Jump to content


Photo
- - - - -

LEAP/Bitmask

leap.se bitmask.net open-source VPN email

  • Please log in to reply
22 replies to this topic

#1 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 23 December 2015 - 10:44 PM

"LEAP is a non-profit dedicated to giving all internet users access to secure communication. Our focus is on adapting encryption technology to make it easy to use and widely available."
 
LEAP develops the Bitmask application.
 
"Bitmask is an open source application to provide easy and secure encrypted communication. You can choose among several different service providers or start your own. Currently, Bitmask supports encrypted internet (VPN) and encrypted email."
 
"Bitmask is built using OpenVPN but with several security enhancements turned on by default. One of the biggest problems with encryption today is how it’s too easy to make mistakes, because of that, we are forcing security with Bitmask. It will prevent common VPN problems like DNS or IPv6 leaks or data going over the clear to the Internet if your connection with the VPN service repeatingly drops." -Riseup
 
LEAP shares the same mission as AirVPN and they need support to develop their software.
 
https://leap.se/en/about-us/donate



#2 rocky6

rocky6

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 08 January 2016 - 05:39 AM

I've used it, it was too beta. That's why I got AirVPN. It takes forever to load with the desktop and lets data leak, sometimes had trouble connecting or logging in.



#3 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 09 January 2016 - 11:11 PM

I've used it, it was too beta. That's why I got AirVPN. It takes forever to load with the desktop and lets data leak, sometimes had trouble connecting or logging in.

 

Yes, it is still in beta and it has some bugs. I also had problems logging in or sometimes it logs in when I don't want it to. Though, I liked how it was easy to use and the fact that it started automatically at each boot. What data leaked when you were using Bitmask? The program blocks non-VPN traffic with iptables, so I find it hard to believe that data leaked.



#4 telemus

telemus

    Advanced Member

  • Members2
  • PipPipPip
  • 61 posts

Posted 14 May 2016 - 08:00 AM

Hi there.

I use bitmask - more out of curiosity than anything. 

I had no trouble installing their software. In Wily 15.10 (Ubuntu) it installed using the packages/terminal. I'm something of a novice and managed to do it.

I have another machine - running 16.04 (Xenial) and I was surprised to find bitmask in the package manager (synaptic) - it installed and I have not encountered any problems. I was surprised it was in the package repository.

[I should say at this point that I use ubuntu because I am too cheap to buy windows....and do not care for it in an case - so I'm not touting for linux.]

I have had no trouble setting up accounts - at least in riseup and bitmask's own servers. 

I did a heap of privacy tests and it seemed OK. While I'd use it if I was say travelling or in an airport or some where - I would not use it for my sensitive activities (banking and such like). Airvpn for that.

In sum, I am not entirely comfortable using it as I do not know enough about the folks behind it. But it works. 

Thank you for reading - and these are just my experiences.



#5 telemus

telemus

    Advanced Member

  • Members2
  • PipPipPip
  • 61 posts

Posted 16 May 2016 - 03:01 AM

Hi folks

Further to my earlier post about bitmask, I've been having a play around on it. I noted that one of the servers riseup uses is in South Korea.

(Riseup is one of the bitmask partners and it provides a vpn using bitmask.)

 

I saw these threads on airvpn boards:

https://airvpn.org/topic/14762-new-200-mbits-server-available-kr/?hl=%2Bsouth+%2Bkorea

https://airvpn.org/topic/17733-is-a-south-korea-vpn-server-possible/

Essentially, South Korea has forced data centers to block some content. Airvpn had a server there but withdrew it because the SK government's mandatory 'filtering' violated net neutrality. Thankfully airvpn strictly supports net neutrality. 

Of course one can use another server but I do wonder if riseup have looked into the matter. (I still prefer airvpn, as the folks are transparent in their approach but bitmask is a bit vague).

Thanks for reading. Have a great day!



#6 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2219 posts

Posted 16 May 2016 - 03:14 AM

I am not sure what is their business model. Maintaining VPN servers is expensive, keeping the service stable requires skilled people to run it.

I could not find a list of their servers (except the demo.bitmask.net) nor any mention how do they keep things up financially.

Do not trust free VPNs as a rule of a thumb, unless you want to be the product.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#7 telemus

telemus

    Advanced Member

  • Members2
  • PipPipPip
  • 61 posts

Posted 18 May 2016 - 10:28 AM

He there zhang888

Thanks for your reply. That is my thinking too. There is simply not enough info out there. Riseup has been around a while but again, it really isn't clear how they stay afloat.

Thanks for reading. Have a great day.



#8 pr1v

pr1v

    Advanced Member

  • Members
  • PipPipPip
  • 239 posts

Posted 18 May 2016 - 12:02 PM

Donations from people around the world.

#9 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2219 posts

Posted 18 May 2016 - 01:04 PM

Donations are not enough to run a VPN service. Donations is not a business model, you cannot run a service around "hoping" for donations.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#10 pr1v

pr1v

    Advanced Member

  • Members
  • PipPipPip
  • 239 posts

Posted 18 May 2016 - 04:34 PM

Donations are not enough to run a VPN service. Donations is not a business model, you cannot run a service around "hoping" for donations.


That's true, except if there are many organizations interested to maintain privacy using their services and making those donations, I don't know exactly how they do it, but I suppose it's something like that.

#11 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 19 May 2016 - 01:21 AM

Hi folks

Further to my earlier post about bitmask, I've been having a play around on it. I noted that one of the servers riseup uses is in South Korea.

(Riseup is one of the bitmask partners and it provides a vpn using bitmask.)

 

I saw these threads on airvpn boards:

https://airvpn.org/topic/14762-new-200-mbits-server-available-kr/?hl=%2Bsouth+%2Bkorea

https://airvpn.org/topic/17733-is-a-south-korea-vpn-server-possible/

Essentially, South Korea has forced data centers to block some content. Airvpn had a server there but withdrew it because the SK government's mandatory 'filtering' violated net neutrality. Thankfully airvpn strictly supports net neutrality. 

Of course one can use another server but I do wonder if riseup have looked into the matter. (I still prefer airvpn, as the folks are transparent in their approach but bitmask is a bit vague).

Thanks for reading. Have a great day!

 

I had the same question as you about one of their servers being in South Korea. It is actually not just one of their VPN servers that is in South Korea, but also their website is partially hosted in South Korea.

Name:    riseup.net
Address: 1.209.122.71
Name:    riseup.net
Address: 198.252.153.69

I looked up the first IP address and it says that it belongs to a mix of BORANET and LG DACOM Corporation. Have you tested that VPN server and found that it does censor information?



#12 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 19 May 2016 - 01:37 AM

I am not sure what is their business model. Maintaining VPN servers is expensive, keeping the service stable requires skilled people to run it.

I could not find a list of their servers (except the demo.bitmask.net) nor any mention how do they keep things up financially.

Do not trust free VPNs as a rule of a thumb, unless you want to be the product.

 

There are two main websites for the Bitmask VPN of demo.bitmask.net and riseup.net. Both are actually managed by Riseup. Riseup has a long history of respecting anonymity since the year 1999, so I would not worry about them logging. Demo.bitmask.net is free because it is obviously meant for testing purposes since Bitmask is still in beta. Riseup.net is currently free for anyone to use as well. They have servers in Seattle, Seoul, Amsterdam, and Montreal. It is important to differentiate between the LEAP/Bitmask software which will always be free and the organizations that use the software to offer a VPN which may be free for now, but it is not going to stay that way for long. Just two days ago the LEAP Platform version 0.8 was released. It lists one of the new features as, “It is possible to require invite codes for new users signing up.” Riseup.net will most likely adopt this new feature soon that restricts access. Riseup is a collective of people with similar interests that operates based on volunteer work and member donations.



#13 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 19 May 2016 - 01:41 AM

Donations are not enough to run a VPN service. Donations is not a business model, you cannot run a service around "hoping" for donations.

 

"The Riseup Collective is an autonomous body based in Seattle with collective members world wide. Our purpose is to aid in the creation of a free society, a world with freedom from want and freedom of expression, a world without oppression or hierarchy, where power is shared equally. We do this by providing communication and computer resources to allies engaged in struggles against capitalism and other forms of oppression" (https://help.riseup.net/en/about-us). Riseup identifying as anti-capitalist should explain why they do not act like a business.



#14 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 19 May 2016 - 01:43 AM

Donations are not enough to run a VPN service. Donations is not a business model, you cannot run a service around "hoping" for donations.


That's true, except if there are many organizations interested to maintain privacy using their services and making those donations, I don't know exactly how they do it, but I suppose it's something like that.

 

Riseup is interested in social change rather than their own monetary profit.



#15 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2219 posts

Posted 19 May 2016 - 01:46 AM

This still doesn't answer the question. Freedom mission and online activism is very respected, but still no one has made a business

out of that, that costs a lot to operate, while keeping a functional VPN service based on donations.

The only "exception" here is the Tor Project, where the relays are sponsored either by non-profits who already use those servers for

other research purposes, or by activists like Air who sponsor a few nodes just because they already make profit from another service.

 

Make no mistake, maintaining servers is not cheap. Even if their Staff are doing it during their free time, the datacenter still has to be

paid. I don't see donations cover this mission, this is unlikely. An average open-source project can yield donations from 10% of it's

user base. And this is a very good estimation. There are still costs of over $100 per server, per month, without guaranteed bandwidth.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#16 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 19 May 2016 - 01:59 AM

This still doesn't answer the question. Freedom mission and online activism is very respected, but still no one has made a business

out of that, that costs a lot to operate, while keeping a functional VPN service based on donations.

The only "exception" here is the Tor Project, where the relays are sponsored either by non-profits who already use those servers for

other research purposes, or by activists like Air who sponsor a few nodes just because they already make profit from another service.

 

Make no mistake, maintaining servers is not cheap. Even if their Staff are doing it during their free time, the datacenter still has to be

paid. I don't see donations cover this mission, this is unlikely. An average open-source project can yield donations from 10% of it's

user base. And this is a very good estimation. There are still costs of over $100 per server, per month, without guaranteed bandwidth.

 

If it costs so much money to provide a VPN service (in addition to the development of the software), has AirVPN considered donating to LEAP/Bitmask?



#17 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2219 posts

Posted 19 May 2016 - 02:12 AM

Air donates to lots of meaningful projects.

You can see examples here:

 

https://airvpn.org/mission/

 

 

I personally don't think that Air should donate to shady competitive projects without a clear mission.

Of course Staff can think otherwise, but this would make a much greater community service just to

donate to the Tor Project instead.

 

All this "Invite Only, free VPN" just sounds too good to be true. And in this business it is usually very

easy to separate a good, transparent service from a shady, unclear venture like this Bitmask.

With all due respect to RiseUp and their mission.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#18 MEVPN

MEVPN

    Member

  • Members
  • PipPip
  • 14 posts

Posted 19 May 2016 - 02:35 AM

Air donates to lots of meaningful projects.

You can see examples here:

 

https://airvpn.org/mission/

 

 

I personally don't think that Air should donate to shady competitive projects without a clear mission.

Of course Staff can think otherwise, but this would make a much greater community service just to

donate to the Tor Project instead.

 

All this "Invite Only, free VPN" just sounds too good to be true. And in this business it is usually very

easy to separate a good, transparent service from a shady, unclear venture like this Bitmask.

With all due respect to RiseUp and their mission.

 

This link doesn't constitute a clear mission? https://leap.se/en/about-us

I agree that the Tor Project is a great project to donate to, but Tor has some disadvantages like only supporting TCP.

Once again, you are not separating the VPN providers like Riseup from the VPN software Bitmask. I started this thread about the Bitmask open-source software developed by LEAP. Anyone can use this software to start their own secure VPN (and Email too) with people that they trust. In theory, AirVPN could provide a VPN using the Bitmask application: https://leap.se/en/docs/platform . Would it be trustworthy then?



#19 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2219 posts

Posted 19 May 2016 - 02:45 AM

I probably didn't take much time into understanding the difference at the lower tech end.

As far as it seems, it's just an another OpenVPN client (generally speaking) with maybe some

hard-coded servers for Bitmask/Leap/Riseup.

Again, this entire mixture is not very helpful towards a regular user that doesn't want to remember

some code-names for each feature, especially since they have standard name across other places.

 

I do think you can already connect to AirVPN using this BitMask/Leap GUI. After all, this is just an

another GTK3 frontend for OpenVPN, just like Fruho, https://fruho.com .

Yet, it took me exactly 2 minutes to get what Fruho was about, and I still don't fully understand what

Bitmask is about. And I consider myself an advanced user. Hopefully you can understand my view.

 

Honestly I don't think this service can be compared to a production ready VPN service at this point,

no matter what their intentions are, and I am sure they are good.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#20 skull88

skull88

    Member

  • Members
  • PipPip
  • 12 posts

Posted 19 May 2016 - 04:15 PM

This still doesn't answer the question. Freedom mission and online activism is very respected, but still no one has made a business

out of that, that costs a lot to operate, while keeping a functional VPN service based on donations.

The only "exception" here is the Tor Project, where the relays are sponsored either by non-profits who already use those servers for

other research purposes, or by activists like Air who sponsor a few nodes just because they already make profit from another service.

 

Make no mistake, maintaining servers is not cheap. Even if their Staff are doing it during their free time, the datacenter still has to be

paid. I don't see donations cover this mission, this is unlikely. An average open-source project can yield donations from 10% of it's

user base. And this is a very good estimation. There are still costs of over $100 per server, per month, without guaranteed bandwidth.

 

Still, that is exactly what they do, RiseUp works entirely on donations and volunteers, most members of Riseup probably follow these guidelines:

 

Suggested contribution
  • Individuals: We ask that individuals with email accounts or owners of lists give monthly or yearly. If you are broke, live in the global South, or live somewhere with a devalued currency, we don’t expect you to give. This means that those with money in the global North should contribute extra as an act of solidarity. If you are unsure how much to contribute, might we suggest $5-$15 a month? If you can do more, please do!
  • Groups: We rely on organizations with email accounts or lists to contribute. It is especially essential for organizations with big mailing lists to contribute, as such lists are costly for us to provide. As a rough guideline, we ask that organizations annually contribute at least 1% of their annual budget—this is a $100 a year donation for an organization with an annual budget of $10,000.

 

They're not in it to make a profit, the whole point is to do things differently.







1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 14215 - BW: 52287 Mbit/sYour IP: 54.226.36.60Guest Access.