Most active commenters
  • kragen(4)
  • some_random(4)

←back to thread

Ask HN: The government of my country blocked VPN access. What should I use?

1308 points rickybule | 18 comments | 28 Aug 25 16:43 UTC | HN request time: 0.001s | source | bottom

Indonesia is currently in chaos. Earlier today, the government blocked access to Twitter & Discord knowing news spread mainly through those channels. Usually we can use Cloudflare's WARP to avoid it, but just today they blocked the access as well. What alternative should we use?
Show context
reisse ◴[28 Aug 25 18:30 UTC] No.45055399[source]
You've come to a wrong place to ask. Most people here (judging by recommendations of own VPN instances, Tor, Tailscale/other Wireguard-based VPNs, and Mullvad) don't have any experience with censorship circumvention.

Just look for any VPNs that are advertised specifically for China, Russia, or Iran. These are the cutting edge tech, they may not be so privacy-friendly as Mullvad, but they will certainly work.

replies(13): >>45055555 #>>45055571 #>>45055581 #>>45055597 #>>45055621 #>>45055623 #>>45055738 #>>45055751 #>>45055839 #>>45056181 #>>45056448 #>>45056670 #>>45056859 #
1. kragen ◴[28 Aug 25 19:00 UTC] No.45055738[source]
VPNs that are advertised are for-profit products, which means:

1. They are in most cases run by national spy agencies.

2. They will at least appear to work, i.e., they will provide you with access to websites that are blocked by the country you are in. Depending on which country's spies run the system, they may actually work in the sense of hiding your traffic from that country's spies, or they may mark you as a specific target and save all your traffic for later analysis.

My inclination is to prefer free (open-source) software that isn't controlled by a company which can use that control against its users.

replies(3): >>45055752 #>>45055794 #>>45056086 #
2. some_random ◴[28 Aug 25 19:02 UTC] No.45055752[source]
Do you have any evidence for either of these claims?
replies(3): >>45055787 #>>45056520 #>>45070091 #
3. Daishiman ◴[28 Aug 25 19:05 UTC] No.45055787[source]
It is absolutely self-evident that VPNs are considered high-value targets and that all spy agencies invest a chunk of resources to go after high-value targets.
replies(2): >>45056027 #>>45065577 #
4. tiahura ◴[28 Aug 25 19:06 UTC] No.45055794[source]
For 99% of use cases - piracy and porn, does that matter?
replies(1): >>45056166 #
5. gnfargbl ◴[28 Aug 25 19:26 UTC] No.45056027{3}[source]
I would invite you to read again the two claims made, and consider whether your statement actually addresses the veracity of either.

To be a little trite: we all agree that chickens like grain, but it does not follow that a majority of grain producers are secretly controlled by a cabal of poultry.

replies(1): >>45058457 #
6. reisse ◴[28 Aug 25 19:30 UTC] No.45056086[source]
Well, you have to host your free open-source VPN software somewhere. And then, (N. B.: technical and usability stuff aside, I'm talking only about privacy bits here) everything boils down to two equally nightmarish options.

First, you use well-known cloud or dedicated hoster. All your traffic is now tied to the single IP address of that hoster. It may be linked to you by visiting two different sites from the same IP address. Furthermore, this hoster is legally required to do anything with your VPN machine on demand of corresponding state actors (this is not a speculative scenario; i. e. Linode literally silently MitMed one of their customers on German request). Going ever further, residential and company IPs have quite different rules when it comes to law enforcement. Seeding Linux ISOs from your residential IP will be overlooked almost everywhere (sorry, Germany again), but seeding Linux ISOs from AWS can easily be a criminal offense.

Second, you use some shady abuse-proof hosting company, which keeps no logs (or at least says that) and accepts payments in XMR. Now you're logging in to your bank account from an IP address that is used to seedbox pirate content or something even more illegal, and you still don't know if anyone meddles with your VPN instance looking for crypto wallet keys in your traffic.

VPN services have a lot of "good" customers for a small amount of IP addresses, so even if they have some "bad" actors, their IPs as a whole remain "good enough". And, as the number of customers is big, each IP cannot be reliably tied to a specific customer without access logs.

replies(1): >>45056225 #
7. jacobgkau ◴[28 Aug 25 19:36 UTC] No.45056166[source]
This thread's not about that 99% use case.
8. kragen ◴[28 Aug 25 19:42 UTC] No.45056225[source]
Tor is a third option, at least as one layer, and seeding Linux ISOs is not, to my knowledge, a criminal offense in any jurisdiction, not even in China. I don't know where you got that idea.
replies(1): >>45056434 #
9. close04 ◴[28 Aug 25 20:03 UTC] No.45056434{3}[source]
I read that as a euphemism for piracy.
replies(1): >>45057361 #
10. jack_pp ◴[28 Aug 25 20:11 UTC] No.45056520[source]
From gemini.. (edited for brevity)

Kape Technologies Owns: ExpressVPN, CyberGhost, Private Internet Access, Zenmate

> is there any suspicion that Kape Technologies is influenced or has ties to the Mossad?

Yes, there is significant suspicion and public discussion about Kape Technologies having ties to former Israeli intelligence personnel. While a direct operational link to Mossad has not been proven, the concerns stem from the company's history, its key figures, and their backgrounds.

...

Kape Technologies is owned by Israeli billionaire Teddy Sagi. While Sagi himself does not have a documented intelligence background, his business history, which includes a conviction for insider trading in the 1990s, has been a point of concern for some privacy advocates. The consolidation of several major VPN providers under his ownership has raised questions about the potential for centralized data access.

----

Sure there isn't direct proof but there wasn't any proof the CIA was driving drug trade while it was happening. Proof materializes when the dust settles on such matters.

replies(1): >>45065889 #
11. kragen ◴[28 Aug 25 21:40 UTC] No.45057361{4}[source]
Pirating Linux ISOs is legal, though.
replies(2): >>45058043 #>>45066114 #
12. Gander5739 ◴[28 Aug 25 23:08 UTC] No.45058043{5}[source]
Piracy is by definitin illegal, no?
13. rl3 ◴[29 Aug 25 00:10 UTC] No.45058457{4}[source]
>... but it does not follow that a majority of grain producers are secretly controlled by a cabal of poultry.

That's precisely what someone who's in on it would say.

14. some_random ◴[29 Aug 25 15:44 UTC] No.45065577{3}[source]
Yeah obviously, do you think that's evidence that every single one is a honeypot?
replies(1): >>45069790 #
15. some_random ◴[29 Aug 25 16:06 UTC] No.45065889{3}[source]
Israel has universal conscription and anyone smart enough to get out of hauling a rifle around in the hot sun is going to leap at any chance to do so. So some kind of intel background among tech people in Israel isn't nearly as meaningful as it is in other countries where joining the IC is a very deliberate choice.

But more importantly, you can't just make grandiose claims (especially about privacy tools!) then just say "Proof materializes when the dust settles on such matters". You can claim that about literally anything.

16. some_random ◴[29 Aug 25 16:24 UTC] No.45066114{5}[source]
It's not actually Linux ISOs that they're pirating.
17. Daishiman ◴[29 Aug 25 21:47 UTC] No.45069790{4}[source]
No. You don't need to compromise every single VPN, just enough that the investment makes sense.
18. kragen ◴[29 Aug 25 22:23 UTC] No.45070091[source]
It sounds like you're in the habit of deciding what to believe based on evidence. This will serve you well. But it also sounds like you're in the habit of getting that evidence from people who stand to gain from changing your mind—people like subordinates, entrepreneurs, marketers, politicians, and influencers. In time, you will find that this will serve you less well, because selective choices of evidence can make a fairly convincing case for most things that aren't true.

Probably if you investigate the question you will come to the same conclusion I did; I don't have any special access to non-public evidence. Maybe you won't, which is fine with me. I don't have anything to sell you, so your opinion doesn't really affect me.