Perfect Privacy Admin Raided

https://blog.perfect-privacy.com/2010/08/20/perfect-privacy-staff-member-gets-house-search/

Beware.

Never good when this sort of thing happens.

 

Sounds like there is something more/else going on.

 

Hardly surprising when you have a business model that attracts or encourages all sorts of criminal behaviour by definition.

Germany's privacy legislation is among the most advanced in the world so yes, there must be something serious going on.

http://www.privacyinternational.org/survey/phr2003/countries/germany.htm

 

Seriously, like anybody is really going to read all of that.

But Germany, being part of the EU, isnt in reality all that kind when it comes to digital privacy-issues.

Your first comment by the way creates the suggestion that you don't mind that a company has been raided because "suspicion that unknown suspects had routed illegal communications over the privacy servers in Erfurt" somehow existed.
Do you find this raid a good thing?

 

Supposedly, this isn't the first time this company has had issues with German authorities... except last time it was the actual servers that got raided. But since their servers don't log, it's likely they came up empty-handed. I guess this time around, they decided to go directly after the administrator instead, hoping they can exploit him to gain access to the server data. But, assuming this admin was smart and had everything encrypted, I doubt the raiders will find what they're looking for.. meaning it's basically just another waste of time and resources on the government's part.

However, I think Perfect Privacy and other VPN providers should just pull out of Germany altogether. Considering the "raid-happy" mentality of the German regime, it's just not worth the hassle, IMHO. Regardless of what people seem to think about the quality of German privacy laws, anecdotal evidence strongly suggests otherwise. It seems like nowadays every time I hear about law enforcement raids on servers or raids on private individuals (often en-masse), Germany is always at the forefront. That doesn't sound very privacy-friendly to me.

The good thing is, at least Perfect Privacy is being transparent about the issue... unlike the actions of some of their competitors. If you recall not too long ago, VPN provider Cryptocloud (a.k.a. TorrentFreedom) had an even more serious issue, in which the company's founder was arrested by U.S. FBI for an (allegedly) unrelated issue. But instead of being open about it, the company became dodgy, trying to brush it under the rug and pretend that everything is "business as usual"... which was a very bad move from a P.R. standpoint, IMHO.

But, at least so far, Perfect Privacy seems to be handling this situation appropriately.

 

If privacy is your main concern then having your VPN provider and its servers in the EU is not a good idea. As this article points out your provider and some of its servers should be in non-cooperative offshore locations. Take a look at VPN4ALL as an example. They appear to be incorporated offshore, their website is in the Bahamas (same host as MuteMail), they have serveral servers outside the US and EU, and they accept anonymous money (Liberty Reserve). It depends on your needs. For most users, simply avoiding certain countries like the US, UK and Germany will be adequate.

 

Slightly offtopic of course:

But what did happen to that guy from CryptoCloud.
I never figured out for what is was arrested for.
Was it cocaine again?

 

VPN4ALL Pro looks good, and it's not available yet. I'll wait for that

 

the price is "good" too !!!!!

 

I have never understood how using a VPN makes you secure. I understand your traffic is encrypted but the VPN provider can log your real IP and they have all of your information if it is a paid VPN. So far I believe my setup is secure and is hard to track. See here: https://www.wilderssecurity.com/showthread.php?t=280059

 

So, according to VPN4ALL's competition overview, the best competitors are XeroBank and Perfect Privacy (beside VPN4ALL which is of course perfect ).

Who are the people behind this VPN? Does SteveTX know?

 

I just looked at their comparison overview and I strongly disagree with their HideMyAss VPN comparative, as I am using them and I know that some of what they say on the comparative it is simply not truth.

Looking up the About page on VPN4All also reveals that they are subject to UK and USA law where they have their headquarters, not the most privacy friendly places to be in.

VPN4All appears to be a JondoNym copycat (3 x chained servers), they just forgot to add them to their comparative.

 

VPN4ALL has UK and US offices.

They are incorporated in The Seychelles.

Requests from Law Enforcement
We are located in a jurisdiction where Internet logs, personal information, account data and all client information is not required to be logged or cached, therefore any requests by law enforcement can be met without providing any information about clients or their data. Even a court order would not provide any personal data about subscribers.

JonDonym is a proxy system not a VPN. Proxies are for viewing websites only.

 

Surely the people and offices operating inside the UK&US are subjected to US and UK laws, aren't they? Even for a company incorporated in the Seychelles.

If VPN4All uses an impossible to track system, like a chain of VPNs located in different jurisdictions, then that is another matter and hats off to that, all I doubt is that UK based staff can refuse to give any logs to the British police alleging that their company is incorporated in the Seychelles and citing Seychelles privacy laws for that.

Just like Google, an american company, has to follow Chinese law to legally operate in China, I would think that so has VPN4All to operate in the UK.

 

Don't use any US or UK servers unless you are in chaining mode.

 

The location of the VPN server itself is more important than that of the owner/administrators. For example, I don't think U.K. authorities would be able to force an administrator living in Britain to turn over logs of a Russian server, since that would be outside of their jurisdiction. Also, assuming the VPN provider is being truthful and not actually storing logs in the first place, then there'd be nothing to give them anyway (they can't turn over what they don't have). Keep in mind that while many EU countries now require ISPs to log customer activities, VPN providers are technically not considered to be ISPs, and as such, are exempt from having to keep logs.

In the case of Perfect Privacy, the important distinction here is that the raid on the administrator in Germany was based on suspicion of unlawful communications over the German servers specifically; in other words, the server and server admin were both in the same jurisdictional locale. Had the investigation been focused on a server in some other country instead, I doubt that German law enforcement would have had the same legal authority to pursue the administrator with such an aggressive tactic as they did in this case.

According to Perfect Privacy's blog, the servers in Germany are now back online as of August 25. However, without knowing the full details of the search & seizure incident, how can anyone be sure if those servers are safe or not? Hypothetically, what if the administrator caved under pressure and agreed to allow authorities unencrypted access to the server, or to install a packet sniffer? If something like that were to happen, the end-user would have no way of knowing that his privacy has been compromised, until it's too late.

 

Think I might give vpn4all a shot and see how it goes.
Steve and all other things xb seem to be MIA. I really like/liked xb, but for $30 a month I want some interaction at a forum level and a support level.