VPN router: which country is best when it comes down to privacy?

I am always setting up an encrypted vpn connection on my vpn router before accessing the workstation and gateway. I have read the guide by Patrick and I am aware that is not recommended. It might even weaken your security. I am just a little paranoid and looking for another layer of security besides me and the Whonix gateway and workstation. Any recommendations? And if so, which country is best to purchase a vps or something similar in for an extra layer of safety.

Always willing to learn. Hopefully somebody can help me along the way.
All tips is highly appreciated :)!

Not sure there is a best country. For starters outside Fourteen Eyes jurisdictions.

If you’re looking for an extra layer other than VPN.

https://whonix.org/wiki/Corridor

Edit:

Should have given this link since your using physical isolation.

https://github.com/rustybird/corridor/

Or if using phisical isolation Qubes-Whonix style.

https://whonix.org/wiki/Corridor

My previous post has been edited.

Yeah and even if not such a country. Does the VPN provider use any cloud services inside a country from that list? Doesn’t help to be incorporated in Iceland to then host VPN services using USA server location cloud providers such as amazon AWS.

Does it help to use a VPN provider in an offshore jurisdiction such as Seychelles? And use only servers on your vpn router that are in offshore locations as well?

Thanks for any helps and tips regarding this matter!

It could be. Does that exist? Do they have actual servers there? How’s server security there?

Some incorporate in Panama, Seychelles, etc.

Mostly I am using NordVPN. They even offer Onion over VPN services (which I don’t use).
Mostly I am setting up a Seychelles or Panama server on my VPN router (just in case).

I found a user review about them online. Please find it below:

### Located in Panama (Safe Jurisdiction, No Data Retention Law)

According to their website (link removed by moderator @0brand), NordVPN was launched 2008 in Panama and is operated by Tefincom co S.A.

For some, this can raise a red flag.

However, that’s common practice.

All (link removed by moderator @0brand) are located in independent countries that don’t share information on logging (Switzerland, Singapore, Caymans, British Virgin Islands and so on).

NordVPN definitely hides this information well enough. And it’s good for their users, too.

However, when I actually paid for the test account to write this NordVPN review, my payment went to CloudVPN Inc (located in the US). So aren’t they really located in Panama like the claim?

Screen-Shot-2017-10-26-at-19.53.29-1024x492.jpg1024×492

To find out, I contacted NordVPN directly and here’s what they wrote to me:

> “Hi Brad,
>
>
>
> First, NordVPN and all the infrastructure we use is being run by Tefincom S.A. and operates under the jurisdiction of Panama.
>
>
>
> CloudVPN is used only as a payment collector in order to improve the acceptance rate, as banks are suspicious towards transactions made to Panama and tend to complicate or terminate such payments. It’s a simple and common practice.
>
>
>
> Our company has absolutely nothing to do with the service itself in the legal or any other matters.”

To be honest – this makes a lot of sense. They are “officially” based in Panama which helps them to avoid any data retention laws.

I don’t know what to think about it. Any advice?

Please don’t post links for advertisements. (@0brand moderator)

Accessing Tor through a VPN will unfortunately be ineffective and provide no extra protection if Tor is broken. VPNs are mostly snake oil. They should be seen as an alternative ISP, but still an ISP with all the implications this has for surveillance. They are only effective against very basic threat models like some random cracker in a coffee shop.

Also since most VPNs are paid you will end up leaving a paper trail. Every billing system is a tracking system. Bitcoin is not anonymous and trying the anonymize coins is a hassle with many risks and no guaranteed privacy.

Accessing Tor via bridges may help in some cases if the guard is malicious.

@Sarah1989 I removed your website link. We have a strict no solicitation policy whether it’s fake Gucci handbags… or ass. Nothing personal.

I also noticed your website encourages people to enter their location to use your services which is dangerous for users of our site. Imagine a situation where a gullible and horny reader comes across your link and gives their location away. Reckless.

PS. This isn’t your pic. There are many advertising posts from you over the web.

Nonetheless you are welcome to post here if you stay on topic.

Not a problem. I totally understand.
It’s not an excuse, but I think it got filled in automatically as I am using an automatic form filler to save some time.

I totally agree that it is reckless from your standpoint. It’s integrated into my script as it will improve my SEO in general. I am in adult marketing and SEO.

I am using a fake identity for my online project as for the moment I do not want to get linked to it.

My sincere apologies for all the inconvenience caused!

Btw we could use SEO help for whonix.org. White hat stuff only. I
recognized that many search terms even obvious stuff like “whonix
windows” links to the wrong page (such as links to
Anonymize Other Operating Systems) among probably
other issues someone knowledgeable on SEO would know.

Hi Patrick,

did you checked with Ahrefs already?

I did a quick check up. With my knowledge (not a pro here - apologies!) I noticed that Whonix for Windows, macOS, Linux inside VirtualBox is a relative new page compared to Anonymize Other Operating Systems. It has almost no content, no referring domains which makes that it has a lower page authority (less visitors) and therefore Google will rank it lower in the SERP’s.

I made some printscreens, but I don’t think that it is recommended to share here on a public forum.

Please email it to him at adrelanos@riseup.net

If you mean VPN provider hosting their own server (bare metal) then mullvad VPN is the answer:

https://www.mullvad.net/en/features/

What kind of guide is we talking about here? Is there any mention in it that:
1 VPN ON ROUTER worsens security?
or maybe
2 IN GENERAL, a VPN BEFORE TOR worsen security?

7 years later! Still its a valid question, the web is closing up fast for tor users unfortunately.

I am blocked for most things that I would really like to keep private, such as streaming, social media, forums etc.. Without paying for a proxy (as mentioned above, leaves a paper trail) I found socks5 proxies from Git, then just installed foxyproxy only on Donut Browser (anti-forensic browser) in Whonix.
Now I know Whonix advises against using other browsers in Whonix, but this seems to get through and gives random fingerprints on the scanning sites I have checked.

If there is something dangerous or glaringly obvious I have missed here?

This is routing all of your traffic through Tor first and then through the SOCKS proxies you’ve chosen. Many of the concerns from Combining Tunnels with Tor apply.

(My initial concern is that you’re trusting the socks5 proxies you use to be non-malicious, since all your traffic is being routed over them after going through the Tor network. The proxy can see the full content of any non-encrypted traffic that goes through them, and may be able to perform timing and traffic analysis attacks on encrypted traffic.)

Your post is a reply to a post by user James369?

Yes.

Thanks for your feedback. Even if those proxies are malicious. The fact that I am going through Tor first and then through them to the web would still be not as bad as directly going through them from my ip, as all they would see is the tor-exit node (encrypted) and then of course the sites that I am visiting? I wish there was some other way to get around these annoying tor blocks that are making it increasingly difficult.