I’m pissed off. NordVPN requires you to temporarily disable your killswitch to log in after a restart. Over the internet. In a web browser.
This irks me to no end. That is so fucking stupid. There are several options I (not a VPN engineer but a decently thoughtful person) could think of to try to fix this:
Allow super heavily limited connections from anonymous users to access specifically the login server and nothing else. So your killswitch stays on at all times, even during log in.
At least block all ports but 443 during the login process so that people’s torrents don’t start running. I have not experienced this particular problem, but I know that everything in my browser works. Hard fucking pass.
Even better, block all ports, ESPECIALLY 80 and 443, and use an obscure port, changed every software update, to run your SSL through. I searched this to see if it was a thing and it is so much a thing that my top result was talking about VPNs doing this.
Best of all…do both.
I have contacted NordVPN and their support has been horrendous. Their live chat is actually a chatbot which won’t send you to a person. And their email support is basically useless. They just spouted off ad copy to me about why internet killswitches are cool.
The revised blog post(opens in new tab) also goes a bit further in regard to NordVPN’s zero-logs policy by explaining that the company will log a user’s VPN activity if there is a court order to do so: “We are 100% committed to our zero-logs policy – to ensure users’ ultimate privacy and security, we never log their activity unless ordered by a court in an appropriate, legal way.”
here you have straight up dystopian propaganda speak now.
in the very same sentence the company says, that they have a zero logs policy and then they say, that YES we do log everything, that the feds tell us to log.
in other words: this isn’t a vpn, but a meme.
ONLY use court proven 0 logs vpns if you use vpns.
anything else is quite worthless, unless it is all about changing location. but in that case i’d suggest to NOT pay any company and instead run torbrowser for that, which at least CERTAINLY is better than running logging vpns like nordvpn.
Not trying to defend them, but “killswitches” don’t make a whole lot of sense. Apps should be running in containers (network namespaces) or VMs that only have access to the VPN connection.
Maybe that’s too technical for most people, but if you’re afraid your ISP is keeping track of when you login to the VPN or something, you’re ill equipped to deal with that kind of attacker.
I use NordVPN for the last few years and probably will keep using them cause every year around certain times, they run very cheap promotional deals. The lack of kill switch thing doesn’t really bother me cause I run all my torrents in an isolated FreeBSD jail that has pf configured to handle the kill switch thing while still allowing my local LAN traffic.
So uh yeah… run your own firewall instead of relying on a kill switch. It’s probably going to work much better anyway. I trust pf more than whatever software is provided by the vendor cause it’s probably got far less bugs. things like pf and IPFW are very mature firewalls.
I use the command line client and do not have to login with browser.
nordvpn login --legacy
I also use my own firewall rules (iptables) which I run after connecting. This overrides everything nord does so killswitch stays functional (I run nordvpn on router; router itself is never killswitched, only the LAN).
I was using PrivateInternetAccess for years and recently started using NordVPN instead. I only really used my PIA VPN for the SOCKS5 proxy and Nord had more proxy servers so I switched to them.
In my use case, I don’t really need privacy or a killswitch so it doesn’t matter.
This. I hate that I now have to load up my web browser with all its tabs first to be able to log in to get protection for my web browser. I also hate that I have to log in again two or three times a week. I’ve become very disappointed with their service.
I don’t know what an alternate, trusted VPN provider is tho, it’s hard to find solid info. Nord USED to be good, I don’t really trust them anymore.
I don’t want to containerize every app on my computer. The point should be that I don’t have to worry about a drop in VPN service meaning I am unprotected. And I also shouldn’t have to worry about it at startup either.
Now, certain apps like the *arr suite should probably be configured as you say. But my browser should also be private, no?
I’m not afraid of my ISP noticing when I log into VPN. I don’t even know how I could hide that. What I’m worried about is leaking traffic to my ISP. Let’s say I am tormenting a collection of Linux distributions, and I want my torrent client to be always on in he background because I am frequently updating my collection.
I don’t feel safe doing that with my ignorant ISP because they might see bittorrent traffic and get all upset. You see?
PSA: PrivacyTools moved to privacyguides.org a while ago after some sort of drama with the domain owner.
The credibility of the current version of privacytools.io is questionable at best as you can probably tell by the fact it’s covered in affiliate links.
techtuber shilling is clearly more important than INHERENT privacy and security (privacy payment options as you mentioned for example) features :o
now if you excuse me, i’ll go and use my full logs vpn shilled by a techtuber, that i payed for with a fully tracked payment option on my SMR drive, that is cached with good old optane cache, because the very trusty techtubers told me, that this setup is :
“blazing fast and budget friendly!”
https://www.youtube.com/watch?v=6__ZVMfcE3g (this video is jayztwocents shilling for optane garbage with a seagate smr drive, INSTEAD of an ssd. using nonsense “testing” and being misleading in every possible way. nice and horrifying laugh if you are bored)
Where does it say that? Because right now almost that entire website is a big ad for Nord. And this is why I made a post. Nord has shitloads of ad money they are throwing around everywhere.
This is why I made a poor decision. Because people I should be able to trust, like that site, talk about Nord. Shit on Linus if you want, but he is a pretty reliable guy and I didn’t think he’d advertise a shitty nothingburger of a VPN.
So we need to correct the misinformation and get real info out there
Those are good suggestions. I would add that in general crypto is not anonymous unless you purchased it with cash.
Regardless of which VPN is used I wouldn’t trust them to maintain your privacy. For one thing, they are easy targets for mass surveillance operations (known IP blocks to snoop). For another, your IP address is probably the least identifiable thing about you now due to supercookies, browser/device fingerprints etc.