The BitTorrent protocol basically works like this when you download a torrent:
a tracker has a list of clients that have some data of a torrent
you want to download that torrent, so you ask the tracker for this list
after you receive this list, you ask the clients on this list to upload their data to you
repeat 3. until you have the whole torrent
As soon as you have something downloaded, you become a client on the list of the tracker that theoretically has the torrent available for others. So you would become the “client being asked” of step 3 as well.
But how can you be asked? In a P2P networking context, you can only “be asked” if you have a port open that allows connections to it. Otherwise it’s as if you gave people your home adress but your mailbox has a hole on the bottom that leads directly to the garbage can beneath it, so all mail is immediately lost. Completely unusable.
In other words, it’s (basically) impossible for you to send the torrent data to someone else. You’re a leecher, someone that doesn’t give back to others. If everyone would act like you, torrents wouldn’t work at all.
I have been seeding until I reach a 3 ratio, so am I doing so through my real ip?
Is it visible to copyright holders?
I did bind qbittorrent to the mullvad interface so there is no doubt I am using the VPN, the question is how is it possible that I am reaching a 3 ratio when I shouldn’t be able to seed at all?
Found this apparently other people are seeding as well
That’s why I said (basically). If another user has a port open and you connect to them through their open port, a bidirectional connection gets established and then you can also upload. But if the other user also didn’t have a port open, then BitTorrent wouldn’t work. You rely on other people to have ports open, if everyone was using mullvad, then it would stop working.
In other words, it’s (basically) impossible for you to send the torrent data to someone else.
I don’t know how (in)accurate this description is, but I’ve been seeding hundreds of GB since Mullvad dropped port fwd. Same for the old times when I didn’t bother using a VPN, I never had to enable port forward in my router for it to work.
That’s why I said (basically). If another user has a port open and you connect to them through their open port, a bidirectional connection gets established and then you can also upload. But if the other user also didn’t have a port open, then BitTorrent wouldn’t work. You rely on other people to have ports open, if everyone was using mullvad, then it would stop working.
that’s so weird, that only one of two people need to have an open port. So the person with the closed port can still establish a connection, both upload AND download. However, this process stops the moment the other person closes his port, then NO connection whatsoever can be established? So we’re gonna pretend this makes sense? Or is it about initiating a connection which requires an open port? That’d make a bit more sense
You could read a bit about NAT, which your router does, if you want to know more. But yes, of course only the initiation requires an open port, otherwise like you said, it doesn’t make sense. As soon as a connection is established your router knows where packets should be sent and an “open” port is not necessary.
I know a bit about NATs, or how I like to call it, LAN, basically. But if you don’t even have a NAT to begin with and are directly connected (to your modem), then you don’t even need to open a port. Easy peasy
Port forwarding with torrent clients, which they disabled because a bunch of pedophiles were misusing it. Even IVPN disabled it, and AirVPN and Windscribe are the only ones left that are clean and provide this feature.
From what I read in the article, there is still one part of the boot sequence that does require some sort of storage: the part where the bootloader fetches the network boot image and verifies it against the checksum signature. But I think that can be performed by booting from a pendrive and then removing it. The problem will come if law enforcement gets a hold of said pendrive…
Destroy the drive. That’s what Apple does and how they get around the whole “we need a backdoor” problem. When no one can access the server, no more problems.
Something tells me that they have a stack of single-use drives so that each time a server needs to reboot for some reason, they write a boot loader in one from their central headquarters, walk back to the server room, use the device to boot the server, and finally hammer the everliving bejeezus out of the thumb drive juuuuust in case. Hopefully they don’t have to reboot that often!
Why would that be a problem? A boot image should only contain the commands to get the main system started after POST. It shouldn’t contain any kind of logs, traffic data, or user data. In fact it should be read-only.
I’m aware of PXE, but in order to do so you need either of:
the boot image supplying server being in the same intranet as the rest of the other servers, or
some sort of method to point the diskless server to the correct external IP address to listen to
Since the first mode is probably too unsafe, that leaves us with the second mode. Either the operator memorizes a specific IP address and types it into the BIOS each time the server is rebooted, or the IP address (and possibly the checksum of the image) are stored in a single-use pendrive that the operator carries. I wonder which of these two methods is used in this case.
PXE is automagic being basically kind of hacky extension to DHCP stuff.
If PXE is enabled the machine will automatically find it via a DHCP relay on the network.
the boot image supplying server being in the same intranet as the rest of the other servers … Since the first mode is probably too unsafe, that leaves us with the second mode.
So there is still one single damning piece of information stored in the servers after all - the IP address to fetch the PXE boot image from. But hey, if Mullvad finds a way to strip even that out of the servers, that’d be great
Because by knowing which IP is the boot image stored from, law enforcement can locate the source of the unencrypted image, thus making the scheme lose its privacy. The only way to bypass the issue is by manually configuring the IP after every reboot and keeping it a secret.
Because by doing so, law enforcement can manipulate the image from the source by:
Intercepting the payload and modifying the operative system to send data to law enforcement
Pose as the origin of the original payload, and send the tainted operative system to other devices when they reboot
Unless, of course, the BIOS stores the checksum of the untainted image. (Which adds its own can of worms, because that would make legitimate image upgrades require writing the new proper checksum on each server)
Agreed. Seems like they were in a super tough spot with that and kind of had to drop it. All the sudden they seem to be doing some new cool stuff to try to keep their edge which I really appreciate / respect. That being said, I’ve dumped them and switched to a service that still port forwards as it gives me better torrenting throughput. Sorry Mullvad.
…Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.
A few months ago. They said that hosting companies and other providers were refusing to work with them if they continued with it as a feature.
It’s just too easy to abuse by bad people using it to host very questionable content. Lots of people then moved to ivpn and then they removed it too, for the same reasons.
If you're doing a P2P related activity over a VPN (or otherwise), port forwarding is very important for improving speed or enabling the service at all. That's because your router blocks incoming traffic from certain ports by default, ports that will be used with a P2P connection. To get around this, you can 'forward' a port that can be used for said P2P activity, letting your router know that the traffic you expect to see from a specific port should be let through.
You can simply leave port forwarding to your personal router, but if you want to stay anonymous while participating in P2P connections, then you'll want to use a VPN service. If a VPN service doesn't utilize port forwarding, then any P2P connections you use will either be straight up impossible, or very slow. For example, you wanted to host a gaming server without giving away your actual IP address, then a VPN with port forwarding is desirable. The same can be said for torrenting.
I found out about this port forwarding matter a few days ago and gave it a try with PIA, and was disappointed with the results, but I’d like to know if I did something wrong on my end.
I’m currently torrenting about 100 torrents in a VPS running Qbittorrent with a Wireguard config from Mullvad, and I’ve been able to get great speeds, about 500 Mbps at the highest.
The other day I set up PIA with gluetun, through OpenVPN, with port forwarding too, put all the 100 torrents in Deluge too. The upload speeds for seeding didn’t seem any faster, but the download speeds were not quite as good. It would top at around 200 Mbps, best case.
Out of curiosity I also tried wireguard configs from Windscribe, with no port forwarding though, and it would also top out at about 250 Mbps or so.
I’m currently back with Mullvad and Qbittorrent. It’s been working fine for months now, so I’m wondering if I’m really missing out without port forwarding.
Jeez is this why my torrents slowed down to a crawl lately? I’m on Mullvad and wasn’t aware they removed port forwarding, or even really what port forwarding is until now.
I appreciate the breakdown, but I meant i was ignorant on why port forwarding was important for a VPN :) Was still a great write up that should be used as reference for others! :D
I didnt realize you still had to port forward to get around ISP traffick shaping/blockage with a VPN. Thought the encrypted tunnel between you and the VPN disguised that, and any port stuff was done at their end, after exiting the tunnel.
I was so happy with MullVad until the port forwarding removal. €5 a month regardless and a very easy to use website. I moved to a 3 year purchase of AirVPN but it’s a lot more finicky to use.
All good, but mullvad should work on more rotation of server IPs or find a solution from alltheir banned server by big techs . Nearly 90 of their servers are blocked to do common internet tasks .
Is it really that bad? I let my NordVPN subscription lapse as I didn’t need it due to personal matters, I’ve heard a lot of good things about Mullvad and was considering them as my VPN provider.
It’s exaggerated. I believe most services are generally more sceptical about users with a known VPN connection. But yeah, I think you‘ll have some hiccups when browsing with a VPN on no matter the provider, or did you have a different experience with NordVPN (I‘m legit curious)?
I did have occasional issues with using a VPN and it was clear services were somewhat suspicious about me (very aggressive use of CAPTCHAs, additional login validation etc.).
That being said, outside of netflix (circumventing region-lock), I never had any issues with outright loosing access to tech oligopoly services.
Ah okay! Yeah that’s basically my experience with Mullvad. Anyways, you can try it out and if you don’t like it just don’t pay $5 for another month. 🤷♂️
With protonvpn, are the the best vpns . And I tested all the services believe me. But the big issue mullvad have is IP bans. The rest is almost perfect . Ah and the problem with port forwarding, suddenly they decided to remove that service , with reason because people were abusing of it. But instead of just remove it one day to another, with no previous notification to the users and not giving an alternate option, felt very rough .
Nearly 90% of their servers are blocked to do common internet tasks .
Perhaps your browsing habits are severely impacted by Mullvad being blocked, but that doesn’t seem to be the universal case. I’ve had the occasional hiccup with a few sites that block VPNs (Mullvad’s IPs), but “90%” is quite an exaggeration when compared to my personal experience.
So you are running a full-fledged OS on a standalone computer that functions as a router. An actual router has a very limited operating system with no such functionality, plus it’s always online by design, so you’d basically have to have a key that is permanently plugged in; or depending on the setup you’d have to re-authenticate ever so often. Not exactly great considering most routers are hidden somewhere in an inaccessible corner.
It’s nothing fancy I just needed more CPU power on my router. I’m not saying it makes sense to use a hardware key to access the internet on router level, I’m just saying it works.
openBSD is actually kinda common base for routers. Also why would I hide a router in some inaccessible corner?
Since the other comment didn’t Go into detail: Microsofts “Recall” will so that on every Windows 11 PC soon. Literally index everything you do or look at, OCR-ing periodic screenshots. Also storing them, possibly including sensitive information like this.
When I was in Denmark I was shocked how many cameras there were, everywhere. I mean not just in the city, but everywhere on the countrywide.
I’ve lived in Denmark for decades. The only cameras I see are basically surveillance cameras in stores etc and speed cameras. I see more cameras in most other countries I go to.
We have nothing compared to fx. London.
Where did you see cameras?
Denmark is one of those weird countries where its illegal to have your map software tell you where the speed cameras are.
That’s not correct. You can even buy gadgets for this in many stores.
Also Denmark is one of those weird countries where its illegal to have your map software tell you where the speed cameras are.
That is not true at all. The police has even officially recommended the use of speed trap avoidance software. We even have an entire market of it, most notably with Saphe that’s probably the world’s biggest producer of traffic alarms.
Because it isn’t in the tags or releases section yet, but it is available as executables under the actions. So you choose the latest build and scroll all the way to the bottom and you will find the installers. You do have to be signed in though in order to download it for now.
Edit: And yet we still have almost 200 monero on the offer books after only a week of being active and being hard to download.
Denmark had issues in the past that pulled money out of Denmark with either cash or money transfers, and therefore banks have to document where big transfers come from.
So this is basically an unfortunate example on how this also hits innocent companies.
But Denmark had to stop it all together, because we are talking about billions being pulled from Denmark this way.
It’s also just the scale of Denmark. The US has billions pulled from the US every day and it’s not a problem but the US isn’t a small country of 6 million people.
That doesn’t make any sense. Currency outside a nation isn’t laundering, USD is used as a trade medium around the world even when not trading with US banks or entities. Idk why you’re saying that “billions a day” is taxpayer money or something and it wouldn’t fix around the country, it’d go into the military like usual.
Jeg formodder at det har noget med de nye hvidvasknings regler at gøre, da det lyder til dem at det er svært for dem at væksle DKK tilbage til andre valutaer måske? Loven gælder nemlig også valutavekslning virksomhedder, som en lang række andre virksomhedder
De nye regler (2021 i Danmark) er sat til at man ikke må betale mere end 19.999 kontant, hverken som privat eller firma. Det er lige gyldigt om det er samlet eller fordelt over flere rater. Advodan forklarer det rimlig godt her, selv om det er svært at forstår helt hvordan det kontroleres, eller hvormeget det omfatter.
Måske bankerne og veksle instituterne har haft en overgangsperiode eller måske Mulvad har kunne løse problemet på andre måder som ikke længere er mulige? måske det ikke har været et problem for dem før nu? måske de lige har fået banditos som kunder og først fundet ud af begrænsningen nu?
Det er alt sammen også bare gæt fra min side, så jeg ved heller ikke om det overhovedet er på grund af den lov. Men jeg syntes at det er overraskende at det lige er Danmark der er så besværlige at handle kontanter med
mullvad.net
Hot