It would be cool if there was a reputable open source project that would let people share/buy residential proxy usage, but at the end of the day there's no way to guarantee people aren't doing horrible things with your IP.
They don’t. For instance, Luminati, possibly the best known player in this market, uses HolaVPN users as exit nodes.[1]
[1] https://www.trendmicro.com/vinfo/hk-en/security/news/cybercr...
Don't support them.
I've been contacted by several of those "SDK companies" that basically turn phones and browsers into botnet drones for $0.01 an install.
But i must say using proxy services and other things did not helped us much. Because most of them were banned before we use.
That's risky. What happens to me if someone does something illegal via my connection? How could I prove it wasn't me? Maybe I could win in court by citing my use of something like this, but I really don't want to be dragged into court in the first place even if I end up walking out.
Also, industry leaders like NordVPN and ExpressVPN may engage in P2P routing especially to unblock services like Netflix and Disney+ [1].
HolaVPN unapologetically does this too [2].
All of this is discounting the new-age dVPNs like Orchid (not quite the Tor replacement that was promised [3]) and Mysterium [4].
[1] https://news.ycombinator.com/item?id=21664692
[2] https://news.ycombinator.com/item?id=9614993
Routing arbitrary traffic is plain risky, it is entirely conceivable to be arrested for it, or at least be searched, whether you can explain it away later or not. “Other providers are doing it too” hardly makes it any less risky.
Except Tor (or Whonix or Tails), WireGuard, or ZeroTier are a better option.
All of these allow better management (and therefore control) of routes.
There is a very good reason Usenet does not require uploading, and P2P protocols like BitTorrent are used with a VPN. It provides a reasonable enough protection against a civil actor such as RIAA and MPAA while a determined actor (with more control over the used networks can dig up the data trail. Ie. police in case of serious crimes such as CP.
On a somewhat related note what was the name of the end of 90s pseudonymous network where you had to buy a 'nym' and could renew it for money?
ZT would be useful for this from an oppressed country because it is used by a ton of businesses. You would just look like you were accessing a corporate ZeroTier DVPN from home, which is pretty common these days.
That's better in some ways than Tor. The problem with Tor is if you use it naked then it can be obvious that you're using Tor. Even in countries like the USA I've always been concerned that using Tor might put you in some kind of database. In a very non-free country I'd be really worried about using Tor naked, meaning without running it over something more mundane looking like ZT or Wireguard.
Their answer to the question of 'what happens when a bad actor has their illegal activity routed through my connection' seemed illogical. They claimed that as more people signed up, the proportion of bad actors would decrease [0], which makes no sense to me.
Also, I'm not entirely sure what methods they have taken to stop a bad actor from collecting packets from other users that are routed through the bad actors exit node.
The worst thing IMO is the way it's being presented and marketed. The impression the website gives is that its just like all other VPNs but free, which is very misleading.
[0] https://www.reddit.com/r/Ubuntu/comments/f5y6qg/update_launc...
> No bandwidth caps. No throttling. Stream all day, and download away.
Yes, no caps on the tunneled connection. But it will happily use up your home connection data caps with both your own and other people's traffic.
Then once you run an exit for long enough, your home network will get tor-like treatment from many CAPTCHAs and you'll be blocked from anything on cloudflare.
> FreePN never logs your IP or tracks your activity. (...) FreePN shields your data from prying eyes, giving you peace of mind.
FreePN doesn't log. But anyone running FreePN is welcome to do just that.
It's a perfect tool for that monitoring too. Tor browser at least has lots of extra protections. This one does not, so settig up a tunnel-to-tunnel routing node means you can listen to a lot of interesting things. (Without the liability of being a true exit node)
That'll take a matter of minutes. It doesn't take much to get on googles shitlist as soon as you do any sort of bot activity against their services. I manage to get on it by just searching humanly!
That will happen if you use any VPN,so that's expected.
Our posts a few months back were largely exploratory posts - seeing if there was actually demand for the product (or at least enough to pursue the project!).
Since FreePN is such a technical product, we've been iterating a lot on our messaging. We are still in very early stages, but we do have some mechanisms planned to mitigate the effect of bad actors on the network:
- we plan to build in something similar to HTTPS Everywhere to the product, to automatically upgrade connections (and we only route traffic on ports 80 / 443 (optionally 53)). - we also plan to build in the ability to allow peers to block certain categories of traffic from going over their connection (using blocklists similar to those used by Fortiguard -- so you could block all torrenting sites, as an example).
Early days still, but much to come!
I can see the reasoning here: bad actors will be the first to jump on such a service. They actively search for new services that they might be able to use to pipe their traffic through. Awareness amongst the wider population will grow more slowly, as they aren't for the most part actively looking for it, so as that awareness spreads the ratio of good-to-bad will likely improve.
Though the absolute number of bad actors I expect is enough for me to dismiss ever knowingly installing something like this on any device I own (or allowing it on any network I have some responsibility for), no matter what the good/bad ratio is like.
This is no different than that shady p2p VPN product that was shipped as a browser extension.
Love hearing the feedback from everyone here — some very valid criticisms from a lot of folks — and on a lot of points that have been brought up here, we actually have plans to address. A few bullet points on where we are as an organization / project:
— the marketing copy isn’t set in stone — I’ve been working on the site a bunch recently & it’s very much in flux (we’ve been posting in a few Linux communities to see what the response looks like) — when we posted a few months ago about the project, in all honesty, it was a demand test to see if this would be something worth pursuing — but we’ve been trying to take the feedback from those posts to heart in our development process — we market ourselves as a VPN, but to be clear we _are_ a dVPN (distributed VPN). The peer-to-peer VPN wording on our site is mostly for the sake of simplicity. I’d point most folks to our project README on GitHub for more in-depth technical details. — right now FreePN is structured as a 1-to-1 peer connection, but we eventually plan to build in multi-tenant peer support as well as optional multi-hop routing (similar to Tor) and selective whitelisting of domains so that as a peer you can elect to categorically block certain types of sites — say torrenting. These blocklists would draw from open-source category site-lists like Fortiguard. — we do currently only route web traffic (+ DNS) — so only traffic on ports 80 and 443 is being routed (optionally port 53) — we don’t currently support IPv6 (though we have plans to add support in the future) — we don’t log traffic (you can see in the repo), and while peers logging traffic is a potential concern, that’s only true if you’re using non-HTTPS connections (we have plans to bake in something similar to HTTPS Everywhere, automatically upgrading connections).
As far as our vision for the product — our goal for FreePN is to eventually become a ‘privacy all-in-one’. We started FreePN because we care deeply about internet privacy — but trying to protect yourself online practically is a very technical and time-consuming endeavor (basically — it’s really hard to protect your privacy online, and we’re trying to make it easy). In terms of features, we’re working on building in ad-blocking as our next major milestone.
I’ll do my best to respond to everyone’s questions and concerns here this evening / in the morning & tomorrow as I’m able!
"Every user is exit node" concept in addition to legal question raises more practical questions. What are you going to do if majority for your users (and when you call something "free" the chance increases) will be from countries like China, Russia, Iran and other where government controls and blocks a lot of the websites and services? And I'm talking not about surveillance but about actual block of the IP subnets like Russia did to AWS, DO and GC when they tried to block Telegram.
Also on the website you declare
> No bandwidth caps. No throttling. Stream all day, and download away. Unlike other VPNs, FreePN will never bottleneck your connection.
Sorry but this is simple lie. If we will take Turkmenistan (their internet censorship is better than China's one if you wonder why I take this unknown country) max bandwidth you can get as average citizen is about 2mbps. And there will be users (exit nodes) from TM for sure so for external users there will be bottleneck.
- What happens if someone downloads CP through my home connection?
- How do you plan to block ads with both Chrome and Firefox moving to DNS over HTTPS?
- Right now we're still undecided / exploring different ways of monetizing the product! (something similar to Adblock-Plus though is our leading idea). - We're working on a way to disallow users from acting as exits for certain kinds of traffic - so you'll be able to categorically block certain kinds of sites through the UI in the near future. - Even with DoH on by default in the browser, we can still override / specify a DNS server.
Let me know if you still have questions / any of the above is unclear!
What’s the long term business model then?
We're still exploring different methods of monetization, but leaning towards an Adblock-Plus style model at the moment (but would want to keep any ads we served entirely local / we'd never send any data off device & would want to be as transparent about everything as possible). Personally, I think it keeps our interests best aligned with those of our users & helps keep the focus on preserving user privacy!
Like, goddamn, VPNs aren't THAT expensive. Not compared to, IDK, a lawyer, or missing a day of work because you're in a jail cell, trying to explain to some cop that you installed a program on your computer that let other people you don't know do random stuff on the internet over your internet connection without your own knowledge or involvement, and you aren't complicit in any way...
What’s the advantage of a p2p model instead of a better / stealthy VPN protocol that can’t be blocked, which you can also commercialise?
At a glance sounds like a reinvention of Tor, but less secure.
...and with every client also acting as an exit node, which is kinda a big deal.
How easy is it in this system to force a specific user to use you as their exit node during a targeted attack? Given the state of their website, i am going to guess pretty easy.
You are trying to cater to a privacy-minded audience yet you provide literally no information on how the whole thing works. I don't think you fully understand how crucial a very detailed technical spec is for the adoption of a tool like this.
The first question with any P2P project is if I have any control over other people's traffic that passes through my system. No mention of this anywhere, leave alone a detailed discussion. I saw your replies here on this subject and they are ultimately... inane if you pardon the bluntness. I realize that you mean well, but you are exceptionally naive in terms of how quickly a system like this will be abused to a very severe degree.
Some observations:
* It's not actually a virtual private network, at least by the traditional definition. They route HTTP(S) and DNS traffic only; other protocols (presumably) get routed in the clear.
* IPv6 isn't supported at all.
* I might be missing it, but I can't find any cryptographic design documents or a threat model anywhere. A quick repo search doesn't even bring up any cryptographic primitives, which makes me wonder about malicious peers.
It's good to have more competition in this space, so I'd like to be wrong (or eventually wrong, feature-wise) about all of the above. But if I'm right, this is roughly the same as using a SOCKS proxy (and maybe a bit worse, if any other peer can futz with your traffic).
* Shelling out[1] to some tool that may be responsible for all of the heavy networking bits[2]
* Falling back on a non-monotonic clock but calling it monotonic[3]
* Another sketchy shellout[4] that calls a bunch of scripts with trivial interpolation/injection bugs[5]. It's not clear if the arguments passed to those scripts are remotely controllable, but it's sketchy.
[1]: https://github.com/freepn/fpnd/blob/eda6536754d35224ca773ba9...
[2]: https://github.com/zerotier/ZeroTierOne
[3]: https://github.com/freepn/fpnd/blob/eda6536754d35224ca773ba9...
[5]: https://github.com/freepn/fpnd/blob/eda6536754d35224ca773ba9...
If you for a minute think this / your IP address will not be misused to scrape, grief, DDoS, up & download "questionable content", you are very wrong.
/s
What is your business model?
I understand that you don't need servers, because your users supply that part, but who pays for development, support, and all that stuff?
ZeroTier is actually quite good. I've used it successfully in/for enterprise-grade services.
Also, unlike SoftEther, we don't depend on volunteers for our network - the network is largely made up of the users themselves!
