak.com/static/The-Speculative-Invoicing-Handbook.pdf
Unlike in the US, linking any legal infringement to an IP is NOT enough … the crime has to be linked to a PERSON, though whilst this won’t stop the copyright bullies trying to extort money from the IP holder (and they rely on the fact a lot of people just give in and pay), it does mean that under current UK law (and the sorry state, and easy crackability of wireless security) they’d have no way of know for sure it wasn’t a neighbour hijacking your wireless signal where you denied any knowledge.
The copyright bullies know this … they also know and rely on the fact that (according to the pdf linked above) 15 - 40% of people will just pay up, and the above linked PDF suggests that not a single person who has stood up to the bullying has ever seen the inside of a courtroom.
All I’m saying here is KNOW WHERE YOU STAND LEGALLY AHEAD OF TIME … theoretically you could get one of these letters AT ANY TIME even if you’ve done nothing wrong, yet someone else (either in your household but you don’t know who, or a friend you’ve given your wireless key to, or a neighbour that’s “cracked” your wireless key and is piggybacking your IP) that you cannot identify did the infringing.
The point is, if it WASN’T YOU, you have ZERO responsibility (including no responsibility for the the poor state of wireless security in routers) … they’d have to PROVE it was YOU.
(you are also under ZERO obligation to help them figure out who it was)
In short…
Unlike in the US, in the UK you are NOT responsible just because something can be proven to have gone through your router … the burden of proof lies with them to PROVE it was YOU (not your IP) that committed the crime and you’re under no legal obligation to assist them.
Read and take from that what you will 
I’ve used SwissVPN in the past, and have no complaints. It was easy, and fast (unlike TOR), and cheap (like £5 a month or something). I don’t know anything about their security vs. nation states, as I was only trying to “evade” my landlord (who owned the router) in case they were spying on me.
Im using ZPN more than a year. Its free for 10GB of usage per month and supports OpenVPN protocol with AES-256 encryption. Private Internet Access is another choice of mine, but its not free. For torrenting FrootVPN is also a good option because Pirate Bay supported it some time ago.
Ok, just a little clarification, and trust me, this isn’t paranoia;
I took a look at the website for ZPN … I’m trying to think of something that’s riskier than using an outfit like this … but I’m going to need to get back to you … (you do realise that as the traffic is going “through” them, they can intercept everything you do … including https traffic ?! )
For anyone unaware, if someone can get “into” the data path between the client and a server (say your workstation and your bank) then it is actually relatively trivial to run a man-in-the-middle attack, even on an HTTPS connection!! That line you’ve been fed about SSL being “safe” and “trustworthy” … think again.
So general advice, if you’re going to do any online banking, make sure you trust your ISP and/or mobile operator, don’t do it from a coffee shop over WiFi, and never do it over any sort of traffic funnelling system run by someone called Zlatin in Nurenberg (ZPN). I’ve no idea who Zlatin is and he might be a great guy, but if the provider isn’t regulated or subject to UK law, then it really is a bad idea.
Just for the avoidance of doubt, examples of how it’s done;
https://github.com/droe/sslsplit
Also worth a look;
VERY good points, and ones people should be aware of … personally I’ve never used them but not really because I’d thought the security through, more because I figured if they’re free the bandwidth would be rubbish and I didn’t think they’d be particularly anonymous anyway.
I guess something at the back of my mind didn’t trust them without actually giving it much thought.
How’s do those sayings go? … if it seems too good to be true…
and TANSTAAFL
Call me paranoid if you like but I wonder if one or more of these vpn’s might not be run by gchq or the like for covert/nefarious purposes.