Encrypt all the things!

Well PIA works fine, accepts bitcoins and keeps no logs (not required to in the US).

I've been using PIA on Windows, Android, Linux and Chromebook. Works quite nicely and easy to set up, although I'm not sure whether or not it's slowing down my chromebook.

I use https://www.ivpn.net/ nowadays.

Really good performance, pretty simple setup, very affordable.

That's what I need to get working on Windows.

I was running PIA in DD-WRT but my router is too slow. Connection ends up being 10Mbps, on PC it runs at 54 (1 less than my sync)

Looks easy enough. I think I downloaded OpenVPN though, not realising ivpn have their own app.

https://www.ivpn.net/knowledgebase/31/Windows-7---OpenVPN-Setup-Guide.html

Mate asked me about this: https://www.anonine.com/en/user/new

Anyone used them, care to comment?

^mate is an anagram of meta

Lol. Aliens.

I was running PIA in DD-WRT but my router is too slow. Connection ends up being 10Mbps, on PC it runs at 54 (1 less than my sync)

I used an Asus RT-N66U router:
http://www.asus.com/Networking/RTN66U/

I run this firmware:
http://www.lostrealm.ca/tower/node/79

Which is basically the stock firmware plus OpenVPN support. So all of the other interfaces and stuff are exactly as you find in Asus's help site and documentation.

I get about 80% of my network speed using that config. Before I switched to this router I only got just over 10mbps regardless of network speed.

Looks easy enough. I think I downloaded OpenVPN though, not realising ivpn have their own app.

https://www.ivpn.net/knowledgebase/31/Windows-7---OpenVPN-Setup-Guide.html

That's just a bundle of OpenVPN plus the config files to make it easier. It is possible to configure it yourself, or you can just use their bundle.

I use https://www.ivpn.net/ nowadays.

Really good performance, pretty simple setup, very affordable.

Would this work with all ISPs?
(I am thinking of ending my time with Virgin Media and will be investigating zen or A&A)

Works with all ISPs and all devices.

I'm using it with Virgin as Virgin is the fastest in my area by far (no-one else goes above 8MB and Virgin have 100MB).

Cool, I might look in to that - relakks doesn't work with my router.

I used an Asus RT-N66U router:
http://www.asus.com/Networking/RTN66U/

I run this firmware:
http://www.lostrealm.ca/tower/node/79

Which is basically the stock firmware plus OpenVPN support. So all of the other interfaces and stuff are exactly as you find in Asus's help site and documentation.

I get about 80% of my network speed using that config. Before I switched to this router I only got just over 10mbps regardless of network speed.

That's just a bundle of OpenVPN plus the config files to make it easier. It is possible to configure it yourself, or you can just use their bundle.

Hmmm interesting. I'm also tempted with just getting a beagleboard and sticking it between WAN + Router. 1Ghz should be fine for a perm vpn tunnel. Will have to look into this more tbh

oh I have PIA connected perm on my Synology and only get 1Mb there, that's fine though as it stops my NAS from stealing all my bandwidth suddenly (yes I could rate limit, but this works too). It's nice that they allow multiple login's on the same account

If I use IVPN will things like BBC iPlayer recognise me in the uk, for example, and would I be able to watch BBC programmes from abroad?

Sure but it depends on the provider. A lot use the same ISP's as terminating points in the UK and they are banned by BBC.

oh and bandwidth does matter. I get 3Mb/s to UK via PIA but iPlayer just stutters. Instead I use the iPlayer desktop app and just flag the programs I want to watch.

If I use IVPN will things like BBC iPlayer recognise me in the uk, for example, and would I be able to watch BBC programmes from abroad?

Yes.

I have multiple iVPN endpoints set up, and basically flick between them depending on what I want to do.

iPlayer works on the UK connections.
BBC Worldwide works on the US connections.
The Rapha site shows me the Netherlands version.

I tend to use multi-hop if accessing contentious topics (all that NSA news and political stuff), but use single hop most of the time.

There is no noticeable battery drain on mobile from permanently using OpenVPN. I noticed significantly more battery drain when I had my mobile fully encrypted... so now my approach is standard mobile with encrypted (VPN) data communications.

VPN speed depends on processor speed, and mobiles are fine... but this is why routers with cheap chipsets cannot get above 10mbps. The one I linked to above is fine for the speeds I'm able to test with (100mbps).

I guess the only other weirdness I encounter because of VPNs everywhere, is that my home printer is a networked printer, and I need to disable temporarily the router VPN when printing as I swear the thing is trying to spool the print document to some machine in the VPN hosting facility. And that... is literally the only downside to my setup.

hmmm I really need to look at sorting out my home VPN connection. Raspberry PI just can't handle it, my router doesn't seem to either. Synology maxes at 1meg. Wonder what sort of small intel linux box I can get for cheap that will handle ~100->200meg connections encrypted

Just the get the router I mentioned above: http://www.asus.com/Networking/RTN66U/

But if not, it's the CPU, south bridge and networking chipset that matter, and if you want to build your own OpenVPN client/server it's certainly possible to do (there's a hell of a lot of articles on it). Not that those components need to be stellar, they just can't be overly constrained.

I investigated this build-your-own route but ultimately determined that I couldn't be sure that I could achieve throughput for sub £100, and that the next step up (mini computers, Mac mini, Asus mini pc) would all be way more expensive than that router mentioned, and would take an enormous time cost, and cost more power, heat, and noise.

Hence, I investigated small office routers capable of running VPNs and that Asus router came out on top (short of the enormous price leap before you get to equivalent Cisco equipment).

But what through put will it top out at? I'll probably upgrade to 140 soon... Faster if I can

I tested the router at the office, and on the 8MB connection lost about 12% of the bandwidth.

I tested it at home on a 100MB connection, and still only lost 10-15% (varied on multiple tests, but never outside of that range) of the bandwidth.

The rule of thumb is that the VPN will slow your connection by at least 10%. So this router is hitting the highest throughput it could.

Could it continue to hold up to 200MB? I doubt it. The router gets damn hot when I run it at full bandwidth for a while (downloading seriously huge files in a constant queue over several hours).

So I would definitely suspect it will drop off and cap out very soon after 100MB.

As a counter-point, I tried my old router and that capped out at 12MB throughput, and represented a near 90% overhead. It basically couldn't do any more. The embedded CPU was a piece of shit and the designers of that never expected it to be used for encryption, just scheduling.

Once you hit the max throughput everything else is loss, but if you're only losing 10-15% then you're in the accepted overhead range.

If you used a mini PC you would definitely exceed the capabilities of the router, but at the cost of setting everything up yourself, having the heat and power go up, and needing to configure it as a gateway to your router, etc.

How much is that last slither of bandwidth worth it and essential to you?

I couldn't foresee, that if Virgin kept bumping the speed, that I'd actually use that last nth percentile. So I'm fine with an effective 85-90Mbps throughput, and if that proved to be the cap then I'm still happy that I got a reasonable balance between cost and performance.

Of course... if your home computer is always on and it's a Linux, you could just set that up to be the gateway and VPN. But I know what my computer power consumption is and wouldn't want this thing on 24/7

Interesting thread.

I just started reading it and skimmed through: https://www.encrypteverything.ca/index.php?title=Main_Page

I think I've already given most of my info away. Is there any point, or ability to repair the damage?

Also there are some products/services I really like and find useful such as google; chrome, the various chrome ad-ons, google docs, etc. I assume google is the main purveyor of info so is there anything to be done to roll that back?

I think I've already given most of my info away. Is there any point, or ability to repair the damage?

You can't get back or undo that which has already been done.

But you can stop giving more info, and stop fleshing your profile out further. You can basically drop off their web from their perspective, and yet continue to do everything you usually do.

Also there are some products/services I really like and find useful such as google; chrome, the various chrome ad-ons, google docs, etc. I assume google is the main purveyor of info so is there anything to be done to roll that back?

I use those too. I silo them into a little box so that only see that use and nothing else.

How to do this? Split your online life into 2 web browsers.

I use Firefox for 90% of web use, and Chrome for 10% email/docs/maps use.

Firefox is permanently in Private Browsing mode, and I fire up Chrome in "Incognito" mode. Neither remembers a single cookie from one browsing session to the next.

Then I use a VPN to encrypt all traffic, and with Firefox I also use Tor.

The only thing I have to think about, is if I have a link in any email I copy it manually to the Firefox browser.

Hmm, what else? I use DuckDuckGo for search, and the Dolphin browser on my phone.

Basically, I still use Google, but I silo them, deny them a permanent cookie, encrypt all traffic to them, and prevent them seeing everything else I do.

I shall now don my tinfoil hat.