Yes both the WiFi and the modem can successfully be used to access the internet. I was SSHed into my Librem 5 just half an hour ago.
I still think you are going a long way into this without asking the really basic question: What kind of IP address does Purism’s mobile service offer? What kind of IP address does any provider’s mobile service in your country offer?
In many countries, mobile service is an oligopoly. (This is a natural consequence of there being only a limited amount of spectrum available.) So there are just a few large players who don’t have to give a sh*t what customers want. So they may offer what you need. Or they may not.
Thank you for the more complete answer.
There are still some statements that can be misinterpreted so I will note my assumptions.
Is the hardware sufficiently powerful?
From what I understand I think that Librem 5 will be sufficiently powerful to host a web server for your needs.
You don’t need to be able to serve many visitors at the same time and it does not seem on the first glance that you need a high computational requirements, so Librem 5 will most likely be able to handle it.
Connection to the Internet.
There are 3 ways to connect the Librem 5 to the Internet.
A) LTE Modem on the go
B) WiFi
C) Ethernet
When hosting a Web Server, look at the Upload speed.
I made a test of the LTE today and I got approximately 26 Mbit/s download speed and 10 Mbit/s upload speed on a plan that the service provider advertises as up to 100 Mbit/s so I guess that is pretty close to what you can expect from the Librem 5 modem in normal conditions (or maybe I am ripped off by the German ISP :D).
At 10 Mbit/s upload I expect that the website will have slow loading times and especially the user experience if you stream HD video will be abysmal. For providing hosting of text like Blog or Source code, this might be sufficient. So anytime you are at home, you should plug the Librem 5 to an Ethernet source for example via a USB-C hub so that you can charge and provide Ethernet at the same time.
For places where you have WiFi and no Ethernet, you might decide to use WiFi instead of LTE, but I am not sure that this will be that much faster.
Both WiFi and LTE Modem might need a reboot from time to time. So they are not perfectly reliable.
For the WiFi you could also use a dongle through a usb-c hub if you want to achieve better performance when you are at home. There are some very good dongles with good Linux support. I am a fan of Asus USB-AC51 when you need something small. It uses the MediaTek MT7610u Chipset which has a Linux Kernel support so it works out of the box. (honestly I have not tried it yet with Librem 5, but I will try. I currently use it with Raspberry Pi when I need better performance than the in-built RPi WiFi (which is pretty bad).
I don’t get what you mean with locking the Librem 5 in a Safe. Do you really mean like a real physical safe with a lock??? Depending on the safe, you might severely decrease the speed of LTE and WiFi connections making the already bad speed maybe unusable.
And why would you do that? Are you afraid of evil maid attack? Maybe then Librem Mini with Pure Boot with Librem Key will be a better option?
Reliability and down times.
If I understood you correctly, one of your arguments against cloud hosting is that your website may go down. Well actually I would guess, that the risk of downtime with a cloud hosting will be much lower than when you host on your own. Especially it is totally a question of the plan and provider you choose. There are hosting plans that could guarantee you as close to 100% uptime as it gets. While with Librem 5 you will have times where the LTE modem or the phone need reboot, where the connection is bad due to bad weather ect.
Mis-management / mis-configuration and security.
Librem 5 has no lower chance of mis-configuration and no higher security than another web server.
The only conditional advantage is that you are in control. Which is not necessary an advantage if you are not a professional sys-admin/web-admin as you could yourself do some bad configuration and thus leave security holes.
Legal issues.
If you host it yourself you will still be liable for what you host.
But yes, you have the advantage, that you can decide to take the risk, while a provider might just refuse to accept you as a client.
The Internet does not forget, so just switching off the web-server on your Librem 5 does not mean that you can’t be prosecuted based on records / archived versions of your website.
Open Source Stack.
I guess that one could find a cloud hosting that provides you free open source stack.
Also you could use Librem Mini to host at home. In my previous post I wrote Raspberry Pi, but you can substitute the RPi with a Librem Mini if you want. The advantage of the RPi is that it could be made in UK(not all are, but I was lucky and mine is made in the UK), lower cost, and lower energy consumption. The advantage of Librem Mini will be much much better performance, Pure Boot, as free GNU/Linux as Librem 5. If there was a Librem Mini USA, I would definitely buy it.
Conclusion:
I still don’t really get why you need the web server on a mobile phone instead of self-hosting at home.
Maybe you should really have a look at Librem Mini with PureBoot.
If I was on your place and I wanted Librem 5 USA in general and not only for this purpose, I would have gave it a try. Mainly for the sake of educational purpose, because the process of self-hosting on Librem 5 USA would be fun, and I would learn some new skills. And your use case does not seem to be very critical if it fails, so it is a good use case for such fun. And if you are not satisfied with the performance you can always migrate to Librem Mini or Cloud hosting.
But if you would buy Librem 5 USA only for that purpose and reason, then I would be cautious. You have a very high chance of being disappointed at least because of the slow LTE upload speed and short battery life. So you might end up with a very expensive and disappointing experience. And as Irvin Wade pointed out several times, some mobile providers in some countries will not even support the hosting using an LTE sim card.
All of your points are taken into consideration. These points are valid points. The only thing left is my reply to the conclusion context.
Yes, it is true that a mobile phone may not be the greatest machine to host a web server. Mobile phone technology is more recent compared to the more established desktop computer technology. In fact, I just saw a youtube video from Purism’s Youtube profile. I just assume that the installed Apache Web Server can be used on static/public ip addresses then. It’s either that, or the company is just too confident without insight. Too much marketing hype? You guys could been right.
Yes, I definitely see the phone as an technology experiment to quench my academic curiosity. I mean, we are talking about GNU/Linux here. It’s those parts called research (as wonderment and academica) and innovation, that drives the GNU/Linux development as well as its communities.
Yes, it is true that Librem 5 USA may not be as practical than academic. It may be also true that its performance as a web server isn’t up to snuff. I just happened to refer server roles as a usually assigned task by GNU/Linux operating systems. Of course, as GNU/Linux, it is more than just a server. What are the possibilities? How many capabilities can be done on a mobile phone? I read that GNU/Linux has already made its progress in specialized computers if not in mobile/smart phones. I don’t want to be pessimistic given the fact that I have made recent user progress in the desktop version. But sure, there are limitation to be met. Back then, the OS brands might have been limited in development, slugging behind the current computer standards. Updates have caught up to drivers, most of the time. Wifi might still been a problem that needs addressing. Still, progress is not without its obstacles, there’s no way (or just hardly) for a flawless success on the first try. That sense of optimism, and I could cynically consider the product price and service fees as donation to charity and GNU/Linux contributions/investments.
To elaborate on that … it raises the question as to whether all the content is static, cacheable files or whether content is dynamically generated, including whether it is generated based on database queries, and whether generated content is cacheable.
So an additional question is whether just a web server is needed or whether a full application stack is needed (like a LAMP stack)?
Indeed. In that spirit, you have to start the journey, and solve the problems as they come up.
I would assume “yes” - along the lines of that the only way of guaranteeing the integrity of a web server is to have custody of it at all times, so a truly portable server is a theoretically good idea. So, for the times when it isn’t possible to have custody, physically securing it is an attractive approach - although I am not sure that a safe is really secure, depending on your threat model.
Like you, I would be concerned about signal shielding. Is there a safe that comes with an antenna (not that the Librem 5 directly supports an external antenna).
For that matter, is there a safe that provides power to its contents?
For either power or antenna, the safe has to provide it in a way that does not compromise the integrity of the safe.
That’s certainly a good idea. I guess it raises the question of whether portability of the server is important for other reasons.
There may one day come a time that Purism brings Pureboot / Librem Key support to the Librem 5 !
This is not a safe, but it goes one step in the direction as you can put a lock on it and thus slow down the access to the server. At the same time the signal might be better than having solid walls. It might not be perfect against a criminal but for sure it would be better than nothing against an attack by little children FJÄLLBO TV-Bank, schwarz, 150x36x54 cm - IKEA Deutschland
Regarding the external antenna support - I have thought about this in the past. that one could have a frame of Librem 5 that is prepared for such thing and that one could get an external antenna as an extension pack.
Like in Turris Omnia where you can expand the 3 antennas to 5 antennas and you already have the necessary holes in the frame. Obviously the holes in L5 must be better protected than just a plastic cap: Turris Omnia: How to install the “LTE pack” - YouTube
With my interest piqued by this topic, I copied a part of my internal web server over to my Librem 5 just to see a) whether it works at all and b) whether it performs reasonably. To make this concrete … I copied over my personal music video library, 700+ videos, about 19 GB. I wanted the videos on the phone anyway so was going to do it sooner or later.
I think the main problem will be the speed of access to the uSD card i.e. slooooowww. It took an eternity to copy the files over. Admittedly I was copying over sshfs over WiFi, but I had already found accessing the uSD card to be surprisingly slow. Typical speed copying data over would be somewhere between 2 MB/s and 8 MB/s.
(There is too much data, taking into account other content already on my phone, to put everything on the eMMC drive but that would surely get better performance. Also, I’m still running amber and so I am going to have to blow away the contents of the eMMC drive when I upgrade, another reason to put audio-visual content on the uSD card.)
I think, ultimately, access to the uSD card would limit the number of clients that you could serve concurrently.
The smart way of copying the content over would be to shut down the Librem 5, take the uSD card out, and temporarily plug it in to the server i.e. sneakernet.
Anyway, with everything copied over and many trivial config changes because the files are in a different place, it worked correctly as a web server (serving over WiFi from the phone). Filter and sort on the metadata was maybe a little slower than on my normal internal server, but still satisfactory. Access to the actual videos was fine … except on the really large videos. I didn’t look into it but while a 60 MB video started with no appreciable delay, a 150 MB video started with an unacceptable delay (over a minute) but did otherwise work normally. This could be an artifact of my environment, including potentially relating to the client environment (the embedded video player in Firefox).
While you might might the web server as a personal file repository, I plan on bigger things such as a real website with domain name, webpages, and etc. I mean, I am talking about a web server so it should be an obvious assumption. I just need to keep device uptime and figure out how to keep internet connection consistent enough. Those two problems might be on a different topic since it deviates from the topic of web server configurations. Until then, I will wait and research for web server configurations. I might research other types of servers as well. Research will be recorded into a manual since we are talking about the somewhat documented Linux here.
As for your endeavors, I hope for the best of situations from your experiments, irvinwade.
OK but there is nothing unreal about the web site that I tested. It has web pages, including both static and dynamic HTML content, as well as serving out the actual videos (where it is basically just a file server).
It is true that I didn’t bother with a domain name, as this was just for testing, and used the IP address of the Librem 5 directly. If there is only one domain hosted at an IP address then it will make negligible difference whether there is a domain name or not.
Why not taking this as a wonderful opportunity to learn to program apps for GNU/Linux? If you can already program in JavaScript switching to C will not be a trauma – yes, you will have to change your way of thinking, but the syntax of the two languages is pretty similar.
A very good starting point might be a simple “hello world” app. After not too long you might start to realize that web programming and webservers are a useless complication for what you want to achieve.
Yes, what you say is quite true about strictly one domain per IP address as technical protocol. However, with a registered domain name linked to the specified IP address, one can create subdomain names (e.g. subdomain.hostname.domain). Of course, you cannot make a subdomain name out of a IP address, since it is strictly a part of the hostname or domain name. Of course, if you happened to find a way to get a sub IP address for a IP address, more power to you! The purpose of the subdomains or sub IP addresses is to label a directory path of the domain name (or just some other directory path) in question (e.g. subdomain.hostname.domain could be hostname.domain/subdomain, hostname.domain, or /some/other/directory/path/in/documentroot/parameter). Note that we are not talking about serveralias, which is just subdomain name with the same documentroot directory path of the servername.
I assume that people do know about domain registry, but I may oblige to assist upon request. Such requests might also include assistance in web server configuration with IP address beforehand. If someone wants to more the specifics regarding https protocol and how it works with both IPv4 ip addresses and IPv6 ip addresses, I am afraid I cannot help in terms of https://[IPv6_ip_address]/ . I assume that there is no implementation yet.
As kagixa say, you used Clue period tracker app. You did not find any usable alternatives on GNU/Linux. There might not be a GNU/Linux program file format of Clue just yet. Maybe you can contact them about make a GNU/Linux compliant program. Otherwise, github or the like, might have what you are looking for. The materials concerning Clue is a personal and/or private matter, therefore Librem 5 and Librem 5 USA would be sought for.
irvinewade, yes, what you said about domain names is true and it could be a detrimental side effect to domain registry. However, not all is lost for just IP addresses!
For up-to-date standard computers, you should have two ip addresses to use for two different websites. The values will as IPv4 ip address and IPv6 ip address. Think IPv4 as http://#.#.#.#/ or https://#.#.#.#/; think IPv6 as http://[{}::{}::{}::{}]/ or https://[{}::{}::{}::{}]/.
In addition, there are actually three http protocol ports (80, 8008, 8080) per ip address that you can use for three different websites. These ports have been around before IPv6 so stability shouldn’t be an issue. In fact, it’s probably easier to use each alternative port to its own virtual host conf file as extra website hostings. You don’t have to specify ip addresses for virtual host conf files, as you can either leave a ‘default’ or ‘*’ as value to apply as any of the ip addresses in question. Either ways, that’s 3 ports times 2 ip addresses, equaling to a total of 6 potential websites, if permitted. Each website would have its own particular port and ip address in use. If you want domain names and subdomains, it would be a different topic for another day.
There may be new alternative ports, new alternative ip addresses, and new alternative domain/subdomain names. Dismissing this case scenario will allow insecure http access of websites, endangering the integrity of data transmission from and to the website. For the moment, while we can still update, we just have to keep up with adding new alternative ports, new alternative ip addresses, and new alternative domain/subdomain names.
For a start: who said you can only use those three ports for HTTP? If it’s for a limited audience, there is nothing wrong with picking a random port number in the suitable range and publicising that. The only potential obstacle is that really crappy ISPs may block inbound connections except on very specific ports (but those ISPs probably wouldn’t allow 8008 either).
I can’t speak for anyone else but my ISP gives me a 64 bit IPv6 address space. So I’m not going to run out of unique IPv6 addresses for web sites in the lifetime of the universe.
There’s plenty of things for Librem 5 to work on. For now, I will focus on the requirements of hosting servers.
First, we need to ensure port forwarding with cellular data services. Now, wifi data services can easily help out with port forwarding. And I’m not that lazy to stick with a smartphone and call it the only computer that I need. Despite the benefits of wifi data port forwarding, there are setbacks as well. If you ever had to share the credentials of wifi security, you would know as a fact, that ignorant people with exposed devices, may have a chance to share the information to wifi data thieves, providing a chance to rip a hole in finance. It’s even worse when you have to trust strangers, for they may be accomplices in sharing that information to other strangers. Strangers may even use the wifi access to accost wifi account holders, because it would be logical to eventually snuff their victims before they get the Sherlock Holmes intuition (or even upper-hand) on things. Of course, burglars could just break into the residence to access the wifi credentials. In either case, I would suggest to shut down the wifi signals in order to prevent networking capabilities of criminals. Managing credentials is a chore that increments stress levels. Then again, port forwarding with cellular data services may lead to the same situation. However, I don’t think the proposed method follow such instances.
Second, we need to ensure firewall, that is firewall-config. The Librem 5 repository DOES support it. In case you want to access default superuser privilege mode, the default user is considered the default superuser already.
Third, we need the server application, which is a obvious fact.
In regards to port forwarding capabilities with cellular data services, there is a possible workaround that may not require development from cellular data service providers. Here is a list of url addresses regarding port forwarding with cellular data services. Despite the Android design, such progress would also bring hope to accommodate GNU/Linux operating systems. If things go well, the ability to host (port forwarded) servers with cellular data services would be a reality. May we succeed in telecommunications and privacy with our endeavors.
I will contact the company if it can handle GNU/Linux platforms.
EDIT (24/04/2023):
Also, there’s a claim that iptables, adb, (GNU) netcat, and socat can do port forwarding.
A claim that third party services can help out too. One example is remote.it.
At this moment, I will attempt to try building a web server on the device without port forwarding. Maybe there’s no need for port forwarding configuration on cellular data networks. If things get dicey, and they probably will, I will forget waiting on GUI applications and get straight to the CLI application research. Of course, if I do fail, I will put up with a third party service. Sounds like a plan!
I don’t see why port forwarding would be necessary. UFW would be your firewall most likely. But I mean do you really want your L5, your digital mobile fortress, open to the public?
But back to port forwarding, if you have UFW open for the ports you want and for the type of traffic you want, it should work, provided the ISP is not blocking those ports, which it very well could be.
Because many MVNOs only offer a private IP(v4) address for the phone. Your phone is behind CGNAT.1 So that is very unhelpful towards the goal of running a public server on a phone that is connected to the internet via its cellular modem. And you need workarounds (of which port forwarding is one - but I doubt many MVNOs will offer that, so you need other workarounds).
When I did my testing above, I was more interested in the capability of the Librem 5 to run the software unchanged and with reasonable performance. I was only serving to the local LAN (i.e. inside my house), so issues of IP addressing didn’t apply at all and issues of security didn’t really apply.
1 It is of course up to you to verify whether this is true for your particular MVNO.
A fair question but, hey, it’s @Ribby’s phone. He owns it. He can do what he wants.
If you really wanted to go down this route, this would be an argument for virtualisation but that might be a bridge too far at this stage. (See what I did there with the networking puns? )
For me personally, no, I won’t be running a public web server on my phone. I already have three servers on the internet with public static IP addresses so no real need to battle to get one working on my phone.
Right, but these are things done at the cellular carrier’s level, and not on the phone. Cellular connections are not traditionally used for web hosting because it is just not practical for a number of reasons. Sure you can circumvent these limitations with effort, but again I ask, why? (Channel the Key and Peele skit about Hogwarts here for the reference)
2disbetter, you made a good point about the futility of configuring the cellular data service for web server hosting.
That fact, I understand. MVNOs just don’t go for port forwarding because that feature is within the specialized field of the ISPs.
Still, with smartphone technology popping about, one cannot just turn away from the possibility of innovation. I am sure that the Librem 5 is considered as an example.
__
I decided to try the iptables/nftables. I have reached some snag of a conclusion.
One of the biggest hurdles for cellular data service as web server host is that its Cloned MAC address mode is not configurable (the parameter for such type of service is non-existent). The cellular data service provider or the smartphone OS build itself, sets that setting in stone. That means, IP addresses will change overtime. Even the public IP addresses change! It’s smartphone client focus, what else is new? In addition, access to port forwarding features by cellular data modem cli/gui interface (on client side) is not readily available, otherwise, you would have to make the necessary components, firmware, and software. Nevermind the firewall configurations (update required for each IP address change).
My next step is a creation of the mobile hotspot from the cellular data service. It’s technically wifi (from the cellular data service) and the port forwarding access is pretty much the same result, but hey, you have a better chance of permanent public IP addresses? This move might be at least something than nothing.
As 2disbetter mentioned, MVNO means mobile virtual network operator, which means that technically, the network is a virtual type of network. That could mean that the real/physical network hosting the virtual network could be a internet network that hosts software as combined cellular data service components of hardware and software network resources and network functionality. As to determine if the virtual network is external or internal virtualization, I have no idea. Due to restrictions on the cellular data modem’s capabilities, I would say internal virtualization is the mobile virtual network’s structure. To this date, there is no cellular data modem’s cli/gui interface (on client side) of mobile virtual network to access port forwarding.
If I fail here (which I did), I can go for the wifi connection of internet router option. At least the router does allow port forwarding. Cloned MAC address mode can be set to permanent for less maintenance. Hardware problem is that you will have to make sure that both router and phone server is active and working correctly. Limit in router’s wifi radius vicinity would restrict/nullify the hosting smartphone device’s ability as a mobile/portable server. I would say that this option might be the easiest, but electric costly option. In addition, you might have to tolerate the router’s 24/7 light during sleep and maintain specific device access. It does not seem good for the environment! It does not seem good for you!
Back to using cellular data service, I might go for remote.it zero trust network (connectivity) service (https://www.remote.it/benefits) as third party host or something like that. In addition, I believe that certain VPNs allow port forwarding features (e.g. https://www.ivpn.net/pricing/). While usually not considered free service, its a kill of two birds (features virtual proxy and port forwarding services) with one stone. Maybe, a free VPN can allow port forwarding? I certainly hope so! HOWEVER, and that’s a big however, free services come at a price of invasion of privacy issues. Same goes for zero trust network (connectivity) services.
I’m done for today, but at least I know the current limitations of current cellular data service capabilities. There might be future developments from these limitations.
I will explore and compare the last two options (zero trust network [connectivity] service versus/with virtual private network [no data traffic anonymization details such yet {e.g. The Onion Router ((TOR)) and Invisible Internet Project ((I2P))}]) involving cellular data service. While I do like remote.it’s concepts of zero trust network (connectivity) services, the free plan comes with hesitation on privacy invasion issues as data mining, psychometrics, surveillance capitalism, surveillance industrialism, corporatocracy (not corporatism as tool), corporate warfare, espionage, (industrial) sabotage, government surveillance, surveillance totalitarianism, and surveillance imperialism. So it’s a search for surveillance activities under free plans and then research of concepts. Until then.
The two links are just for reference.
Alright, before we embark onto the technical details of candidate picks, we have to take a look at the business side of things. After all, a tool is only a tool of its user. It’s almost like a Star Wars vibe or something of the like, I think you get the picture.
+Scam/fraud potential of remote.it
-no bbb.org page
-is a for-profit company
-monthy service fee is higher than
-collects information as said in privacy policy
-nevermind the Zero Trust Network Connectivity Service claim
-"…regularly collect information…" (https://www.remote.it/legal/privacy-policy). Not authorized by FTC and credit bureaus’s fraud alert.
-"…may utilize automated recording tools and files such as “cookies.”…"
-"…If you restrict our ability to use automated tools and files, your ability to access and use all or part of the Service may be limited or disabled completely. We will ask you to consent to our use of cookies when you first visit our website. …"
-"… Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you. …" Third-party cookies, you say? That could be internet tracking! Could be very bad! Get your third cookie blockers out, people!
-"… In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service. …" Advertisements? I hope it ain’t bad. Advertising to the audience as commercials? Maybe snooping on the user itself?
-"… Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, some of our pages might not display properly or you may not be able to sign-in to the Service, or connect to remote Devices. …" Talk about a contract risking your privacy. That’s right!
-"… Finally, remote.it may disclose your personally identifiable information upon a transfer or sale to another entity of all or substantially all of remot3.it’s stock or assets in remot3.it’s line of business to which this Privacy Policy relates or upon any bankruptcy or other corporate reorganization. …" Could share information by sale to another entity? That could be data mining. Anyways, talk about selling out! What happened to the ideals of commitment to privacy?
The verdict.
While remote.it did explicitly say it does not directly sell information for marketing purposes, the fine print details say otherwise. Some other paragraphs elsewhere, it mentions that it may sell information to entities it has business relations with. There are also third-party cookies that it will not bear responsibility for even though the company itself is the one who placed AND ENFORCED the foreign cookies in its service in the first place. So much risk for trust! Is this the zero trust network connectivity service model? We have to reconsider!
I say that remote.it is going down for a zero trust security model practicing company.
+Scam/fraud potential of ivpn.net
-no bbb.org page, it operates outside of america
-not sure if it is a for-profit company or not
-monthy service fee is (actually) lower than
-is a vpn
-Not a business thing, claim stated by a review site-Port forwarding, but no static IP address. I was hoping for a static public IP address to say at the least! What are the change times so I can update the firewall and server with the new IP address? Oh well, no biggie. Will contact for details.
-"… We will also not log any personally identifiable information e.g. IP address. …" (https://www.ivpn.net/privacy/) big claim
-"… We do not log any data relating to a user’s VPN activity (while connected or connecting to the VPN). …"
-"… Matomo is open source software that is hosted on our own server infrastructure to ensure your privacy (unlike platforms such as Google Analytics). …"
-"… No third-parties have access to any of your data. We always use first or third-party tools we can host on our own servers in a protected and secure environment. …"
-"… As this data is only stored for the duration of the VPN session, if you or anyone requests to know how many connections you had at a specific time in the past, we couldn’t tell you because we don’t store it. …"
-"… When a VPN account is terminated on our network due to the subscription ending, non-payment or for any other reason, all data associated with that VPN account including the account itself (with the exception of the accounting data below) is automatically deleted after 90 days. …"
-"… ? …"
The verdict.
According to reviews, ivpn.it seems like the real deal in terms of optimal quality standard vpn service. While I cannot vouch for any consumer complaints of business malpractice due to the lack of official business information mediums, the trustpilot consumer reviews claim excellent service. I can’t say it is a non-profit company, but its demand for compensation sounds about fair. It is a VPN, a known network service so no messing around with new false concepts and etc. Claims for no saved session logs of VPN activity and all analytics are solely first party side, ivpn.net. Account termination will result in removal of all its instances. The claims sounds a bit tall, but reviews echo them too.
|
As for the port forwarding and IP address assignments, that be on the technical side of things.
After done with the business side of things, it’s operation time, probably to be done in its own post.
Case studies of the privacy models pending. That means comparison time. That also means to call in the GNU team on such aspects.
It might not be perfect against a criminal but for sure it would be better than nothing against an attack by little children 
)