New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Any browser extensions for OpenVPN?
jamespeach
Member
in Help
Does anyone know of any browser extensions that can connect through OpenVPN? This way only traffic sent through the browser can be encrypted through a VPN, and all other traffic outside of the browser goes through normally. I've tried looking online, but haven't found much.
Comments
I really doubt that
you can use socks5
Yes - that the easiest and most straightforward solution (and no install required other than a local SSH client and of course a remote *nix account to forward traffic out of).
Remember to enforce remote dns resolution to prevent DNS leaks via local network.
I use switchyomega plugin and a socks5 ssh tunnel
Browser extensions do not get raw socket access, so this is not possible. Might have been doable through Chrome Apps, but they're being discontinued.
How secure/private would the socks5 shh be? I wouldn't assume it would be anywhere near as encrypted as OpenVPN.
If you were to use SSH socks proxy, than it would be more secure than openvpn. Technically openvpn isn't very well encrypted by all standards. It is generally considered all traffic over openVPN could be unencrypted by a government style organization, if they wanted.
That's is quite a claim. I am no security expert but I would be interested in some data or explanation to back it up. For my own edification
Any easy way to install a SOCKS proxy on a NAT VPS server?
https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH
https://arstechnica.com/security/2015/10/how-the-nsa-can-break-trillions-of-encrypted-web-and-vpn-connections/
https://www.cyberscoop.com/openvpn-security-audit-matthew-green/
https://community.openvpn.net/openvpn/wiki/Hardening
The basic idea is that anything you send can be decrypted, it is just about how much your data is worth. In older versions of OpenVPN it was rumored that the NSA was able to decrypt the data stream in certain setups, namely those with small DH keys. This was a few years ago, via the Snowden leaks. Sadly, we don't know what the current capabilities of the modern NSA. If you are highly worried about government interaction make sure to harden your OpenVPN server accordingly. Finally, OpenVPN from my knowledge and google-fu skills has never been audited. There first Audit has just started this year.
I've got nothing to hide, I just would like my private things to well, be private, especially with the laws that are currently being passed in the US. Even just using a basic level of encryption I'm sure will help, why would they even waste time with me, if they can just move onto the next person with no encryption.
The default cipher in OpenVPN is Blowfish, but you can change it to AES if you want.
See https://github.com/shadowsocks/shadowsocks/tree/master for more
Doesn't always mean everyone uses blowfish for OpenVPN. Case and point: https://github.com/Nyr/openvpn-install/blob/master/openvpn-install.sh#L300
Yes, that is what I am saying. People can and do override the default.