PureVPN IPv6 Leak

I donwt know any single VPN provider apart from Mullvad with proper v6 implementation.

Hi, I'm the author of the blog post and just wanted to say thanks for the discussion.

I agree that relying solely on desktop VPN clients (especially closed-source ones) is risky... The network namespaces approach is new to me, but it looks like a solid way to isolate traffic and avoid these kinds of leaks entirely. Thanks for the suggestions.

network namespaces provide a clean host/vpn split.

https://blog.thea.codes/nordvpn-wireguard-namespaces/

If you can't see your VPN's source code, you can almost safely assume that they're broken in some way.

I have no idea why it seems to be so hard for VPN providers to get IPv6 right. The technology has been here for ages. Also, unlike physical ISPs, VPN providers have no other way to differentiate from each other but getting this sort of things right, so one could except them to be motivated, but no.

Separately, PureVPN is one of the providers you can’t trust [1].

[1] https://www.makeuseof.com/worst-vpns-you-shouldnt-trust/

For the love of God, don't use PureVPN! They have been proven in court to log traffic, despite claiming not to.[1]

[1] https://cyberinsider.com/vpn-logs-lies/

I strongly suggest that you use something like Network Namespaces through Vopono[0] or Gluetun[1] if you use a commercial VPN for "privacy" or "security" aka torrenting and shitposting. Relying on these clients is always a gamble and if your software (Browser, Torrentclient, etc.) cannot know you public IP only the internal IP of the VPN you are also safe against some exploits and misconfigurations a desktop client won't protect you against.

[0] https://github.com/jamesmcm/vopono [1] https://github.com/qdm12/gluetun

I'm surprised at how negative HN as a whole is on VPNs. The argument seems to go that VPNs don't really give you much privacy. I disagree. I don't think they give absolutely privacy but there are benefits.

As soon as you use a service in another country, it greatly complicates anyone trying to pierce that veil. A US shield can be pierced by John Doe warrants, FISA warratns, pen registers and so on. Some of these options are open to average citizens who may want to dox you or simply report your activity to government agencies, which is more relevant now than it has been in many years.

We've seen several websites pop up to dox people who don't show sufficient deference to Charlie Kirk's murder. We have an administration who now seeks to deport people, deny entry to visa holders and deny visas to people who criticize Israel.

For so many people in the US, citizens and otherwise, an extra level of privacy has become essentially mandatory.

The US ISP market is dominated by regional monopolies where you have no other option. ISPs monitor your traffic, not only to sell your data to data brokers but to decide if you're doing anything "inappropraite" like using a file-sharing service. How long before that extends to the content of your speech?

I'm glad people are doing things like xposing IPv6 leaks (as in this post) and other weaknesses. Some here will taken this as further evidence that VPNs are of little or no value. I don't. I want to know who the good providers are.

I encountered this with different VPN provider. Probably many more have this issue.

also look up tunnel-crack if u want

What about NordVPN and ExpressVPN are those somewhat trustworthy?