Thanks to Wireguard and basically 0% battery overhead on Android I always keep it activated. If you don't have a Wireguard endpoint just use Orbot to route it through Tor.
Did that several times using cheap eSIMs while traveling.
Never had a single problem with it (but increased latency because of weird routings around the world).
Wireguard is amazing.
I have an "always on" VPN routing back home. Anything destined for my home network gets routed that way, and there's literally zero battery drain.
I'm not paranoid enough to route everything through VPN though.
For me it's not paranoia.. more like: I have a ton of unused GBit/s left.. so routing a few kBit... MBit/s of mobile data doesn't hurt.
What I meant was, I don't subscribe to a public VPN service, so routing all my traffic through my wireguard tunnel back home would merely mean it went through a different ISP.
I already use SDNS with Nextguard, and all traffic is https encrypted, and my day to day business on the internet is probably rather boring to the majority of people. Not saying I have nothing to hide, everybody does, but my visits to various news outlets, social media and other sites is probably not all that interesting.
The most interesting data about you comes from your phones constant reporting of cell towers, which can be used to triangulate you, and put a timestamp on where you were, when.
> Never had a single problem with it (but increased latency because of weird routings around the world).
UDP (which WireGuard uses to encapsulate your data) traffic is often de-prioritized. You won't notice it when the network load is low, but it will seriously degrade experience during high load periods.
Wouldn't deprioritizing interfere with regular web traffic these days, given that close to one third of non-bot traffic reported by Cloudflare is over UDP with HTTP/3[0]?
[0]: https://radar.cloudflare.com/adoption-and-usage?dateRange=52...
I'd certainly hope ISP follow your reasoning. BTW that was why I put my WireGuard server on port 443, hoping it would avoid the tragic QoS…
[dead]
FYI, most of your comments show up as [dead]. I assume that the ones that didn't (like this one) have been vouched by others.
Not sure if dang see this, but it might be worth asking hn@ycombinator.com otherwise
Interesting. I didn't verify my mail address.
Maybe a flood protection for new accounts.
Recently I was looking for solution to have multiple VPN running at the same time, and without work profile I am limited to one. I want to run two (or more) and be able to tell which app uses no VPN, which routes through vpn1, which routes through vpn1, etc. so far it looks like I need multiple profiles, and that requires root, which Google actively discourages.
Maybe someone knows better alternatives?
I think "WG Tunnel" should be able to do that. You can add multiples profiles and link apps to it.