Nostr Web Client

They don't want you to know about:

Socks5 Proxies vs VPNs:

These hushed elite secrets are more relevant now than ever.

Did you know that, LinkedIn makes more money off selling user data, then they do from paid job ads?

Or even worse, Twitter's valuation collapsed after Elon Musk's takeover, but then yet according to Fidelity, it got a rebound from Musk's training his AI startup on your data.

It should not surprise you then that both LinkedIn and Twitter, restrict many VPNs for new sign-ups. And more and more websites and services are banning Tor. How can you succeed with privacy under these conditions? In this note, I'll use Nostr's uncensored nature to teach you this critical knowledge, while it still works...

~~~

VPNs

When we think of VPNs, we usually think of protocols like WireGuard. WireGuard has public/private encryption keys, and the traffic is encrypted.

One potential issue with WireGuard is it's typically linked to a Datacenter. These datacenter IPs are then blocked by websites that often want to purposefully find out the identity of their users.

~~~

Socks5 Proxy

Socks5 Proxies simply forward the traffic to make requests from a new destination WITHOUT encryption. This typically is done only in a browser, but it could work in the command line or any app.

Many users wonder what the purpose of a Socks5 Proxy is, if there is no encryption. There are many use-cases.

Some websites may block VPNs coming from Datacenters. Socks5 Proxies are can be used to make the traffic appear to be coming from a residential home.

Speed

Since encryption slows down a VPN, a proxy is more lightweight, and thus faster than WireGuard.

Firewalls

Also WireGuard may have issues with residential firewalls, that socks5 helps avoid.

~~~

Tor Block

Another issue is some websites may block Tor. Tor exit IPs are published and known by all participants.

WireGuard + Tor = Fail

Since WireGuard uses UDP packets, it can't be used in front of Tor. Tor uses TCP only.

OpenVPN Slow

While OpenVPN, on port 443 (with TCP), in theory COULD be used in front of Tor. In reality, this is unbearably slow. Because you're doing 3 hops of Tor AND THEN a 4th encrypted hop on an external network.

To get around the speed issue, most users looking to hide Tor use, instead use Socks5 Proxies. These are fast because it has no encryption, but the ISP can't see anything because you're using Tor first.

Tor Exit Sees

The only one who the user isn't hiding from is the Tor exit. Tor exits still can't see through SSL/TLS or httpS website encryption. In other words, Tor exits can see WHAT domains you visit, but not your username, password, or what data you DO on those websites.

No Sudo

A huge advantage of Proxies is that they don't require sudo. They can just work in just the browser.

Simplified Privacy

Our Datacenter proxies exit the same servers and IP addresses as our WireGuard users. So the website won't know if you're using Tor or a VPN. I hope we make it financially through beta testing, to begin offering residential proxies as well.

Now do both me and humanity a favor, and slam the repost to aid our Nostr bros.

Reply to this note

Please Login to reply.

Discussion

NEW1 1y ago

reminder to ask nostr:npub1yx6pjypd4r7qh2gysjhvjd9l2km6hnm4amdnjyjw3467fy05rf0qfp7kza

BitTiger 1y ago

Thanks for the explanation. Havent used a socks5 proxy in years, because i thought it was obsolete. Nice to have a new perspective.

Parallel Structures 1y ago

A little over my head but i think this is important. It's a process.

nostr:nevent1qqsf0praaglg2g7ccagg5df49tk8tvjnpatj0mcyg63cnfrpadklcegppemhxue69uhkummn9ekx7mp0qgs2c0m2lct4j0mpsyz38kkf58j5f6rmnn53kf7n0wywck8m42gpf2srqsqqqqqpfzqljv

Reichard Könige 1y ago

You still need to set up the proxy

Reichard Könige 1y ago

Another point is your have to wrap ssl around the proxy like with stunnel. Then there's the internal traffic from you to the website. I think some even used transparent proxies to intercept your traffic. Like Norton did for email virus checks sitting between your mail clients and the actual server. I wouldn't trust a proxy I don't run myself for anything critical.

8f8cd160... 1y ago

Regarding "WireGuard + Tor = Fail

Since WireGuard uses UDP packets, it can't be used in front of Tor. Tor uses TCP only."

So what happens when my router is set up to send all traffic throug WireGuard VPN? I can still connect to TOR.

My understanding is the WireGuard connection tunnel both UDP and TCP (over UDP).

SimplifiedPrivacy.com 1y ago

You can put WireGuard BEFORE Tor, to hide Tor from your ISP

You can NOT put WireGuard AFTER Tor (such as Whonix), to hide Tor from a website.

Skhron - VPS for Bitcoin, Lightning and Monero 1y ago

I think that another significant difference between Wireguard (and almost any other VPN solution) from SOCKS5 proxy is that with VPN, website might detect MTU of your connection, which will indicate VPN usage, while with SOCKS5 it will be the default value of 1500 (unless SOCKS5 server uses any sort of tunnel themselves). This makes it harder for a website to detect proxy.

Given this, might be a good idea to use Wireguard+SOCKS5, where SOCKS5 is only accessible over Wireguard, making it basically an encrypted proxy, combining benefits of VPN and proxy.

nobody 11mo ago

Where’s the best guide for setting this up?

Skhron - VPS for Bitcoin, Lightning and Monero 11mo ago

Can't recommend any guide but in short all you need is:

1. Setup normal Wireguard as you would do it normally (suppose that we have only 1 client and 1 server)

2. On the server, install https://github.com/rofl0r/microsocks and bind it (-i flag) to an address from RFC1917 block that was used by Wireguard server for peers; for example, server has 192.0.2.1 and client 192.0.2.2, so you will do smth like ./microsocks -i 192.0.2.1

3. Connect to the VPN as you would do it normally

4. Configure your web browser to use socks5 proxy at 192.0.2.1