this post was submitted on 07 Jun 2023
42 points (100.0% liked)
Technology
37739 readers
724 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't think Mullvad's port forwarding decision can be compared to Reddit's greed. They were getting in trouble with law enforcement for providing tunnels to illegal websites, so they had to either identify those customers or stop port forwarding if they didn't want to get the entire company shut down.
Not technical enough for this one. What does port forwarding allow a user to do that they don't achieve using regular VPN setup?
@[email protected] has a good in-depth answer, but the TL;DR non-technical answer is that when you connect to a website, your browser requests the website data from the server the website is running on, which allows you to get information about this server like its location and service provider. This way, you can find out the identity of a website's owner. With port forwarding, the website admin can pass the website data through Mullvad's servers instead, so the it looks like the server running the website is Mullvad's and the true identity of the host server is unknown. Law enforcement was pressuring Mullvad to reveal the information about the hosts of illegal websites, which Mullvad refused to give, so they decided to shut down this service instead.
It enables incoming connections for devices in a NAT (i.e. for devices that all share the same IP address like in a VPN for example). Say your iPhone and your Laptop are both using your local wifi, then they both share the same public IP of your router. If I try to reach your laptop specifically, I have no way of telling your router to send my request to your laptop instead of your iPhone or the router itself. You can now tell your router to forward port 80 for example to your laptop specifically, so if I send a request to your public IP address on port 80, the router knows to forward it to your laptop.
Without port forwarding, only your PC can open connections to servers and only then can servers send data back to your PC (because the router keeps track of open connections and "temporarily" forwards the port of your open connection to you).
If you wish to run a website for example, you need to have ports forwarded. And torrenting works a lot better with it as well because people can contact you to send you the data you're looking for. Otherwise you'd have to ask everybody by yourself, so to speak. And it's more effective to "leave a note" for others to find and then contact you based on, because some of the peers might not want to be contacted or don't have forwarded ports themselves.
Getting a bit more technical, "ports" are a transport layer (layer 4) concept. Other protocols may use different addressing schemes on top of the IP addresses, but most common ones like TCP and UDP for example use ports.