This post is originally composed on 2024-11-28. I’m updating it for combining NextDNS, since I have started using a new freemium app with nasty ADs in it. ProtonVPN’s free plan doesn’t allow me to configure AD blocking DNS, especially with their official app. But with WireGuard app, this can be trivial. Thank to the original guide on reddit, the newly added part is in the end of this article.

As a early adopter of Protonmail, I use their later coming VPN product as well, regularly yet lightly. Although I’m a potential customer but still not paying for any of their plan, for many reasons.

Being a free account user, I’ve never done torrenting or any other heavy usage on their servers. It is not moral even though the provider allows me to.

Probably because of my account was old enough so that my country selection feature wasn’t banned until latest update.

There are some concerns that preventing me from paying their services to regain that feature. It’s not about their product, but more about their business strategy.

Although there are always some criticism and antagonism among the community.

But my stand is more towards where All Things Secured and Techlore are. That is, as long as Proton is better than Google, issue with registration, warrant canary or false advertising are tolerable. However, now I’ll be putting a question mark on that though.

Protonmail was like another Tutanota, and Proton VPN was like another IVPN/PIA. But, is it? still…by now?

As the company grows, their policy is getting loser and loser, and their suit is getting larger and larger. They starts to put more attention tweaking their terms of service rather than refining their product. They prefer expansion rather than perfection, and care more about market share rather than user experience.

Does this market strategy sound familiar? Yes, my concern is that Proton now looks too much like baby Google back in the days. Free users are going to be their products, and that is when enshittification starts.

I strongly agree with Cory Doctorow and I believe that Proton is indeed going on the same track right now. Privacy is nothing more than another brand positioning strategy because that was a good niche market to start their business.

In the economy of Chokepoint Capitalism, Proton is not different than Google in its core. If one day Proton gets to the top of market dominance, becoming yet another big tech company, what would end up happening?

My answer to this concern is to against market expansion by advocating open-source community back to free/GNU realm. In the privacy and security world, open-source isn’t enough and could be abused.

Organization should stay focus in-depth and refine their product or service for optimization, not the other way around. They should not conquer new markets, and expand feature or create new product quicker than demands.

Another bad example is what Proton and SimpleLogin did. Bundle everything together to become a one-stop solution is against the principle of decentralization which is a no-no for privacy.

Back to reality, how do I personally deal with the enshittification of Proton VPN which gets in my way unexpectedly?

There is a simple workaround for Proton VPN’s region lock and it’s officially supported.

Per their current statement, free plan gets “more” countries/servers in recent updates, but users just can’t manual select them due to the newly updated restriction in their app.

So the solution is to ditch their official client and use a 3rd party open-source alternative.

This is pretty much the same way as using Proton VPN on a router.

There are official OpenVPN guides on the account’s downloads page for every single platform on how to manually install and connect your configuration files based on the server of your choice.

Check them out: Android iOS Windows macOS and GNU/Linux

But what I did is WireGuard. They have the guides as well for Windows macOS Linux Android and iOS. There are many other unofficial guides on different router firmwares but I don’t need to go that far.

What I liked about WireGuard over OpenVPN is that despite all the security advantages, it is convenient for mobile devices. The WireGuard client supports QR code scan from the Proton website’s Create button. This made the process much easier when I trying to add multiple servers.

These WireGuard configuration will be expired after 1 year. This is pretty tolerable to renew manually.

WireGuard mobile app works more reliable and efficient (less battery hungry) on my device than ProtonVPN app. The only potential drawback is I have to maintain my list of servers manually over time.

Once a WireGuard tunnel is being added, the next step is to add NextDNS into this setup for AD or tracker blocking. Instead of turning it on, tap Tunnel Name - Edit - DNS servers, Change it from ProtonVPN’s server 10.2.0.1 to NextDNS’s server 45.90.28.xxx. Then login my.nextdns.io on a browser and click the button inside Linked IP section. Now, refresh the page it should show All good! at the top.

For optimal battery life, keep Persistent keepalive disabled and turn on On-demand option in the WireGuard tunnel settings. These steps need to be repeated for each tunnel profile but it will last for a while, hopefully 1 year.

Hope this can help someone in the same situation. This solution can potentially provide some of the premium features without paying money to neither Proton nor NextDNS. But I encourage most users to spend money on the service they would like to use for long-term. Business providers need to sustain their cost, so do our lifestyles.