When you create a “virtual private network” the “exit” of that network is a physical node with a legal jurisdiction. That jurisdiction determines who can compel disclosure of your traffic metadata, under what authority, and whether anyone is required to tell you it happened. Choosing the right jurisdiction is the first security decision of any “private” network. Everything else depends on it.

eisengarn Intro

After hearing many people ask what they should do about the crisis of fraud in the VPN provider market (many of them apparently are cosmetic shells that trace back to the same hedge fund, or an anti-privacy politically ambitious CEO), I created eisengarn. Of all the options I saw presented, none seemed to offer the simplest answer of all.

I didn’t see any reason for something to be magic or marketed when the concepts of private networking are as old as the Internet itself. So I put together the most simple solution I could, and not simpler: a personal WireGuard VPN provisioner written in Go.

I like to sing Rudy Toombs’ “one binary, one cloud, one protocol (VPN)” to the tune of one bourbon, one scotch, one beer. Your musical tastes may differ, but the point is the simplicity and transparency that brings integrity.

One scotch, one bourbon, one beer

One scotch, one bourbon, one beer

Please mister bartender,
listen here

I ain’t here for trouble,
so have no fear

One scotch, one bourbon, one beer

You run one command and get a hardened WireGuard exit node on the Hetzner Cloud, locked by code that only allows EU jurisdiction datacenters: Nuremberg, Falkenstein, Helsinki.

The name is awkward to say, but it’s a real German textile term for “iron yarn”, which means paraffin-treated cotton thread. It’s perhaps known best as Bauhaus tubular-steel chair webbing (Stam, Breuer). It has strong, thin, functional, engineered attributes. What’s not to like? The metaphor is a simple purpose-fit physical thing to make your internet more trusted.

Jurisdiction Details

Hetzner is a German company, thus under German and EU data protection law. The GDPR applies. The server you provision sits in a known legal regime with strong data-protection statute. That’s why eisengarn hardcodes the location, giving an easy and reliable jurisdictional boundary.

The code is open on Codeberg, a German non-profit running Forgejo. The DNS resolvers are Quad9, a Swiss foundation with a no-source-IP-logging policy, and DNS.SB, operated in Germany, both over DNS-over-TLS.

The cloud, code, and DNS all remain within EU jurisdiction, unlike the American services known to be heavily monitored by Trump for loyalty, and subject to being disabled immediately without warning.

Ms. Prost was at home, standing in her kitchen, when the call came informing she was being sanctioned. It wasn’t a complete surprise, given that many of her colleagues had already been sanctioned, she said during an interview…. Within hours, she said, she had received a message from Amazon canceling her accounts. Before long, Google & her banks got in touch. Over the following days, credit cards ceased to work.

Design Details

WireGuard keypairs are generated server-side on first boot; the private key stays on the server and is read directly into the WireGuard config there. Client keypairs are generated locally on your machine; only the public key crosses the wire. Every key artifact is written atomically: create temp file, chmod 0600, rename into place.

SSH authentication is agent-only. Your private key stays in ssh-agent, protected by your passphrase, and eisengarn prints which key it selected so you can confirm. Host-key pinning is trust-on-first-use and fails closed: a changed host key aborts the connection.

IPv6 is dual-stacked with NAT66, so both address families route through the tunnel and exit in the EU. DNS runs through unbound, listening only on the tunnel interface, forwarding over TLS. The firewall is scoped to OpenSSH and WireGuard’s UDP port; the resolver is reachable solely from inside the tunnel.

Threat Details

eisengarn, if not already apparent, is a jurisdiction tool. You control the exit node. You choose the legal regime your traffic lands in. The security properties are visible in code rather than in a sketchy hedge-fund VPN flogging “personality type” marketing.

The README spells out exactly what the trust boundaries are: your Hetzner account ties the server to your identity, the exit IP is stable and yours, and traffic past the exit is as encrypted as it was to begin with. Honest documentation so you know exactly where the boundaries are should help you make real decisions about your threats.

Workflow Details

It’s in Go, statically compiled, CGO disabled. Clone it from Codeberg, make build, and this is the entire workflow:

eisengarn up — provisions a locked-down Ubuntu 24.04 server in the EU datacenter you chose, configures WireGuard and the DNS resolver, pins the host key, writes local state.

eisengarn add laptop — generates a keypair on your machine, sends only the public key to the server, writes laptop.conf and a scannable laptop.png QR code. Import the conf into WireGuard on the device. Scan the QR on a phone.

eisengarn verify — runs live checks against the server: tunnel up, unbound active, firewall scoped, DNS resolver unreachable from the public internet.

eisengarn list — shows your devices, reconciled against the live server.

eisengarn down — destroys the server and stops the bill.

A cpx22 at Hetzner runs only a few euros a month, perhaps less than your VPN service charges. The server is persistent, meaning you can provision once, add devices over time, and eisengarn down when you’re done. A down command immediately destroys the complete server.

v0.1.0 was just tagged, under a MIT license.

Enjoy, and stay safe out there.

YouTube has been surfacing a LOT of synthetic war content lately, and the attribution question deserves more care than the platform gives it. The @BenHodgesUpdates channel is not Hodges, not affiliated with him, and the production cadence is impossible for genuine interviews. Whether it runs for ad revenue or for Moscow, or both, matters less than you’d think, because hyper-inflated Ukrainian victory content serves Putin’s KGB-trained interests either way: saturate the audience with imminent Russian collapse, and every week reality fails to deliver erodes trust in the real analysts whose names were stolen to sell it. President Wilson’s propagandists understood this in WWI, and so do the YouTube content slop factories perhaps sitting in Texas and Florida.

This unauthorized impersonation channel is reportable under YouTube’s impersonation and misleading-content policies. And you should report it. But more importantly you should ask why YouTube engineering doesn’t flag such dangerous integrity breaches of their platform.

Start with the channel description, which ends with “For business inquiries and partnerships: [Your Email Address Here]”. A template that for years never filled in this obvious blank, is a giant flag all on its own.

Then look at the timing and monetization model. The channel joined November 20, 2022, yet all 14 videos were rushed in the last four weeks at roughly one per day. That’s an aged or purchased account repurposed for a content farm. And every video is a 23–29 minute “exclusive” with the same general. Past the eight minute mark YouTube permits mid-roll advertising, meaning a daily half-hour of synthetic narration is for revenue generation on fraud, not interview scheduling. Compare it with the real Ben Hodges who does real interviews (Ukrainer, CNBC, BBC, Silicon Curtain). No General, including him, runs a daily half-hour sit-down interview pace like this.

And what about the data? I see 15.8K subscribers and 340K views off 14 videos in three weeks, consistent with the documented wave of AI-narrated Ukraine war slop channels that clone the voices of Hodges, Petraeus, and similar figures over stock footage.

Content fails as well. Titles are “Ukraine Just ERASED Putin’s Crown Jewel… BLINDS Putin’s Nuclear Fleet FOREVER | Gen Ben hodges”, with inconsistent capitalization across uploads (“Ben Hodges”, “ben hodges”, “Gen Ben hodges”), a dropped-letter typo (“ULEASHED Hell”) of the kind language models almost never make, betraying the human hand retyping machine output into the upload form, as well as ellipses, all-caps panic verbs. It’s lighting up as hallmarks of machine-generated titles, only lightly supervised.

We haven’t even clicked into a video yet and already it’s a clear takedown case, built on an account that sat aged for years before activation three weeks ago.

The pipeline of metadata convicts the channel on its own. Hello YouTube? Hello?

Now, the juicy part. What about content spread by the channel? Before I begin, let me refer to my two degrees with a specialization on asymmetric conflict and disinformation. That’s not an appeal to any sense of authority, rather to say what follows isn’t a light skill picked up in a day. I highly recommend study and practice of this subject, as you will see improvements in your own ability to detect subtle threats. That being said, YouTube could easily detect this with some simple engineering by experts and expert tools.

1. The seed: a bridge near Chonhar connecting occupied Crimea with Russian-controlled southern Ukraine was damaged in a Ukrainian drone strike overnight on June 7, confirmed by the Ukrainian military, and a second drone strike on June 9 halted traffic again, followed by a reported missile strike on the Henichesk–Arabat Spit bridge early on June 10. Note that June 7 is confirmed by Kyiv with video, then June 10 rests on the Russian occupation official Saldo, and the June 11 reports of bridges hit at Armiansk and Krasnoperekopsk trace back to social media posts relayed by news aggregators. The script bases its loudest point of certainty on the least confirmed ones.
2. The laundry: the commander of the 1st Separate Assault Regiment said the Chonhar strike was carried out specifically to cut fuel supplies to the Russia’s 37th Motorised Rifle Brigade.
3. The gap: the drone strikes punched roughly one-metre holes in the bridge deck while the structural ribs were not compromised, and there is no confirmed evidence the bridge has been destroyed; the immediate military effect remains difficult to assess independently. Russian engineers were already running a pontoon crossing at Chonhar, visible in satellite photos. The script converts that into “permanent damage,” six bridges “rendered operationally useless,” and 110,000 troops in a “logistical trap.” Note the title says 80,000. The script says 110,000. Can’t be both.
4. The fog: Pantsir blind spots “mapped and cataloged,” electronic warfare signatures “recorded and analyzed,” a four-hour attack wave from midnight to 0400, “weeks of patient, methodical intelligence collection.” No public source contains any of this. It’s the texture of analysis without sources, which means an LLM hallucinating a dense fog to disappear the real headlines.
5. The artifacts: the interview has no interview. No questions, no first-person voice of a retired three-star. It’s omniscient-narrator machine-generated prose that has “Gen. Ben Hodges” stapled to it, so thinly connected it could be Donald Duck.

Now let’s go deeper into the ruse, as a logic test of integrity. An analytic framing blows the script apart.

• Bad addition: Title: 80,000. Opening: 50,000 mainland plus 60,000 Crimea. Which?
• Bad geometry: The “encirclement” claim depends on Kerch Bridge being the only supply route other than Black Sea ferries to 50,000 mainland troops. But cutting Crimea crossings isolates Crimea, not the other way around (the mainland). Forces in Zaporizhzhia and Kherson are supplied through their eastern land corridor from Rostov through Mariupol, Berdiansk, and Melitopol. It’s common sense, really. And the script admits as much because the land bridge is slipped out as a shift of supplies to “Russian port logistics along the Sea of Azov coastline”. The real General Hodges would be talking about the land corridor as the target, meaning hype about a Crimea artery doesn’t square his circle.
• Bad timeline: The opening states “between June 9th and June 11th… six bridges in 48 hours,” then states Chonhar was first struck with significant damage “in the days preceding June 9th”. The 48-hour window is a hallucination contradicted minutes later. Also, since I was quite open on this blog about naval drone strikes in 2023 (as well as Elon Musk being Putin’s muppet, and the October 2022 unmanned surface vessel raid on Sevastopol that opened the genre after a Neptune missile sank the Moskva) let me point out another tell. This script says strikes were “in 2023 and 2024”. Nope. The drone strike was July 2023, full stop. The next successful attack came in June 2025 and it was no drone: SBU agents spent months mining the underwater supports and detonated 1,100 kg of TNT equivalent at 4:44 in the morning. Nothing landed in 2024, and that gap year is well-known for well-known reasons.
• Bad physics: The claim “pontoon bridges cannot carry main battle tanks at scale” is dumber than rocks. Russian PMP ribbon bridging is for… tanks. The actual problem is being vulnerable to attacks, not basic operations.
• Bad strategy: When the script says “none of this happens overnight” it clashes with its earlier claim that Ukraine reports “direct operational consequence” of day old strikes is “observable reductions in incoming artillery fire”. Which is it?
• Bad source: We have no confirmed evidence the bridge has been destroyed. The effect is still hard to assess, while we do know the deck has one-meter wide holes in it. Meanwhile the script floats all kinds of intelligence detail with zero evidence, about Pantsir maps of blind spots and EW signatures, attack waves, contingency doctrines, share of traffic and re-rerouting… none of it sourced.

The method of military intelligence spreading disinformation, since at least President Woodrow Wilson’s efforts in WWI, has been to take a checkable fact and surround it with unfalsifiable details.

The effect of this YouTube channel is a hallucinated geography taped together from a few precise details.

A real analysis channel with a real General would be the exact inversion, where the details are not exact yet the geography is always right.