Secure Anonymous VPN

Is KryptoHippie the same as cryptohippie?

 

Yes. They have a few incorporations under different names, I can't really keep track of them, which maybe is the point.

 

I realized why I quit posting on this forum prior, there was always a great deal of huffing and puffing without any real progress going on. It seems that it is much easier to randomly criticize someone without really explaining the issue nor fully clarifying it to readers.

Let me also state for the record I have been with Baneki through it's inception and have grown and learned quite a bit over the last three years, so I am a bit of a 'homer'. Secondly, I would like to hear more of the problem we will be having in the EU as we retained a top European firm to keep us in line with the law. You mentioned you spoke to a friend who had just visited the Netherlands FCC and had conversations with them. Did they go to specifically discuss Cryptocloud, privacy in general or were they there on a pizza delivery? I am sure there is a good explanation of this but it has been lost in your childish personal attacks and mudslinging.

Next as for our incorporations, there is more than one? That would be news to me, for more details please explore our forums we would certainly enjoy your well formulated concise and articulate opinions. I use the word opinion is that is what privacy is all about evidenced by your support of the superfluous multi-hop product that seems to be your major selling point. Furthering this I would imagine if you gathered members of Xero Networks, Tor and KryptoHippie that there would be diverse opinions of true privacy and anonymity that come from experience, politics and life. Please correct me if I am wrong.

Lastly with all the experience you have had in the public eye I would hope you spend more time showing people why they need to be private and less on personal attacks. True freedom is standing up for who you are, what you have done and where you are going as well as accepting others who do the same.

 

I'm the one who brought up CryptoCloud here. As the regulars here are surely tired of hearing, I'm shopping for anonymity providers, and have been posing questions and findings in various threads. Although I use XeroBank, and am very satisfied with its services, I have no other connection with Steve or anyone else associated with it. I have no other agenda.

EDIT: Upon reflection, I obviously do have many other agendas re freedom, privacy, censorship, etc. What I meant to say is that I have no agendas concerning CryptoCloud, XeroBank, etc. other than the security of their anonymity services.

If there's just one hop, they'd know what entry node the traffic came from. And then they could sniff traffic entering that node. And then they could correlate entry and exit traffic to break anonymity -- or at least, to develop probable associations. If that attack isn't feasible given your network structure, please explain.

EDIT: Upon (further) reflection, what I wrote isn't correct, because each CryptoCloud exit node presumably serves multiple entry nodes, and vice versa. Without knowing more about each network's structure, at least conceptually, it's hard to compare them. OTOH, I appreciate that such information would aid attackers. So what we're left with is dueling generalities.

It's hardly nonsense. The multi-hop concept has been part of many anonymity systems, from 1990s-era remailers through Tor, Freenet, I2P, etc. Although one could criticize XeroBank's implementation, I don't believe that one can seriously question the relevance of multi-hop connections.

It's totally "not-coincidental". It's my doing, by posting about it here. Please don't take it personally. It's just due diligence. I've had critical things to say about Anonymizer.com, and about other services, and I'd explore relevant issues re XeroBank just as openly.

All I care about is your anonymity service. Really.

Although I've made no claims or accusations, I have raised questions, and offered my opinions. Again, please don't take it personally. I truly have no agenda other than identifying the most secure anonymity services, and helping others to do the same.

 

Hierophant-

Apologies for not getting back here sooner and would like to ask a favor... would you post your questions in the cultureghost.org forum? I believe you will get a more well rounded answer from our tech staff as well as others in the forum. Then I would hope you would bring the answers back here and anywhere else you may be looking. I could give you my answers but I might they might sound fausty-esc and believe in coming to a decision with as much diversity as possible.

Cheers!

 

Certainly, I'm happy to do that. I need to work now, so it may not happen today. And I'll edit this post with a cultureghost.org URL.

 

IF this is truly the case, wouldn't this make [SHADOW="blue"]ShadowVPN[/SHADOW] dead in the water as well

 

It'd be good to have status updates from all over re logging statutes -- what's being logged, retention times, level of provider cooperation required, requirement to divulge passwords and/or keys an/or certificates, and so on. I'll be happy to summarize submitted information, or help if someone else is committed to taking that on.

 

Shadow VPN is mixed in with regular Xerobank traffic, so I think that would make it more secure than it would be otherwise.

 

Even if it is mixed, the statement below applies ....

Steve, how about some clarification on this ?

 

Upon reconsideration, I don't think that there's much left to say, here or on the CryptoCloud support forum. It's beyond my current capabilities to assess and compare security of competing privacy and anonymity services, except in trivial ways.

For example, when I'm connected to either CryptoCloud or XeroBank, the IP of my computer's TAP adapter is 10.*.*.* and its internet IP is that of the service's exit node. I have no clue re the networks that connect them, or how secure they are. I can distinguish both from services such as SwissVPN, which directly assigns an internet IP to my computer's TAP adapter. And I can confirm that all nonlocal packets use the TAP adapters. And that's about it. For the rest, all I have are claims by the respective providers.

What I'm left with is deciding who to trust, and Bruce Schneider's comment in _Secrets & Lies_: "Peer review, long periods of peer review, are the only evidence of security that we have." That's why I'm here.

 

hierophant-

Well said and harmonious with my post about the groups SteveTx brought up earlier for paid consulting . There are set constants such as pptp's lacking qualities as a reference but much is left to the beholder. I liken it to the Northern California liberal town I live in (as a libertarian) where you can put 10 folks in a room and get 10 different opinions. I am biased so I will not try and cloud that for you, only wish you luck on your choice. The one thing I can say is we will stand by our Terms of Service without fail and work diligently to maximize our clients experience.

 

If it is mixed with xerobank traffic how does that not make a difference? Anyway, Steve says that shadowvpn is not as secure as xerobank but is ore secure than most single hop vpn's. Maybe he can elaborate.

 

I will add my two cents to this long thread.

Addressing the original post, I have used AceVPN in the past and I was very happy with their pricing and great customer service, unfortunately their US speed servers was slow to watch Hulu, that is why I left them.

I am now using Hidemyass VPN service, and this is a big change from AceVPN, no more speed issues watching US TV online. Their servers are top notch.

The only problem I have with Hidemyass VPN is that they use their own proprietary OpenVPN client and it has some bugs, such as exposing your real IP without warning if you get disconnected while browsing the net.

Regarding other posts, fausty is right that a VPN provider is not the same as telecommunications provider, he does not have to comply with that law, he is not an ISP. Whether the VPN ISP logs or not that is another matter.

As for Cryptocloud, now that I know they are the same as GoldensVPN, I think it is disgusting their obsession with the child porn issue.

I recall reading Goldens VPN privacy policy(when the VPN was online), how they had zero tolerance for child porn and do not dare use our VPN for that, etc...

And who decides what constitutes child porn and what not? Is that you?

If you are a VPN provider you should do your business as it is, someone will use it for illegal purposes, terrorists, child pornographers, zoophilia, drug dealers or whatever it is, so get ready for that and cover yourself in accordance with the law, but this single issue paranoia or any other single issue paranoia is not for a VPN provider to do.

I don't think it is for any VPN provider to pass judgement on others about what is illegal and what not, you are not a solicitor to decide what may or may not constitute what.

And even if you were, I dont see why you should volunteer for the police department, we all feel strong about many issues, if you can't separate them from the privacy and anonymity business, maybe you should not be providing privacy services.

 

I'm using Hotspot Shield. Can it conflict with my Firewall? Anyone give me a answer.