[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

VPN router: which country is best when it comes down to privacy?


#1

I am always setting up an encrypted vpn connection on my vpn router before accessing the workstation and gateway. I have read the guide by Patrick and I am aware that is not recommended. It might even weaken your security. I am just a little paranoid and looking for another layer of security besides me and the Whonix gateway and workstation. Any recommendations? And if so, which country is best to purchase a vps or something similar in for an extra layer of safety.

Always willing to learn. Hopefully somebody can help me along the way.
All tips is highly appreciated :)!


#2

Not sure there is a best country. For starters outside Fourteen Eyes jurisdictions.

If you’re looking for an extra layer other than VPN.

https://whonix.org/wiki/Corridor

Edit:

Should have given this link since your using physical isolation.

https://github.com/rustybird/corridor/

Or if using phisical isolation Qubes-Whonix style.

https://whonix.org/wiki/Corridor


#3

My previous post has been edited.


#4

Yeah and even if not such a country. Does the VPN provider use any cloud services inside a country from that list? Doesn’t help to be incorporated in Iceland to then host VPN services using USA server location cloud providers such as amazon AWS.


#5

Does it help to use a VPN provider in an offshore jurisdiction such as Seychelles? And use only servers on your vpn router that are in offshore locations as well?

Thanks for any helps and tips regarding this matter!


#6

It could be. Does that exist? Do they have actual servers there? How’s server security there?


#7

Some incorporate in Panama, Seychelles, etc.

Mostly I am using NordVPN. They even offer Onion over VPN services (which I don’t use).
Mostly I am setting up a Seychelles or Panama server on my VPN router (just in case).

I found a user review about them online. Please find it below:

### Located in Panama (Safe Jurisdiction, No Data Retention Law)

According to their website (link removed by moderator @0brand), NordVPN was launched 2008 in Panama and is operated by Tefincom co S.A.

For some, this can raise a red flag.

However, that’s common practice.

All (link removed by moderator @0brand) are located in independent countries that don’t share information on logging (Switzerland, Singapore, Caymans, British Virgin Islands and so on).

NordVPN definitely hides this information well enough. And it’s good for their users, too.

However, when I actually paid for the test account to write this NordVPN review, my payment went to CloudVPN Inc (located in the US). So aren’t they really located in Panama like the claim?

To find out, I contacted NordVPN directly and here’s what they wrote to me:

> “Hi Brad,
>
>
>
> First, NordVPN and all the infrastructure we use is being run by Tefincom S.A. and operates under the jurisdiction of Panama.
>
>
>
> CloudVPN is used only as a payment collector in order to improve the acceptance rate, as banks are suspicious towards transactions made to Panama and tend to complicate or terminate such payments. It’s a simple and common practice.
>
>
>
> Our company has absolutely nothing to do with the service itself in the legal or any other matters.”

To be honest – this makes a lot of sense. They are “officially” based in Panama which helps them to avoid any data retention laws.

I don’t know what to think about it. Any advice?

Please don’t post links for advertisements. (@0brand moderator)


#8

Accessing Tor through a VPN will unfortunately be ineffective and provide no extra protection if Tor is broken. VPNs are mostly snake oil. They should be seen as an alternative ISP, but still an ISP with all the implications this has for surveillance. They are only effective against very basic threat models like some random cracker in a coffee shop.

Also since most VPNs are paid you will end up leaving a paper trail. Every billing system is a tracking system. Bitcoin is not anonymous and trying the anonymize coins is a hassle with many risks and no guaranteed privacy.

Accessing Tor via bridges may help in some cases if the guard is malicious.


#9

@Sarah1989 I removed your website link. We have a strict no solicitation policy whether it’s fake Gucci handbags… or ass. Nothing personal.

I also noticed your website encourages people to enter their location to use your services which is dangerous for users of our site. Imagine a situation where a gullible and horny reader comes across your link and gives their location away. Reckless.

PS. This isn’t your pic. There are many advertising posts from you over the web.

Nonetheless you are welcome to post here if you stay on topic.


#10

Not a problem. I totally understand.
It’s not an excuse, but I think it got filled in automatically as I am using an automatic form filler to save some time.

I totally agree that it is reckless from your standpoint. It’s integrated into my script as it will improve my SEO in general. I am in adult marketing and SEO.

I am using a fake identity for my online project as for the moment I do not want to get linked to it.

My sincere apologies for all the inconvenience caused!


#11

Btw we could use SEO help for whonix.org. White hat stuff only. I
recognized that many search terms even obvious stuff like “whonix
windows” links to the wrong page (such as links to
https://www.whonix.org/wiki/Other_Operating_Systems) among probably
other issues someone knowledgeable on SEO would know.


#12

Hi Patrick,

did you checked with Ahrefs already?

I did a quick check up. With my knowledge (not a pro here - apologies!) I noticed that https://www.whonix.org/wiki/Windows_Quick_Start is a relative new page compared to https://www.whonix.org/wiki/Other_Operating_Systems. It has almost no content, no referring domains which makes that it has a lower page authority (less visitors) and therefore Google will rank it lower in the SERP’s.

I made some printscreens, but I don’t think that it is recommended to share here on a public forum.


#13

Please email it to him at adrelanos@riseup.net


#14

If you mean VPN provider hosting their own server (bare metal) then mullvad VPN is the answer: