How-To: Set up the Perfect Privacy VPN App on macOS

owiersma

New Member
I used IKEv2 profiles in my Network settings before. Do I need to remove these before installing the App on macOS?
 

Pete

Member
Is there a way to get an automatic signing at the startup?

Also, I did not find the way to get the icon only in the Menu Bar and not in the Dock.
 

ChrisVPNFan

New Member
Is there a way to get an automatic signing at the startup?

Also, I did not find the way to get the icon only in the Menu Bar and not in the Dock.
Download Tunnelblick and use the OPENVPN Profiles of PP. There is a „Connect on startup“ feature
 

Pete

Member
Thanks. However Tunnelblick or OpenVPN are killing my speed.
Also they don't support IKEv2 proto.
 

bohumil

Active Member
IMHO Mac & IKEv2 is the fastest, with “connect on demand” selected, "no VPN connection = no internet", is not a reliable killswitch (especially if you use Little Snitch).
Mac & PP Manager is the securest with killswitch ("Traffic Leak Protection"= "permantly") this really works and you have a multi-hop plus an obfuscation option.
Speed vs. security.
You decide.
 
Last edited:

Pete

Member
IMHO Mac & IKEv2 is the fastest, with “connect on demand” selected, "no VPN connection = no internet", is not a reliable killswitch (especially if you use Little Snitch).
Mac & PP Manager is the securest with killswitch ("Traffic Leak Protection"= "permantly") this really works and you have a multi-hop plus an obfuscation option.
Speed vs. security.
You decide.
Not sure you are answering my question. Sorry but your message is not very clear.
Also, I was referring to PP Manager for OSX (cf. Topic of the thread).
 

bohumil

Active Member
I was also referring to the PP Manager for OSX.
Open VPN on the PP Manager for Mac is the securest, but not the fastest.
IPSEC/IKEv2 on Mac is the fastest, but not the securest.
Thats all I wanted to tell you.
I did not find the way to get the icon only in the Menu Bar and not in the Dock.
Put the PP Manager in "system setting" "startup items".
The automatic connection is not available yet.
You've got to connect manually.
 
Last edited:

Pete

Member
I was also referring to the PP Manager for OSX.
Open VPN on the PP Manager for Mac is the securest, but not the fastest..
Agree.

IPSEC/IKEv2 on Mac is the fastest, but not the securest..
Why is that? When it is activated on my side, I get no internet till the VPN connection is made.

Put the PP Manager in "system setting" "startup items"..
It is done but that does not change anything in term of docking. I don't like to have my active applications in the dock. It is getting to messy. I'd rather prefer to have them in the menu bar.

The automatic connection is not available yet.
You've got to connect manually.
OK
 

Pete

Member
As I use Little Snitch, maybe you don't, I observed that LS switches after a cutoff connecting back to my ISP.
You can avoid this with this workaround:
https://support.nvpn.net/Knowledgeb...event-an-ip-leak-on-mac-os-with-little-snitch
True I am not using Little Snitch. When I left Windows years ago it was to avoid to go back and manage my laptop "core".

Personally, I consider that when I switch on my MBP, there is not risk as I am not doing anything, yet.
So, even if Apple, BitDefender, Onedrive... the fews apps that launch automatically get my real IP, 2 to 5 seconds later I am behind PP VPN and "I am someone else".
Then, apart getting the real IP for few seconds, they don't get anything else. Guess it does not hurt, does it?
 

bohumil

Active Member
These "few seconds" are for me inacceptable, when I'm in a VPN mode.
VPN or not VPN, THIS is the question...
"They" get your first IP and then your VPN IP. So they know who you are under VPN and not only by your IP but also by your fingerprint, 1+1=...
The only way if you want to prevent it, is to use the PP Mac VPN Manager, NO connection will be established before your VPN connection (but only in the "Traffic Leak Protection" "permanently" mode) .
Depends on what is important for you.
I think slow speed is that what hurts you ;-)
 
Last edited:

Pete

Member
You are aware that fingerprints are mainly done through your browser (except Tor), and it can be used to fully or partially to identify you or your machin even when persistent or zombie cookies can't be read or stored in your browser, or when your IP is hidden (VPN), and even if you switch to another browser on the same device.

However, the collection of device fingerprints from browsers relies on the availability of javascript. Something easy to avoid or to limit when using mobile phones and by running privacy softwares, like Adguard or Cookies (Sweept Production) that I am using to block ads and trackers on my iDevices.

Furthermore, sandboxed used by Apple will exhibit so little uniqueness that most fingerprinting techniques involving technical information about the device, the browser, and the font list will not be sufficient to create a unique fingerprint.

My 2 cents ;-)
 
Top