Loooking for VPN for Asus 86U?

[HowIFix]

That is fine to have that opinion. Just do not make trivially wrong claims about logging specifically and then pretend to be objective for other VPN services

[PIA] US Jurisdiction = FBI > you (it's common sense)

Do you think a US company (PIA) will fight against the FBI to protect their privacy, if they already have proof of their navigation and just want to make sure it was you, to put you in jail for 20 years...

The same happened with IPVanish (US Jurisdiction like Private Internet Access)

• "No Logs" IPVanish Embroiled in Logging Scandal
• IPVanish “No-Logging” VPN Led Homeland Security to Comcast User

When people can simply Google you for being wrong, it makes people no longer trust a word you post about anything.

I'm 99% sure what you really know is thanks to Google...

Google is like God, has an answer to everything and also knows everything about you.

 

[XIII]

Not so said PCMag

The article you mention refers to public WiFi (not your home network).

Then a VPN indeed makes sense.

 

[HowIFix]

What makes you think going offshore (ex. Panama) will give you added protection (maybe Russia, N. Korea or Iran)? Some of these smaller nations will just hand you in a silver platter if you hide there, even those without extradition treaties. Remember Julian Assange (rape), Kim Dotcom (raid) & Michael Terrence Meiring (bomber)?

My recommendation stay away from any VPN with US Jurisdiction.
I prefer to trust others when it comes to privacy, than the United States.

I hope that you are not victims of the FBI (cyber police hahahaha), because you trusted in your VPN.

This is my last recommendation that I give:

1. Buy 2 VPNs with bitcoin and use these emails to register them: Tutanota or ProtonMail
   
2. Install and use DNSCrypt
3. Create a Virtual machine
4. Use one VPN in your router and another VPN in your computer or VM.
   
5. Use Tor browser in the VM.
6. Enjoy your privacy

2 VPNs:

I recommend two VPNs at the same time, one for your router and another for your computer.
Example:

• VPN.AC or VPNArea on the router and Perfect Privacy on the computer.

Why DNSCrypt:

Wish there was a simple answer....it all depends on who you trust/distrust the most....

A couple of things to consider....

• DNSCrypt has been around the longest. It is a user open spec, but has never been submitted (or planned to be submitted) as a formal RFC.
• How much do you know about the folks running the DNSCrypt servers? Most (all?) of the DNSCrypt servers run by the 'big' providers are logging servers, so that needs to be considered as well.
• DNSCrypt can hide your DNS traffic from both your ISP and VPN provider.
• The VPN provider DNS will hide your DNS traffic from your ISP (if you have your router participating in the VPN), but if you exclude the router the DNS traffic is not VPN encrypted (see above about some potential problems with including the router in the VPN). Your VPN provider technically can see your DNS traffic as it exits the VPN on to the internet.
• Most big VPN providers advertise as non-logging. Where the provider is incorporated may influence how much they can follow their non-logging claim.
• You should also use DNSSEC to validate the server actually being used.
  
• I'm sure there are other consideration I could come up with

So for me, I made the decision to use DNSCrypt (now moving to DoT), router outside of VPN for all my traffic, both VPN and WAN. DNSCrypt enabled, VPN Accept DNS config Disabled.

• Neither my ISP or VPN can monitor my DNS traffic.
• Performance probably near the best from an encryption viewpoint. The routing to the servers contribution to performance???? Need to test. I personally don't linger over DNS performance as long as it's reasonable....most accesses are cached anyway.
• I'm trusting my selected DNSCrypt server to be non-logging as they say it is and that they are following the DNSCrypt user spec (There's that trust thing).
• I say moving to DoT since that has a formal RFC. In the future, I think DoH will become more wide spread after its RFC is finalized (it's currently in draft mode and has some advantages over DoT).
• Side benefit is that things like ABSolution work for both VPN and WAN.

As with many things....intelligent people can have differing opinions....

Other:
I do not recommend NordVPN for illegal things (read my previous posts), I only buy it because it was cheap, to have it as a backup and it is much better than other VPN services and more secure about privacy for now.

At this moment I am using VPN.AC on the computer for testing if it is better than the ExpressVPN application and then I will use it on the router.

 

[sfx2000]

Using a VPN does not provide any additional security for these activities.

Yep, and using a Public VPN still has risk - you'd be surprised at how Nation States can apply a certain amount of pressure until all of a sudden the logs appear. But these days, they don't even have to do that...

Source ------- VPN endpoint ----------- VPN Endpoint -------- Sink

If one does not control both endpoints, there is no privacy, no security, no matter what is implied by the VPN provider.

 

[sfx2000]

My recommendation stay away from any VPN with US Jurisdiction.
I prefer to trust others when it comes to privacy, than the United States.

Stay away from anything that has to do with anything for a US Based Company - and that goes for the Five Eye's as well (US/UK/CA/AU/NZ) - everything is hoovered up there and analyzed and correlated. And that's at the nation state level - then you have CN with their GFW, you've got JP looking at things, because there, there are no laws against this stuff, and big telco like Century Link, ATT, Verizon, NTT, Tata, Reliance, China Telecom, and many others that just carry the big pipes on the internet backhaul.

Then add that big media and big ASP's like Google/Facebook etc, they don't have the same restrictions at the government does.

 

[HowIFix]

If you're right, I had posted it before but to they do not like to read the previous posts.

I recommend you read this:

• 5 Eyes, 9 Eyes, 14 Eyes – Explained | Restore Privacy
• VPN Logs - What You Need to Know | Restore Privacy
• VPNs are Lying About Logs | Restore Privacy
• Which VPN Services Keep You Anonymous in 2018? - TorrentFreak

 

[sfx2000]

If you're right, I had posted it before but to they do not like to read the previous posts.

Yep - and Tor is very vulnerable to certain approaches as well - not just OpenVPN and public providers...

For some entities - it's politics, for others is the money laundering and illicit trades there (e.g. drugs) - and then there is always the big no-no - kiddy pron - which pretty much hits all the buttons there, and ISP's do happily turn over logs when asked on that topic.

Deep Packet Inspection is actually pretty easy these days, it was easy 10 years ago - esp at the Telco/ISP level...

I'm not a tin-foil hat guy... just stating it as it is - VPN is a tool - but if you do not own both ends...

 

[RMerlin]

Not so said PCMag & my bank so I rather use it.

Ask either of them to give you a technical explanation as to why using a VPN provider would increase security. Neither of them seem to understand how these services work if that's what they are telling you.

All these VPN providers do is encrypt the connection between your computer and that VPN provider's server. After that, the unencryupted traffic leaves their server to reach your intended destination. Therefore, the only stages of your connection that gets secured by the VPN is within your local network (useful if using a public wifi hotspot), and through your ISP's network.

In the case of a bank, your entire connection is already encrypted from your computer to your bank's web server. Adding a VPN to encrypt half of that connection isn't gonna add anything to your security.

 

[CaptainSTX]

I just feel it's too risky doing something involving finances when outside without connecting to a VPN network. My wife also works with a finance company doing money stuff. She good in financial planning but not very tech savvy & sometimes connects on public wifi places (Starbucks). Can't take the risk.

Using a VPN when connecting to the Internet in a public space probably does increase security by avoiding man in the middle attacks. Given that the world is being persuaded to use https connections on more and more web sites everyday the protection that a VPN offers is becoming less necessary. As Merlin said for financial sites they are already using https connections.

I like my wife to use the VPN when she connects to public wifi, because as is your wife my wife is not tech savy. I worry about her being suckered in by a phising attack because the AIprotection on our home the router frequently blocking sites that Trend Micro has identified as bad actors when she connects from home with using her Ipad so no telling what she might happen with her devices outside our home.

 

[HowIFix]

I think it has something to do with some of your talking points man. You kept on editing most if not all of your posts so later on it be to be more in line with some of the known snbforum experts' talking points. I'm sure noticed it last night too when I read some of your posts. Some of what you're initially saying doesn't make any sense at all. But I was surprised when later on you just changed them & went along with the experts as if you're singing in a choir. As one member said to me on pm couple of days ago...



You got to stick with your talking points man whether it makes no sense at all. No good flip flopping.

When I edit just add commas or Bold and I try to explain better, but I do not change what I meant in the post....

01. If you say the biggest change was that I said "I do not recommend" to "I do not like" NordVPN or is about PIA (Private Internet Access) be sure that they log.

02. The other change was that IPVanish recommends, because this is a fast VPN, but I regret having recommended that garbage. (They did not want to give me a refund)

 

[RMerlin]

I just feel it's too risky doing something involving finances when outside without connecting to a VPN network. My wife also works with a finance company doing money stuff. She good in financial planning but not very tech savvy & sometimes connects on public wifi places (Starbucks). Can't take the risk.

Does she have the technical know-how to start her VPN connection whenever she goes to a public hotspot tho?

 

[CaptainSTX]

Does she have the technical know-how to start her VPN connection whenever she goes to a public hotspot tho?

She has an APP on her Iphone and Ipad which with Astrill or PIA just requires she slide a big on off button to ON. Even with her limited tech abilities she can handle that since it is just like turning on a light switch.

 

[dylanmitchell]

I'm running Perfect Privacy with Open VPN on my AC86U and it's working well. I set policy routing for my Roku/ streaming to WAN and other devices to VPN since Netflix, Hulu, etc. were blocked. There may be an unblocked site with Perfect Privacy but I want to have it set to a fairly close host for speed.

I tried Express VPN which worked well in L2TP but blocked Netflix. All the Express VPN LA sites (4 of them) and the San Francisco site blocked Netflix and you can't set policy routing with L2TP so you can't bypass the VPN for specific devices. I tried Express VPN with Open VPN but it didn't work. Support said the AC86U had features different enough from the 86U they were having trouble developing the app that would let it work properly and set policies. For me, it's too much work to try to find an unblocked host for streaming and keep changing hosts as they get blocked.

I'd prefer to be running Express VPN with an app for the AC86U and set the Roku to bypass it but they haven't developed the app. And if I'm going to have to bypass the VPN for streaming Perfect Privacy actually seems like the better VPN it's just not known for working with streaming. It is in an EYE country though versus Express VPN.

Know some folks have had success with Express VPN and there are some concerns about Perfect Privacy but none of the VPN's are perfect and you'd need to add in Tor and some more steps for really secure browsing plus run a VPN on the router and computer side. Perfect Privacy's instruction for routers use the AC86U as the example for Open VPN instructions and it's great for everything but streaming.

 

[Geraner]

I would recommend you guys to take a look at the Swedish VPN providers.
They are rock solid.

• Mullvad VPN
• PrivateVPN
• OVPN
• AzireVPN

Non of them is logging your activity. And when using Mullvad you don't even need to register with an e-mail address. You just create a random generated number on their homepage, and pay with bitcoin or whatever you prefer.

Mullvad and AzireVPN even support WireGuard if you want to try this on your Asus RT-AC86U.
Otherwise, all above are working perfectly with their OpenVPN config files as well.

When it comes to my ISP reading my DNS traffic, for this one I have an easy solution.
Buy a Raspberry Pi, install Pi-Hole on it, configure it as I described in my blog, and finally route the traffic from your Pi through the VPN. Then your ISP will not see anything than your connection to your VPN providers server.