this post was submitted on 13 Apr 2025
21 points (92.0% liked)

Privacy

5762 readers
16 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
[email protected]
21
Recommend a VPN with residential exit IPs (lemmy.world)
submitted 3 days ago by [email protected] to c/[email protected]
30 comments fedilink hide all child comments
 

Some friends have safety concerns that mean they need to appear digitally as if they're inside the USA while being elsewhere physically. Standard commercial VPNs are easy to detect (else I'd recommend Mullvad), so they need an option that looks like a residential connection.

They could potentially DIY it by leaving a VPN server at a relative's house, but I'm asking here for subscription services. It's best if they have a Mac OS app that's foolproof, with a clear visual indication that it's in use, and a feature to block traffic if the VPN is disconnected.

tl;dr: what's the closest residential VPN to Mullvad?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 3 days ago* (last edited 3 days ago) (2 children)

If safety is involved you want Tor. No VPN is good enough to protect life. You want a hardened Tor browser with the proper obscurity options turned on so it looks like regular traffic. Also turn off JavaScript by setting the security settings to max.

I would use a snowflake since those are run by individuals

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago) (2 children)

Not the first time I've read that, and I don't doubt it, but why is Tor better? Is it because the VPNN is a single point of failure?

Let's say someone uses a strongly secured and sandboxed browser alongside a trustworthy VPN, what specifically would make Tor better?

[–] [email protected] 1 points 2 days ago

TOR is designed to resist surveillance and censorship by ISPs or national governments. Communications are encrypted in transit, and there's no way for a node to tell whether it's talking to another relay node or the end user.

It's fairly easy for a website to detect that a user is accessing it via TOR; there are lists of exit nodes like this one which a firewall or intrusion detection system can update programmatically. Many websites block or limit access via TOR using such lists, making it unsuitable for use cases such as the one I'm discussing.

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago)

The Tor browser is designed to appear identical to web sites so it is harder to fingerprint. Combine that with the three hop routing and it is very hard to pin point a user. Tor also has strong anticensorship tools that can be activated with a single click. It also has Onion sites which are extremely hard to track and do not pass over the clearnet.

VPNs are not and have never been particularly useful from a privacy perspective. You would need to trust the VPN provider which is faulty due to the fact that you have no way of knowing what the VPN provider is doing. Also your traffic still passes over the internet after it leaves the VPN provider so there still are ISPs involved. VPNs are really useful for changing your IP address and bypassing censorship. There is no other use case despite all the marketing.

The real way to get better privacy on the internet is to use https only and to setup encrypted DNS.

[–] [email protected] 3 points 3 days ago (1 children)

This is a concern about a remote employer detecting that they're working from outside the USA, not surveillance. TOR is not an appropriate solution.

[–] [email protected] -4 points 3 days ago (2 children)

They are going to find out regardless. Stop trying to cheat the system as that's crazy in so many ways.

[–] [email protected] 2 points 2 days ago (1 children)

The system already cheats us. It's literally designed to.

But yeah, they'll find out at some point if they're really looking.

[–] [email protected] 1 points 2 days ago (1 children)

It is bold to criticize the system while actively trying to commit fraud.

[–] [email protected] 1 points 2 days ago

As long as you were paying taxes to the US, the state, and the county you're working in, I'm not sure who would have standing to claim fraud.

You'd get fired for sure.

And I personally would never do it. But I also have no sympathy for corporations making wacky rules.

[–] [email protected] 4 points 3 days ago (1 children)

They are going to find out regardless

Probably not. This is the sort of organization that will do the bare minimum to tick a compliance checkbox and no more. That likely includes IP geolocation and maybe checks against well-known datacenter IPs. It's very unlikely to include latency checks, and does not include monitoring agents on remote machines. My friends have accepted there's some risk of employment loss, but would prefer to mitigate it.

Stop trying to cheat the system

Fuck the system.

[–] [email protected] 0 points 2 days ago (1 children)

You are talking about fraud. I'm not about to help you commit a crime. If a company wanted someone from abroad they wouldn't restrict it to US only.

[–] [email protected] 0 points 2 days ago

I couldn't care less what the employer wants. This almost certainly doesn't violate any criminal laws, but could lead to loss of employment.

I care that my friends can be somewhere they're physically safe while making enough money to be OK.