After making a post about comparing VPN providers, I received a lot of requested feedback. I've implemented most of the ideas I received.

Providers

• AirVPN
• IVPN
• Mozilla VPN
• Mullvad VPN
• NordVPN
• NymVPN
• Private Internet Access (abbreviated PIA)
• Proton VPN
• Surfshark VPN
• Tor (technically not a VPN)
• Windscribe

Notes

• I'm human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I've tried my best.
• Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled "annually". AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
• Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They've released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It's not unreasonable to add this to the list.
• Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
• The age of a VPN isn't a good indicator of how secure it is. There could be a trustworthy VPN that's been around for 10 years but uses insecure, outdated code, and a new VPN that's been around for 10 days but uses up-to-date, modern code.
• Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
• All of the VPNs claim a "no log" policy, but there's some I trust more than others to actually uphold that.
• Tor is special in the port forwarding category, because it depends on what you're using port forwarding for. In some cases, Tor doesn't need port forwarding.
• Tor technically doesn't have a WireGuard profile, but you could (probably?) create one.

Takeaways

• If you don't mind the speed cost, Tor is a really good option to protect your IP address.
• If you're on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you're paying month-by-month, Mullvad VPN still can't be beat.
• If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don't require any personal information to use. And Tor, of course.

ODS file: https://files.catbox.moe/cly0o6.ods

I made a spreadsheet comparing different open source VPN providers.

Part 2 here

Providers

• IVPN
• Mozilla VPN
• Mullvad VPN
• NymVPN
• Proton VPN

Notes

• Please do not start a flame war about Proton.
• Please do not start a flame war about cryptocurrencies. Monero is the only cryptocurrency listed because of its privacy.
• The very left column is the category for each row, the middle section is the various VPN providers, and the right section is which VPNs are the best in each category.
• IVPN has two differing plans, which is why "Standard" and "Pro" are sometimes differentiated.
• For accounts, "Generated" means a random identifier is created for you to act as your account, "Required" means you must sign up yourself. Proton VPN allows guest use under specific conditions (e.g. installed from the Google Play Store), but otherwise requires an account.
• Switzerland is seen as more private than Sweden. Gibraltar is seen as privacy neutral.
• All prices are in United States Dollars. Tax is not included.
• Pricing is based on the price combination to achieve the exact time frame. For example, Proton VPN does not have a 3 year plan but you can achieve 3 years by combining a 2 year plan with a 1 year plan.
• The availability section is security based. Availability is framed around a GrapheneOS and secureblue setup.
• The Proton VPN Flatpak is unofficial, but based on the official code.
• Availability on secureblue is based on the ujust install-vpn command. Security features must be disabled on secureblue in order to use the GUI for IVPN and Mullvad VPN, but not for Proton VPN. Mozilla VPN and NymVPN are available as Flatpaks, which are safer than layering packages.
• I wanted to include more categories, such as which programming languages they are written in, connection speed, and security, but that became far too difficult and complex, so I decided to omit those categories.

Takeaways

• NymVPN is very very new, but it's off to a strong start. It wins in almost every category. I actually hadn't heard of it until I started this project.
• If you want a free VPN, Proton VPN is the only one here that meets that requirement.
• If you want to pay week-by-week, IVPN is the only one that allows that.
• If you're paying month-by-month on a budget, Mullvad VPN is the cheapest option.
• NymVPN is the cheapest plan for anything past 1 month.
• If you want to use Accrescent as your main app store, IVPN is the only VPN available there for now.
• If you want to pay for a bundle of apps, including a VPN, Proton sells more than just a VPN.
• Mozilla VPN is terrible. The only thing it has going for it is a verified Flatpak, but NymVPN also has that so it doesn't even matter.

I would spend the time to write this in my usual lovely article style, but I'm too upset to do that right now. To put it bluntly: email and phone numbers suck. They both need to die.

Emails

Security

Email, like many other protocols, was not originally designed with privacy or security in mind. You can get "less bad" email providers such as Proton Mail or Tuta Mail, but those only have basic privacy when contacting other emails using the same provider.

Email is one of many protocols designed in the early days of the internet before privacy and security were considered. Since then, there have been Band-Aid solutions added to email to give it some semblance of security, but it is still fundamentally insecure. It lacks many of the features that modern communication protocols like the Signal Protocol and SimpleX Chat Protocol have.

Aliases

One major flaw with emails is that people commonly use the same email for everything. That not only becomes a unique identifier, but it makes it nearly impossible to fight spam and puts all your accounts at risk if your email is breached.

A solution was created to fix this problem in the form of email aliasing services such as addy.io or SimpleLogin. These services allow you to create a large number of random email addresses that all forward to your real email address. This allows you to avoid using a unique identifier for every website, and block spam by simply disabling the email alias.

Email aliasing is great... when it's accepted. Many services have begun blocking email aliases because aliasing eliminates a unique identifier. People (allegedly) use aliasing to create multiple accounts to abuse free services.

Overuse

Email is required to sign up on almost every website. As mentioned previously, it has many security flaws and email aliasing only partially helps. Websites abuse the fact that emails are supposed to be a unique identifier, so they use it for things like multi-factor authentication or login alerts. Neither of those are what email was designed for, and you only end up putting your account at risk by using it compared to authenticator apps like Aegis Auth or Ente Auth.

Email is also used to sign up for news letters, receive shipping alerts, send sensitive information for jobs and job applications, contacting most businesses, even logging into some computers. All of these pose a risk if you don't use email aliasing or if your email is breached. What upsets me most is seeing open source software requiring email addresses, like GitLab, Codeberg, many Lemmy instances, etc. These shouldn't request anything past a username and a password.

Email overuse has gotten so bad that many disposable email services like Maildrop have been created in order to generate throwaway emails to get past authwall screens. These should never be used for real accounts because anyone can access them and, as I mentioned before, most websites will allow you to login only by verifying your email.

Anonymous Email

Email providers are being hit with mass sign-ups because of how often email is used. Because of this, many email providers block you from signing up if you are connected to a VPN or Tor. This means that in order to create a single email address to do almost anything across the internet, you must give away your IP address to the email provider first, effectively deanonymizing yourself. The internet was supposed to be built to be free, but giving away your personal information to access content doesn't sound very free to me.

Kill Emails

Emails are outdated, overused, and not private. They were never designed to be (ab)used the way they are right now. Even something as simple as setting up Git or GnuPG asks for your email, or signing up for a local event. This needs to stop. Using fake emails doesn't solve the underlying problem.

Phone Numbers

Gratis

If you thought free emails were bad, imagine paying to have your privacy disrespected. A single phone number will cost you a monthly subscription, even if you only need to receive a single text. Prepaid SIM cards are becoming a dying art, especially in the United States. Most mobile phone operators will make you buy and activate an eSIM, which requires an egregious amount of personal information to activate (including email). Most payphones have been abolished too, meaning you can hardly pay by the minute anymore.

Security

Phone numbers don't even pretend to be private or secure. It's sent unencrypted to anyone with a $15 antenna, and intercepted by almost every government in the world. Salt typhoon showed just how abysmal cellular security really is. RCS and iMessage are slight steps up in terms of privacy (providing at least some encryption), but it barely provides any protection.

Phone numbers in this respect are even worse than email. SS7 attacks can trivially intercept communications by anyone without any user interaction. That is an easy way to grab multi-factor authentication codes sent via SMS. Despite all of these known issues, people still insist on using phone numbers for almost everything.

Aliases

While not free, you can use services such as MySudo to create phone number aliases. These aliases are really just real phone numbers, all of which you own. Unfortunately, these phone numbers are VoIP numbers, which many services block.

Overuse

Like emails, phone numbers are used in a lot of applications. Because they cost money, they are a better unique identifier than emails, since people are less likely to own multiple. Phone numbers may be required to create accounts, apply for jobs, do almost anything government related, and much more. All of this is done unencrypted and intercepted.

My favorite: in many places, you have to use a phone to contact non-emergency services. The homeless and other people who can't afford phone numbers are unable to report crimes since there are no pay phones. Even visiting the police station in person will get you turned away and told that you must call (speaking from experience) no matter how much you try to convince them.

Thankfully, many times when a phone number is asked for you can put in a fake phone number without risk. For many applications, throwaway number services will also work. Applying for jobs, a lot of the time you will be asked for your phone number. If you simply inform them that you do not have a phone number, most will accept that or (at worst) give you a funny look. I would prefer email when applying for jobs anyways since you aren't sprung with a sudden call.

Anonymous Phone Numbers

The only way to get an anonymous phone number (without risking buying second hand) is to buy a burner phone with cash, a prepaid (e)SIM, and use as much fake information as possible (even the area code). This will easily run you $45+, and requires a subscription to keep using it. Beware that the phone you use it with may disrespect your privacy in other ways.

Kill Phone Numbers

Phone numbers are one of the least private and least secure methods of communication. It is under active mass surveillance, and costs way too much money. It's good to see younger generations moving away from phone numbers towards third party services (no matter how bad they are), because that means that there is hope of killing phone numbers once and for all.

Kill Both

Anyone can create an email. Anyone can buy a phone number. It should not be used as a unique identifier, and certainly should not be used for authentication purposes. We need to stop overusing insecure, nonprivate communications, and start normalizing using Signal usernames or SimpleX Chat addresses for general use. Currently, if you stick only those on your resume for your contact information, you will most likely not receive a message back. That needs to stop. Phone numbers and emails can get leaked and cause endless spam/scams compared to other forms of communication. There is no reason to keep using either option when so many better options are available.

Try to create a full software stack without using services that request your email or phone number, and you will begin to see just how bad the problem has gotten. Some services like Mullvad VPN and KYCnot.me have begun requiring no personal information at all to create an account, not even a password. They randomly generate account numbers to be used to login. I want to see more of that instead of...

spoiler

Please enter your first name.

• Must be at least 3 characters.

Please enter your last name.

• Must be at least 3 characters.

Please enter your date of birth.

• You must be at least 13 years old.
• The birthday we let you enter (01/01/1900) seems invalid.

Please enter your username.

• That username is taken
• Some characters are not allowed

Please enter a display name.

• Some characters are not allowed, but the requirements are different from anything else.

Please enter your email.

• Sorry, but that email is blocked
• We've sent a code to fakeemail@please.stop
• No email received

Please enter your phone number.

• We don't accept VoIP numbers.
• We've also sent a code to +1 (555) 867-5309, because why not.

Please enter your password. We don't know what passkeys are.

• Password must be longer
• Password is too long. We don't know what hashing is.
• Password must not contain these characters. We still don't know what hashing is.
• Password must contain these characters. We don't know what a passphrase is.

Please enter your password again.

• Passwords do not match.

• [ ] I agree to the Terms of Service.

• [ ] I agree to the Privacy Policy.

• [ ] I agree that the information I entered is correct.

Sorry, you've been blocked. Your IP address has been flagged for abuse.

Please enable JavaScript to continue.

Something went wrong, and we couldn't create your account. Please start over.

Your account has been flagged as spam.

Please enable email or SMS 2FA before activating 2FA through an app.

Please verify your email or phone number every time you log in.

New Email: We noticed a new login. What's a VPN? Doesn't everyone store browser cookies forever?

All email notifications are enabled by default.

Please verify your email and phone number before deleting your account.

Your account information you requested to download will be emailed to you within 3-5 business days as if a human needs to approve it.

We've reset your password for no reason at all. Please verify your email or phone number to reset your password.

Lost access to your email or phone number? Tough luck. Please contact support.

Need to contact support? Email us or call us.

This call may (will) be monitored or (and) recorded for "quality and assurance purposes".

"Can you please verify your phone number?" ...you mean the phone number I'm calling you from?

I am looking for recommendations for an open source self-hosted ~~version control system~~ source code hosting service. I found a few, but I can't decide on which one to pick:

• Gogs
• Gitea
• Forgejo

If there's a better one than the ones I've listed here, I'd love to hear about it!

I care primarily about privacy and security, if that makes any difference.

Google is somehow the only company that is able to completely ruin a calculator app. Even before installing, Google outs themselves with how much data they collect:

• App info and performance: Crash logs and Diagnostics
• Personal info: Email address
• Device or other IDs
• App activity: App interactions

And of course the encouraging message:

Data can’t be deleted

The developer doesn’t provide a way for you to request that your data be deleted

As soon as you try to install it, the app requests network access. I'm glad to be using GrapheneOS where this can be restricted.

The app doesn't crash on launch, which is a new concept for Google, since most of their apps won't even start without Google Play Services installed. Maybe that means the calculator app can calculate 1+1 without requiring installing the most invasive software known to man, right?

Of course it can't. It crashes the moment you press the plus sign. Thank you, Google, for requiring Google Play Services for your calculator app to do basic addition. You know what calculator doesn't require Google Play services to do math?

In all seriousness, OpenCalc is a near 1:1 match to Google Calculator, so I suggest anyone use that instead.

The cherry on top is Google's calculator app is bundled with a privacy policy, which on its own is a treat to read through: https://policies.google.com/privacy

Congratulations, Google, you can spy on math now.

I am going to show what it would look like if a society had no privacy whatsoever, and then compare it to a society where privacy is a top priority. I am going to show that what little privacy we have in countries such as the United States is the thread holding those countries together, and without it society crumbles. I am going to show that privacy is essential for a free society to function properly, and also help you appreciate the privacy you may not know you have. Let's begin.

A Privacyless Society

"Our" Personal Life

Privacy, by definition, is the ability to control your data. That means controlling what data is shared, who it is shared with, how long it is shared for, when it is shared, and by what medium it is shared.

If you have no privacy, that means you lose the ability to obscure any of your data. All of your data is shared with everyone

Personal information: full name, birthday, address, occupation, social security number, etc.

Documents: birth certificate, driver's license, passport, ID, etc.

Biometrics: Facial scans, fingerprints, handprints, retinal scans, DNA, etc.

Digital information: The content of all emails, every post made online, bank account balance, spending habits, social graphs, all pictures, all ~~private~~ instant messages, every show you watch, etc.

Other information: health and workout data, past relationships, every word you say, every thought you think, likes and dislikes, every place you visit, every waking second of your life, etc.

All of that data becomes available for anyone to use. As you can imagine, this data would quickly be used for mass government control. Anyone who thinks out of line would be punished.

Without privacy, you would also no longer be allowed to obscure personal belongings. All carrying devices such as backpacks and bags would need to be transparent. Since clothing counts as a carrying device, it would need to be transparent or nonexistent.

Yes, you heard me right, everyone would be mandated to be completely nude. The French TV series Nu carries this idea, where a society has been "frog boiled" into giving up all privacy, and all clothes. One man has slipped into a coma during this transitionary period, and is disillusioned with the society.

Access Control

With all data becoming public, you may wonder "Why even have passwords anymore?" To put it simply, even if all your data is public, you still wouldn't want someone impersonating you or posting on your social media. It's the same as how you wouldn't want anyone accessing your bank account, even if transactions are public.

This falls under the topic of security. Without privacy, security would become a citizen's most valuable tool. This begins to show you a hierarchy in personal freedom. Security is the foundation, privacy is layered on top of that, and only then should convenience be added. Unfortunately, in today's world, convenience comes first.

Breaches would become much less common as security is prioritized. The use of password managers, multi-factor authentication, time-based one-time passwords, passkeys, and hardware security keys would become common. However, because all biometric data is public, the "rule of three" for multi-factor authentication can't be completely satisfied.

Documents such as your birth certificate or passport can still be used to verify your identity, as long as the physical composition can't be counterfeit. The information itself becomes useless, and so all identification using the documents must be done in person.

Autonomy

This society has no privacy for individuals, but even if you tried to enforce transparency in higher powers, those powers literally have all the power. Governments and companies would hide behind closed doors, and cover up any misconduct. These powers would use the trivially available data collection to control every member of the public, and manipulate their decisions. Good news: Elections will take place almost instantly because all individual preferences are made public. Bad news: The election is rigged so it doesn't matter who you voted for.

The control over the public would stop at nothing, until we all are turned into mindless work drones. If you control every aspect of the population, then many pieces of a society are removed entirely. The public never makes any money, so there's no reason for taxes or rent to exist. The only transactions taking place would be between different companies and the government. Homelessness is solved by cramming everybody into government issued bunkers for maximum efficiency. Soylent becomes the largest company in the world, providing the only food for every citizen. The only people with any real autonomy would be refugees that are somehow evading the global satellite surveillance cameras, high ranking government officials, and CEOs drifting on their mega yachts.

Death and birth rates would hit an all time high as humans become a disposable asset. The most common cause of death becomes black lung disease from the increase of workers mining coal. Trees may or may not be planted depending on how near-sighted the powers are. As society shifts, some terms take on new meanings, such as "self-driving cars" adapting to the meaning of "cars you drive yourself".

The powers would eventually find neurotechnology to be the most efficient means of control. Installation would become mandated for the public, and manipulation tactics such as peer pressure would force everyone into submission. The device would kill a person at the first sign of corruption. People would be selectively bred and genetically modified to minimize the risk of defiance.

The point is, your data is valuable as a means of manipulating you. The more data you give, the more effective the manipulation is. Major influential powers use manipulation to gain more power, and all of society crumbles into an authoritarian regime. One day, though, throwing disposable humans at a problem will fail, and it will lead to the extinction of our planet(s).

A day in the life

I want to end this section by outlining a day in the life of a privacyless society. This is meant to be somewhat lighthearted and humorous.

Choose your character:

• Disposaperson
• CEO
• Government official

If you chose Disposaperson:

You are Disposaperson #42069. You wake up at 7:00 AM in bunker #42, shared by you and your ordinally closest friends. You got a restful 6 hours of sleep. It's election day, so you were treated to 2 extra hours of sleep than normal. You should be in peak mental condition when making big decisions, after all. Speaking of which, you take your mandated 30 minute brain activity period, to make sure you are still able to function mentally. You scroll through Dreamscape, a new app that lets you watch the nightly dreams of each Disposaperson.

As you are scrolling, you land on a deleted video. 'This dream has been removed under suspicion of defying government powers.' Thats good. you think to yourself. Our government is protecting us from misinformation. "I agree," your bunkmate says, while listening in on your thoughts. You scroll past the occasional ad reminding you to work hard and follow the rules.

Once your mandated 30 minute brain activity period is up, your bunker marches in an organized fashion to the cafeteria. The Disposaperson in front of you accidentally stumbles, and is immediately killed. You step over the corpse, just as you have been trained how to do since childhood.

Once in the cafeteria, you take your seat and suck government issued Soylent out of tubes. You feel happy that food is free and doesn't make a mess. You feel euphoric, even, and not just because of the serotonin injected into the food. You're definitely going to cast your vote to the leader promising to increase the frequency of this Soylent flavor by 5%. Listening to everyone else's thoughts, you can tell everyone is in unanimous agreement. I'm so glad everyone can agree on everything. World peace has been achieved.

After your daily meal, you have been assigned to work in sector 12. It's nice to finally be mining coal instead of planting trees. Doesn't everybody know planting trees is bad for the environment? Where else would the government put bunker 9736?

Once in the mines, you take a nice breath of the black air. You're encouraged to breathe as much as possible during the beginning as an adjustment period. You love mining coal because it benefits everybody. You're so fortunate to be living on a planet with so many natural resources to use up. Your first planet, Earth, didn't have this much coal. You're so glad the government blew that planet up to reduce the number of depleted planets floating through space.

You check the mine's digital leaderboard. You are in the top 1% of coal miners today. You are happy at your work. After all, any lower on the leaderboard and you would be killed off to purify the gene pool. Only the best of the best should be working.

Once mining is complete, it's time for the election to be polled. It only takes a few nanoseconds. Oh good! you think. 5% more Roast Beef Soylent! I wonder what "Beef" is anyways... After that last thought, you feel yourself slowly drifting to sleep. The only words in your head: 'Defiance detected.'

If you chose CEO:

Your name is... what was your name your birth parent gave you? You can't remember, but it doesn't matter. Your servants call you "Master" anyways. You wake up on the sunny beaches on your own private island on your own private planet. You had a restful 14 hours of sleep. Your smart watch alerts your personal Disposapeople that you are awake. Disposaperson #1337 brings you your breakfast: scrambled eggs, fresh milk, and sizzling bacon.

You get flashbacks to the time one of your Disposapeople tried to bring you oatmeal. You hate oatmeal. It's too similar to the food those Disposapeople eat, even though you are the CEO of Soylent. You don't thank your personal disposaperson, and eat your meal. You have a nice life, after Soylent became the leading company in the galaxy. It's nice to have all your work done for you.

You check your profits for the day. You get angry after you see that they are only up by 756%. You'll have to pull some strings with your government connections later to only keep the top 1% of coal miners. That should raise your profits, and encourage those workers to work harder and follow the rules. Haven't they seen the ads?

You are almost done with your meal when your spouse barges in. Your spouse urgently tells you to come quick. Your spouse tells you that your child has been infected with a deadly disease. You ask how that could have happened. The doctor informs you that your child likely caught it from a contagious Disposaperson who had been in the mines.

Outraged, you know that the only solution is to cut the number of workers in the mines. You make a few phone calls and order any miner not in the top 1% to be disengaged immediately. You and your spouse can now rest easy knowing that no more of those workers will be infecting your family anymore. Plus, your profits are up by 1,058%!

If you chose Government official:

Your name is Steve. You are the government official in charge of planet C-137. Today is election day, so you have to put on a good show to make it seem like there is competition. You make sure the news is convincing as many people as possible, and you partner with Soylent to launch an ad campaign. "Work hard, and follow the rules." You like it, it's catchy.

Your assistant informs you that the planet needs to cut back on planting trees, otherwise there will be no room for bunker 9736. You thank her for informing you. They say being polite to your assistants increases the chances of winning an election, after all.

You check the numbers. Good. you think. Bunker #42 is unanimous. An alert pops up: 'Potential defiance detected in worker #42069' You scan the worker to check if the it is voting for you. The worker isn't fully confident. You decide to feed the worker its favorite flavor of Soylent, and promise to increase production of that flavor by 5%. It's convenient to know every worker's preferences.

That should do it you think. You tell your assistant to disengage that worker once the election is complete, just to be sure. You tried Soylent once. It was the worst thing you've ever tasted, but you had to put on a good face, or else the CEO of Soylent wouldn't have partnered with you.

The phone rings. You pick up the phone. It's the CEO of Soylent. The CEO tells you that you have to disengage any coal worker not in the top 1%. You remind the CEO that it's already at 2%. The CEO tells you it's urgent. You need Soylent to vote for you in the election, so you give in under the pressure. You order your assistant to disengage any coal workers not in the top 1%.

You turn on the TV to watch the workers from the satellite cameras. You couldn't imagine what it would be like if anyone could hide their actions. Only criminals would do that.

It's finally time to cast the votes. You push a button, and the votes are collected almost instantly. You won the election, you should be happy... Why aren't you happy?

A Private Society

Let's compare that dystopia to a private society. In this society, privacy is a fundamental human right.

Your Personal Life

Your information is yours, and stays yours. Personal information is never collected. There's no reason to collect it, because you never need to identify yourself using personal data.

If you want to rent a house, you just start paying for it. If you try to stop paying rent, the house gets seized. No identity required.

Healthcare is either free or a very small price that you pay for on the spot. No identity required.

Voting is done in closed buildings so nobody can try going to the back of the line to vote a second time. No identity required.

You buy a car by paying on the spot. Budgeting money and saving up is a common practice. No identity required.

People are civil. If you get in an accident, you pay each other's medical bills. No identity required.

If you want to board a plane, you pay for a ticket and board. No identity required.

When you get a job, you work and get paid at the end of the day. No income taxes, no background checks. If there are references on your résumé (which are not required), jobs can call those references as a "background check". No identity required.

No taxes at all. There's no way to enforce it without tracking income, and there are plenty of other ways to fund the government. No identity required.

Education is either free or you pay for an access card to the building. If you stop the payments, the access card is revoked. No identity required.

Immigration is something that can be done while respecting privacy, but it's apparently a controversial topic, so I will avoid talking about it. I will leave this as an exercise for the reader.

Stores can prevent theft in many different ways without surveillance cameras. Some examples are putting products in lock boxes to be unlocked at checkout, or vending machines. I'd love to hear some of your clever ideas for this.

Your data remains yours. No more online accounts to read an article about bigfoot. No more "send us a picture to verify your age". No more surveillance cameras. No identity requirements.

All communications are private by design. Aliases are common. Also, you can wear clothes.

Security

Breaches hit near zero as security becomes a requirement. Software is mandated to be open source, and government used software is required to be heavily audited. People use proper multi-factor authentication in day to day life. Funds are kept secure by using anonymous digital currencies or cash. ATMs to swap these are around every corner.

Centralized banking exists, but is used less commonly. The ones that exist are closely regulated to make sure they use good privacy practices. Companies are regulated in the same way.

Innovations in physical locks skyrocket, since cameras are no longer strapped to your doorbells. People realize surveillance isn't safety, and that they can get hacked quite easily. Those who do have surveillance systems use a closed circuit to host it locally. Laws are in place so these cameras only record the owner's property. Not the sidewalk, not the road, not the neighbors. Notices must be clearly posted outside.

Self hosting becomes widespread, with the most common tool to self host being blockchain miners. Those servers can double as heating systems in the winter. This person tried mining cryptocurrencies to heat his apartment, but the post with the results got deleted.

The society runs on a full mesh network. This ensures that internet is free and not tracked or censored.

Powers

Companies and governments are fully transparent, so any misconduct is easy to spot and fix. Individuals have privacy, but businesses and corporations do not. This society prioritizes individual privacy, but also transparency.

If misinformation spreads, it is neither the government's nor a company's job to censor it. People will learn to spot misinformation on their own.

Open source software is mandated for use in the government. The government takes security very seriously. National security is not kept by obscuring actions, but by putting real protections in place.

Without being able to sell your data, companies charge for products and services, not software. This not only encourages self hosting, but provides a better business model for things that cannot be self hosted. Things like VPNs, cloud storage, streaming services, etc. are open source but paid. Essentially, you pay with money, not data.

People are not controlled by any entity, and so they can think freely and express freely. Of course, free speech always has social consequences, but it is still free speech.

Conclusion

I could flesh out a lot of the fine details, but you get the picture. Society can function and thrive with privacy, and you need privacy for a free society. It really helps you appreciate the privacy we have today, and helps you realize how our privacy is slowly being eroded. It's a fun thought experiment to see some creative solutions to work around some of the challenges with privacy. We should have privacy as an essential baseline, and work around the problems, rather than defaulting to "more cameras in schools!". Can an AI camera stop a bullet?

Anyways, thanks for reading! My mandated 30 minute brain activity period is over, so I have to go.

P.S. I've undoubtedly made some pretty stupid mistakes while writing this, but I wrote this in good faith.

Edit: Typo

I am making this post in good faith

In my last post I asked about securely hosting Jellyfin given my specific setup. A lot of people misunderstood my situation, which caused the whole thread to turn into a mess, and I didn't get the help I needed.

I am very new to selfhosting, which means I don't know everything. Instead of telling me that I don't know something, please help me learn and understand. I am here asking for help, even if I am not very good at it, which I apologize for.

With that said, let me reoutline my situation:

I use my ISP's default router, and the router is owned by Amazon. I am not the one managing the router, so I have no control over it. That alone means I have significant reason not to trust my own home network, and it means I employ the use of ProtonVPN to hide my traffic from my ISP and I require the use of encryption even over the LAN for privacy reasons. That is my threat model, so please respect that, even if you don't agree with it. If you don't agree with it, and don't have any help to give, please bring your knowledge elsewhere, as your assistance is not required here. Thank you for being respectful!

Due to financial reasons, I can only use the free tier of ProtonVPN, and I want to avoid costs where I can. That means I can only host on the hardware I have, which is a Raspberry Pi 5, and I want to avoid the cost of buying a domain or using a third party provider.

I want to access Jellyfin from multiple devices, such as my phone, laptop, and computer, which means I'm not going to host Jellyfin on-device. I have to host it on a server, which is, in this case, the Raspberry Pi.

With that, I already have a plan for protecting the server itself, which I outlined in the other post, by installing securecore on it. Securing the server is a different project, and not what I am asking for help for here.

I want help encrypting the Jellyfin traffic in transit. Since I always have ProtonVPN enabled, and Android devices only have one VPN slot enabled, I cannot use something such as Tailscale for encryption. There is some hope in doing some manual ProtonVPN configurations, but I don't know how that would work, so someone may be able to help with that.

All Jellyfin clients I have used (on Linux and Android) do not accept self-signed certificates. You can test this yourself by configuring Jellyfin to only accept HTTPS requests, using a self-signed certificate (without a domain), and trying to access Jellyfin from a client. This is a known limitation. I wouldn't want to use self-signed certificates anyways, since an unknown intruder on the network could perform a MITM attack to decrypt traffic (or the router itself, however unlikely).

Even if I don't trust my network, I can still verify the security and authenticity of the software I use in many, many ways. This is not the topic of this post, but I am mentioning it just in case.

Finally, I want to mention that ProtonVPN in its free tier does not allow LAN connections. The only other VPN providers I would consider are Mullvad VPN or IVPN, both of which are paid. I don't intend to get rid of ProtonVPN, and again that is not the topic of this post.

Please keep things on-topic, and be respectful. Again, I am here to learn, which is why I am asking for help. I don't know everything, so please keep that in mind. What are my options for encrypting Jellyfin traffic in transit, while prioritizing privacy and security?

Please take this discussion to this post: https://lemmy.ml/post/28376589

Main content

Selfhosting is always a dilemma in terms of security for a lot of reasons. Nevertheless, I have one simple goal: selfhost a Jellyfin instance in the most secure way possible. I don't plan to access it anywhere but home.

TL;DR

I want the highest degree of security possible, but my hard limits are:

• No custom DNS
• Always-on VPN
• No self-signed certificates (unless there is no risk of MITM)
• No external server

Full explanation

I want to be able to access it from multiple devices, so it can't be a local-only instance.

I have a Raspberry Pi 5 that I want to host it on. That means I will not be hosting it on an external server, and I will only be able to run something light like securecore rather than something heavy like Qubes OS. Eventually I would like to use GrapheneOS to host it, once Android's virtual machine management app becomes more stable.

It's still crazy to me that 2TB microSDXC cards are a real thing.

I would like to avoid subscription costs such as the cost of buying a domain or the cost of paying for a VPN, however I prioritize security over cost. It is truly annoying that Jellyfin clients seldom support self-signed certificates, meaning the only way to get proper E2EE is by buying a domain and using a certificate authority. I wouldn't want to use a self-signed certificate anyways, due to the risk of MITM attacks. I am a penetration tester, so I have tested attacks by injecting malicious certificates before. It is possible to add self-signed certificates as trusted certificates for each system, but I haven't been able to get that to work since it seems clients don't trust them anyways.

Buying a domain also runs many privacy risks, since it's difficult to buy domains without handing over personal information. I do not want to change my DNS, since that risks browser fingerprinting if it differs from the VPN provider. I always use a VPN (currently ProtonVPN) for my devices.

If I pay for ProtonVPN (or other providers) it is possible to allow LAN connections, which would help significantly, but the issue of self-signed certificates still lingers.

With that said, it seems my options are very limited.

Yesterday I decided to start "officially" selfhosting. With almost no experience with Docker, I struggled for eight hours straight, but I finally have it working.

Currently, the two tools I am selfhosting with Docker Compose are LibreTranslate and spotDL. I'm only accessing them over the local network using a direct IP:PORT, so there's no domain name. I don't want to use a custom DNS, since it is fingerprintable online, so I want to keep it the same as my VPN.

With that said, I want to add encryption to the connections. I was able to generate my own self signed certificates with this command:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./certs/key.key -out ./certs/cert.crt

spotDL was easy to setup with these self signed certs, since it has command flags for --enable-tls, --key-file, and --cert-file. LibreTranslate has an environment variable for - LT_SSL=true, however it gives the following error:

libretranslate  | (URLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')),)

That led me to this issue which is 2 and a half years old. LibreTranslate doesn't have a way to specify certificates that I know of.

I tried using Nginx Proxy Manager to create a reverse proxy, but I couldn't quite figure it out. (I also didn't understand Docker Compose at the time. I had a few hours to go before I did) NPM also seems to want Let's Encrypt certificates which can't be given without a DNS record. I tried manually providing certificates in the config file, but I don't quite understand NPM enough to be able to set it up properly on my own.

My requirements are:

• No changing the DNS from my VPN's default
• No port forwarding, everything should be accessed by the local network only
• No email required (ability to use a fake email without risk is fine)
• Only free and open source software
• Modern security standards where available

I also would like help adding the self signed certificates as a permanent exception in Brave browser, if possible.

This question has been answered. Please stop trying to repeat information that has already been said many times before. Everything in this thread is in good faith, I am here to learn, so I will make mistakes. Furthermore, if you want to contribute something new, please read the entire post to avoid misunderstanding the purpose of this post.

Selfhosting is useful when you either need a lot of storage or a lot of processing power. For example, Kiwix is useful to selfhost on a server because a lot of its content can take up terabytes of storage, which a phone may not have. LLMs are also useful to selfhost because they require a degree of processing power that, again, a phone may not have.

In both cases, there is also a need for perpetual access. If you simply hosted an LLM on your home computer, it wouldn't be very useful to access from your phone since your computer won't be running all the time. So, a separate always-on server is needed.

However, there are some selfhosted software that I don't see a use for. For example, Immich. Immich requires to be run on a server to function, but a lot of (or even all) of its functions are things that could reasonably done entirely on-device. Aves combined with some automatic backup solution such as Nextcloud gets (from what I can tell) most of the functionality Immich offers. Obviously, some features like AI image tagging are missing, but you get the point. AI image tagging is also something that could be run on-device as well, since it's mostly lightweight (iPhones are capable of it). Having a setup like that also comes with the benefit of automatic backups being completely optional, rather than required.

There's no reasonable need for extra storage or extra processing power needed for that use case, from what I can tell. (Disclaimer: I haven't actually used Immich before, so this is speculation. I apologize if I'm missing something obvious) There's a lot of other selfhosted tools like spotDL which have a selfhosted web UI, but no GUI that can be installed outside of a web browser.

I guess my question is why there are so many selfhosted tools that unnecessarily require being run on a separate device. I do understand the legitimate use cases some of them have, but others seem better off on-device airgapped. This especially became an issue trying to find a notes app for Android that requires no account and runs fully locally, or an RSS reader that loads from the device itself. I found Joplin and Feeder or Read You as the software for each of those. I don't like "server-based" selfhosting for things that could be done from the device itself.

I'm sorry if this turned into a rant. If someone could help me understand, I would appreciate that very much.

Cheers!

Edit: The comparison here isn't between selfhosting and using a cloud provider. The comparison here is between selfhosting on a server and running explicitly on-device (besides where extra storage or processing power is required)

Answer

So that nobody has to dig through the comments for answers, this is what I've learned: In the case of Immich, its purpose isn't designed to be a photo gallery. It's designed to be a more polished backup solution, designed explicitly for photos and not general files. While Nextcloud could be used to backup photos, it's not as focused on photos as Immich, and so it isn't as nice to use for that purpose. Immich also allows you to share photos with a link, rather than relying on a cloud provider to do that for you. There's also another benefit to selfhosting that I hadn't entirely realized, which is availability across devices. Some things like an eBook library may not take up much space, but it's convenient to not have to sync manually (or automatically) across devices, and instead access it from a central server. That same logic is true for RSS readers as well, since it's inconvenient to manually add and sync feeds across devices. Syncing across devices can be done with something like Syncthing in some cases, but not all, and so that's where selfhosting can be useful.