Beyond Mullvad: Why Building a Manual Proxy Chain Beats Buying a 'VPN' Subscription
The community overwhelmingly flags Mullvad, Proton, and IVPN as the baseline standard for trustworthy VPN services. These providers are praised for audited status, using AES-256, and operating outside the major 5-Eyes/9-Eyes surveillance spheres.
Disagreement hinges on security overkill. Some voices warn against vendor lock-in, urging users like 'scytale' to never tether multiple services to one vendor. The deep-end takes, notably from 'ken', push past VPN marketing fluff, detailing complex, manually constructed proxy chains designed to mimic true onion routing. Discussions on remote access are abandoning simple VPNs for hardened protocols like WireGuard or Cloudflare tunnels.
The clear consensus leans toward suspicion of convenience. Users actively warn against shady providers, pointing to specific acquisition histories like PIA's. The fault line is clear: basic commercial VPNs are treated with suspicion, while maximum perceived security demands highly technical, multi-layered, and self-managed networking setups.
Key Points
Mullvad, Proton, and IVPN are the gold standard for selection.
Users strongly recommended these vendors due to their reputation, audited status, and jurisdictional placement ('msokiovt').
Acquisitions by questionable tech entities are major red flags.
The community specifically cited naming PIA due to its link to Kape Technologies, labeling it a source of concern.
Reliance on a single VPN provider creates unacceptable single points of failure.
Advisories from 'scytale' emphasize avoiding 'monoculture' by using distinct providers for different sensitive activities.
True security requires manual, layered proxy chaining over commercial simplicity.
'ken' provided deep dives into building manual 'onion circuits' involving multiple proxies, contrasting this with basic VPN features.
Remote access solutions are shifting toward dedicated tunneling protocols.
When securing Home Assistant, experts strongly advocated for Cloudflare tunnels or WireGuard over simple port forwarding.
The term 'VPN' is often used vaguely in marketing materials.
'ken' warned that the term often describes only a local DNS relay or proxy, not full, verifiable encryption.
Source Discussions (3)
This report was synthesized from the following Lemmy discussions, ranked by community score.