A fully VPN’ed family member got hit with an automated copyright strike and when looking into how it happened I found out that using the default qBittorrent config with a killswitch-enabled ProtonVPN meant that the home IP address was being leaked. I verified it through a few tools, including ipleak(dot)net’s fake magnet link feature which showed both the VPN and home IPs when connected. I’m at best a tinkerer so I’m not sure if this is a Proton-exclusive problem at all, or if the killswitch useage is even relevant, but that’s what they were using and figured this all might be worth mentioning since it was certainly a shock to us and not something we’ve seen brought up before.
The solution was to change which network interface qBittorrent was set to use via “Tools > Preferences > Advanced > Network interface”. Which one to pick will depend on the protocol you’re using in Proton’s client, but unless you’re confident in what you’re doing I’d recommend testing each with the ipleak(dot)net (or similar) torrent tool until you’re only seeing the VPN IP show up.
Hope this is useful! (and not common knowledge that we were just wildly ignorant of)
Always bind your torrent client to the VPN interface and use Socks5 if possible. I’ve been torrenting on Linux this way (albeit with a different provider) for the better half of my life and it hasn’t failed me once.
Not possible on ProtonVPN, unfortunately. They say that a SOCKS5 proxy is just a VPN without encryption. I’m not smart enough to tell you if they are wrong…seems to me that a user could use BOTH and enhance their privacy, but I have no clue.
You can use Socks5 on top of your existing connection. Some don’t even require authentication, just being connected to your regular VPN is enough.
Exactly the correct approach. Similar thing happened to one of my friends a couple years back with Nord. This sort of “leak” could happen with any other VPN provider; not binding the interface is just rolling the dice.
Had either of us known about it beforehand we certainly would have. The lack of binding was definitely not an intentional choice.
Though as I’ve mentioned in a few other replies the biggest shock was how worthless the killswitch feature was. The presumption was that this screw-up is the exact kind situation that feature was designed to prevent, but clearly it’s either broken, total nonsense, or poorly/misleadingly described.