this post was submitted on 02 Oct 2023
32 points (92.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54500 readers
878 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Thanks for detailed explanation. Im too dumb for some of it, but i think i mostly understood.
So if i use my mobile network directly through a usd cable to my phone (not a USB 4G modem/router stick) the only way for me to use open ports is VPN? But i doubt it's really worth it for me, since i never use VPN despite living in Russia. GoodbyeDPI does all the work for blocked domains
Yes, you would have to use a service like a VPN to open ports in that setup. You mentioned you USB tether from your phone. Do Russian providers use datacaps? Datacapping is common in the US, but almost non-existent in other parts of the world like EU territory, so I was curious. For US, it can be bypassed with TTL mangling on 4G LTE networks, but on 5G its a bit trickier and requires a GRE tunnel to be established between the phone and end device. Just curious if you guys have similar issues.
Honestly, the VPN would just be for opening ports for technical reasons, though. Russian VPN anonomity isn't really a thing, but that anonomity is only used to circumvent US copyright law and any international application of US laws (countries have their own copyright laws I understand, but the US does strong-arm countries into adopting more US-centric versions). If your host country does not recognize those things, then I would imagine that becomes a non-issue for you.
I pay like 7$/month for unlimited mobile data, but they do datacap and use very scetchy schemes aswell. I live in a countryside and we have 4G, but they offer you something called "pre-5G" for extra 4$. I tried it last month and obviously didn't feel much difference since it's the same 4G with a "higher priority, P2W". But this month i disabled it and now my speeds are so bad during the day. Lots of websites can be laggy and slow from time to time, they're literally forcing you to enable that thing back, even tho it wasn't as bad before i enabled it.
Speed-wise it can easily get 1.2-1.8 MB/s on torrents, so it's not that bad. But watching Twitch or Youtube can sometimes be annoying because connection can be pretty unstable during daylight, at night everything is perfect. And it's not because there's a lot of other people using mobile data in my area, i'm probably the only one who uses my certain provider here. They do deliberately "shape" the speed down for some reason and lots of people on russian forums complain about it.
Yeah port forwarding through a VPN really isn't worth it.
It defeats the purpose of using a VPN anyway because the VPN provider needs to know that whatever port number should be routed to your private IP address.
So, that's an interesting point. A provider would need to know where to send traffic to, but the idea is generally that they run services from RAM with minimal logging and associate the port forward with your account ID (or some other sub-account ID). That would prevent them from having to record IP address info, but in truth if a VPN provider says they are no-log you are really just trusting them that they aren't lying.
Even if they show they are 3rd-party audited, people need to understand that they KNOW when they are going to be audited and the scope of the audit. Its incredibly easy to game that system if you control how its done.
That being said, if you look at it observationally, people who use port-forwarded VPNs do not receive DMCA notices anywhere near the extent that non-VPN users do, and there isn't any real DMCA notice discrepancy between port-forwarded and non-forwarded VPN services.
I mean you're right in that in practice it might not mean receiving DMCA notices, but it has to identify you.
I mean you've been assigned the port, and your torrent client publishes that port on the tracker. Surely the port assignment can't only be recorded in RAM, you'd have to change the ports configured in your client every few weeks.
I remember when Mullvad offered port forwards, it assigned you both a port and a key. My guess is that they simply authenticated the key to determine if the port should be routed to whatever tunnel established the connection. So, they would have to map that a dynamically generated key was assoicated to the port (and probably other bits of non-PII like datacenter/region), but nothing beyond that point outside memory. Even account IDs they generated were dynamic. In theory if you were able to guess the ID, you could use the account.
Yeah good point. Even when they offered port forwards, they would only do it with the once off payment accounts. If you set up a payment method against your account ID to be used each month then you couldn't do port forward because the port number shown on the tracker could be linked to your card which could be linked to you.