Firefox Full-device VPN(private-network.firefox.com) |
Firefox Full-device VPN(private-network.firefox.com) |
Just like Disney+ that started in the Netherlands months before starting in the US.
Could be wrong.
It's in Beta, why should they go through all the legal processes to launch the product globally where there's still the potential that the final product might look completely different or never release?
Since Wireguard is still a bit new and buggy, they probably want to make sure it's stable and roll out in stages.
It's a shame Purism picked PIA to partner with, I want to support the company but Librem Tunnel is the only feature justifying the $7.99/month Librem One fee for me and I don't want any of that going to CyberGhost. I use Librem Mail too, but they don't offer a price package that includes email without VPN.
It's getting hard to identify a trustworthy VPN provider, and CyberGhost seems to rate decently on thatoneprivacysite.net; in which, incidentally, I'm unsure whether to trust, although its VPN evaluation vectors do seem pretty appropriate and complete.
Why isn’t Mozilla running their own servers if this really is something worth getting into? They’re one of the few privacy and public good companies we have left.
If Mozilla can secure a good contract with folks who have run a VPN, isn't that a better technical scenario? I mean, sure, you have to assume that the contract has teeth to enforce privacy guarantees. But I think that's part of the value proposition here.
To any Mozillians reading this, what was the reason for the switch to Mullvad?
Also will we be able to use our own standard Wireguard clients to connect?
https://protonvpn.com/blog/whats-the-best-vpn-protocol/
Edit: As Gaelan mentioned below, this is an answer to hellcow's first question.
This is just a vpn right? My existing vpn is already putting all device traffic through its servers (though it would actually be nice to turn it off for some apps, as I can't order takeaway because everyone thinks I'm in Iceland).
And its $5 a month, which is about what I already pay.
Plus its not available except on windows 10 (where its beta).
And its US only
What is Firefox/Mozilla offering me here that I don't get from NordVpn (who I hifhly recommend)?
With Mozilla you get someone you can hopefully trust (hopefully being the operative word).
[0] https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-ha...
Mullvad is a great company they help finance development for Wireguard VPN, I don't know about NordVPN.
"About our trusted partner
Firefox Private Network full-device protection is a VPN built by Firefox using global WireGuard servers provided by Mullvad, which has committed not to keep logs of any kind."
> Our partner for FPN Browser Protection is Cloudflare. Our partner for FPN Full-device Protection is Mullvad.
https://www.mozilla.org/en-US/privacy/firefox-private-networ...
Mozilla previously sold ProtonVPN as an affiliate for $10/month, but Firefox Private Network doesn't use them at all.
https://blog.mozilla.org/futurereleases/2018/10/22/testing-n...
No matter the location, they'll keep logs forever for the gov or some other equally unreliable entity.
https://mullvad.net/en/help/no-logging-data-policy/
https://mullvad.net/en/help/swedish-legislation/
Of course, it's up to you to determine how much you want to trust them.
Money is a necessary evil, choices must be made.
I feel we have reached peak Firefox. I have no qualms about supporting Mozilla by going with their VPN offering, even it costs a little more. I don't particularly have any objections to some of the recent features like Monitor, DoH, Sync etc. Once the rollout of their VPN product is complete, sometime next year, I would expect them to work with what they have at hand, rather than having too many balls in the air ie. instead of chasing down Chrome or integrating even more services, I hope they will concentrate on staying close to their values and committed to strengthening the core products.
I must have missed this, what RSS solution have they put out?
Watching Firefox leverage its reputation as a privacy and security advocate is helpful for many people who care, but are not technically inclined.
The $4.99 rate would be a 55 cent discount over the standard rate, which matches the cryptocurrency discount and would likely help support Firefox financially.
Mozilla has been trying to diversify its revenue for a long time:
https://blog.mozilla.org/blog/2014/02/13/revenue-diversifica...
However, this partnership would most likely benefit both Firefox and Mullvad. Firefox gets a stream of revenue (independent of Google) that would be used to finance development, and Mullvad acquires additional customers through the partnership who would otherwise not know about it.
>Firefox is committed to protecting your privacy. Our privacy policy describes how we handle your data. The VPN is provided in partnership with Mullvad, who is committed to not monitoring or logging your browsing or network history.
So in other words, Mullvad doesn't track you but Mozilla does. Is that interpretation correct?
I still have a PIA subscription for a few months, which I'm now planning on using until this becomes available in more regions (+ on more platforms, Linux and Android in my case), but as soon as it does, I'll be happy to switch over.
https://www.mozilla.org/en-US/firefox/
> Meet our family of products - Browsers
- Monitor
- Send
- Lockwise
So, for many years now, "Firefox" has been morphing into a brand that encompasses many online tools beyond the browser that are all intended to be tied together by Mozilla's mission & manifesto.
Proton doesn't support Wireguard which is the protocol Mozilla wanted to use. This was a conscious decision because Wireguard is UDP only, which poses a significant problem for many Proton users which are based in countries with strict censorship and UDP VPN protocols are easier to block. Therefore, Proton's VPN focus has shifted to working on TCP based solutions which can resist DPI.
While Proton and Mozilla's VPN focuses have diverged, there is still collaborations and discussions in other areas. For example, Thunderbird is integrating Enigmail, which is based upon the OpenPGPjs library that Proton maintains.
Proton and Mozilla have similar missions, and will continue to support each other in the future.
https://www.bloomberg.com/news/articles/2019-10-21/after-twi...
The utility of a VPN is mainly based on trust, and NordVPN's lack of transparency in that incident is a breach of trust.
Laying the blame on an undisclosed vulnerability is pretty ironic of them
They are already rolling it out slowly via a waiting list. Limiting that to US only doesn't really change how "widely available" it is in order to iron out the kinds. Seem more likely this is regulatory related.
The openvpn community is pretty nonexistent. Core is about 10 guys (half on loan from the for-profit company) and they're multiple years behind on where the development should be.
2.4 release: currently 3 years old, decently robust, but limited. 2.5 release: 38 of 51 blockers still open, no release date in sight. 3.0 release: roadmap was written in 2010, no release date in sight.
OpenVPN 2.5 is where we'll have per-user tls-crypt. tls-auth/tls-crypt in 2.4 means when the PSK (that all clients share) leaks, you have to rotate a PSK for ALL users all at once. Or you could not use that PSK at all and just get DoS'ed over UDP all the time. OpenVPN 3 is where they're looking at being multithreaded. Let that sink in for a minute, because the devs haven't. You share one core with EVERYONE who's connected. openvpn is, performance-wise, a glorified openssl-pipe-to-nc at that point.
These are features that any server admin should be dying to have, because they're what let you scale from "my cute little tunnel from my home to my cloud instance" to "endpoints that can scale."
Tuning to get solid performance means getting the client config right with a lot of low-level tweaks, a lot of iperf and network-ops knowledge, shipping it out to the userbase, and hoping it works in their situation. Tuning later because you screwed anything up is hit and miss: some features you can 'push' out and fix, some you can't. The devs can't imagine tunnels where someone who isn't as immersed in the code as them doesn't control all endpoints and all configs, or where there's no burden to walking around and changing every user's config. I'm years into this and I'm still finding things to adjust or submit patches for, to make my users happier.
OpenVPN has one thing that other VPNs severely lack: a ABSOLUTELY SUPERB hook system. You want to have actions trigger scripts, they got u fam. You can do a lot of serverside and clientside magic because of that, integrating with your SSO and ACL management. Wireguard is much more in the beautiful-in-its-simplicity-but-that-still-means-simple 'static definition' camp (for now).
I get that everyone wants everything right now, but if you're not in the US, surely you still understand domestic-market roll out? Doesn't seem like it's worthy of anything more than a passing "damn, too bad."
What I have problem is slow roll out features across the globe, when you cant see or understand the reason behind it.
And this isn't a new thing. They partnered with an established vpn provider. Horizontal scaling won't be an issue there.
There is really no reason, but I don't really care either
And there is really no reason to not go to the actual provider. Same price and you can use it on all platforms. They even provider a wireguard backend.
What?
So is iPhone Upgrade Programme, or Apple Pay where NFC were well established. There are always things to iron out before taking it further.
Not sure about other places yet.
But the fact is that this does create more links in the VPN, and thus more security risks. Which isn't a big deal for the 99% of us that are just using them to torrent and prevent Comcast from seeing our data, but there's still a principle thing, which is part of why people are jumping from PIA before the merger has even happened.
If it's not multithreaded, sounds like one thing to try could be just to run an instance per user, but I guess that may not be straightforward to operate.
Oh well, at least we have IPsec.