How I made my own VPN Server in 15 minutes

Privacy/ Anonymous Concern

People are (rightfully) freaking out about their privacy as the Government voted to let internet providers share your private data with advertisers. While it’s important to protect your privacy, it doesn’t mean that you should sign up to a VPN service and tunnel all your internet traffic through VPN servers.

A VPN doesn’t make you anonymous

What the hell is a VPN?  when you connect your computer or phone to a VPN server, you establish an encrypted tunnel between your device and that server. Nobody can see what’s happening in the middle of this tunnel, not even your ISP.

And yet, it doesn’t make you magically anonymous. You’re just moving the risk down the VPN tunnel as the VPN company can see all your internet traffic. In fact, many of them sell your data to scammers and advertisers already


NordVPN

This is a "Bug" or feature to run VPN with Google Analytics to track what you are doing?


That’s why I don’t recommend signing up to a VPN service. You can’t trust them.

But VPNs can be useful from time to time. Sometimes you can’t access a website from a public network because it’s blocked. Or you could be traveling to China and you want to be able to access your Gmail account. In those cases, it’s all about minimizing the risk while you use a VPN.

Setting up your own VPN server

You could be running your own VPN server in your home.  But if you can’t trust your home connection or you have a slow upload speed on your home connection, it’s not really practical.

I created VPN servers on a DigitalOcean server, an Amazon Web Services instance and a Google GCP instance server. I could connect to all these VPNs from my Mac and iPhone just a couple of minutes after that.

I used WireGuard as my choice of VPN, because it is FAST and stable.  Supports only IKEv2 with strong crypto (AES-GCM, SHA2, and P-256) and remove all legacy cipher suites or protocols like L2TP, IKEv1, or RSA.  With all these setup, I still cannot claim to protect you from the FSB, MSS, DGSE, or FSM.

Disposable VPNs

Running your own VPN server doesn’t mean that you’ll be more secure on the internet, either. Once again, you’re moving the risk down the tunnel to the cloud hosting provider.

If you use your own VPN on a Microsoft Azure instance, the NSA could still ask Microsoft more information about you if they think you’re an evil person. Microsoft has your billing/ credit card information.

But there’s something refreshing about our approach — it lets you set up disposable VPNs. You can boot up a new VPN server and connect to this VPN in just a few minutes. Once you’re done, you can just delete your instance and pretend that this VPN server never existed.

It’s much cheaper than subscribing to a VPN service, as you can expect to pay around $0.05 HKD per hour of usage, or even less with free credit. And you’ll get much better performance as you won’t share your VPN server with other VPN users. I got amazing networking performances from my GCP VPN.

If you have a bit of technical knowledge, I don’t see any reason why you should sign up to a commercial VPN service. I trust myself for not handing over my data to authorities (duh). I don’t necessarily trust the Amazons and Googles of the world to fight for my privacy, but I know they won’t sell my hosting data to third-party advertisers and scammers.

James Huang 2024年8月11日
このポストを共有
タグ
Network-level ad and tracker blocking