Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-06-12 08:42:59 -04:00
Code Issues Projects Releases Packages Wiki Activity

doubling up vpn

Browse source
This commit is contained in:
anarsec 2024-04-27 14:08:21 +00:00
parent f676285aae
commit d938fb3dee
No known key found for this signature in database
3 changed files with 15 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

4
content/posts/grapheneos/index.md
View file

@ -171,9 +171,9 @@ It is best to force all of GrapheneOS's network traffic through a [VPN](/glossar
There are two ways you can run a VPN: from your phone or from your networking device (either a router or a hardware firewall). When using your phone from home, we recommend the latter.
You don't want to "double up" a VPN — if its running on your networking device, it shouldn't be running on your phone, and vice-versa. This means that a phone running a VPN should disable it before connecting to Wi-Fi configured with a "VPN Kill Switch", or alternatively, connect to a non-VPN Wi-Fi.
It's unnecessary to "double up" a VPN — if its running on your networking device, it doesn't need to be running on your phone, and vice-versa. This means that a phone running a VPN should disable it before connecting to Wi-Fi configured with a "VPN Kill Switch".
If you ever use the phone away from home, you should configure GrapheneOS to force all network traffic through a VPN — install the VPN app in every user profile. All standard GrapheneOS connections will be forced through the VPN (except for [connectivity checks](https://grapheneos.org/faq#default-connections), which can be optionally [disabled](https://privsec.dev/posts/android/android-tips/#connectivity-check)). Note that **Always-on VPN** and **Block connections without VPN** are enabled by default on GrapheneOS. Keep in mind that you will have to disable the VPN app before connecting to your home's "VPN Kill Switch" Wi-Fi.
If you ever use the phone away from home, you should configure GrapheneOS to force all network traffic through a VPN — install the VPN app in every user profile. All standard GrapheneOS connections will be forced through the VPN (except for [connectivity checks](https://grapheneos.org/faq#default-connections), which can be optionally [disabled](https://privsec.dev/posts/android/android-tips/#connectivity-check)). Note that **Always-on VPN** and **Block connections without VPN** are enabled by default on GrapheneOS. Keep in mind that you'll want to disable the VPN app before connecting to your home's "VPN Kill Switch" Wi-Fi.
If you can afford to pay for a VPN, we recommend both [Mullvad](https://www.privacyguides.org/en/vpn/#mullvad) and [IVPN](https://www.privacyguides.org/en/vpn/#ivpn). Otherwise, you can use RiseupVPN, although it has far fewer users to blend in with, and it doesn't meet several important [security criteria for VPN providers](https://www.privacyguides.org/en/vpn/#criteria), such as published security audits of its code and infrastructure. A VPN subscription should be purchased anonymously — vouchers are available from [Mullvad](https://mullvad.net/en/blog/2022/9/16/mullvads-physical-voucher-cards-are-now-available-in-11-countries-on-amazon/) and [IVPN](https://www.ivpn.net/knowledgebase/billing/voucher-cards-faq/) to purchase the subscription anonymously without [Monero](https://www.privacyguides.org/en/cryptocurrency/#monero).