That One Privacy Site

Discussion in 'privacy technology' started by mirimir, May 15, 2016.

  1. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I had a look at it now, it seems a bit sketchy...
    Riseup uses the bitmask VPN application so if you go to https://bitmask.net you can find out more about it. It appears to be part of the Leap encryption project, you can download it for android or Ubuntu Linux.
    I downloaded the Android version to try it on my phone.
    The download is version 0.94.
    I downloaded the devs signing key also from bitmask.net but open key chain says it is revoked.
    So I just installed bitmask without verifying it I might not do that on a PC but I don't really care about this phone.
    Anyway bitmask v0.94 didn't work it threw up errors when I tried to connect to riseup.
    So I had a look at the built in help and everything with a copyright date on it is years out of date.
     
  2. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,336
    Location:
    Location Unknown
    Does anyone have any information/opinion of vpn.ac? From what I can gather, it seems to be one of the most security conscious; even offering ECC encryption. They do keep connection logs for one day on a seperate encrypted server for operational purposes, but they are in Romania and out of the "eyes" system of informational sharing; 9, 5, 14.

    Has anyone used them before? Thoughts?
     
  3. Rebsat

    Rebsat Registered Member

    Joined:
    Oct 20, 2014
    Posts:
    36
    Location:
    My Desk
    Hi @n8chavez and welcome. Regarding VPN.ac, it's a high-quality VPN service with excellent overall performance, strong privacy features, and tough encryption. In terms of security and privacy, I’d go with Perfect Privacy mainly because it offers multi-hop VPN chains with up to 4 hops, while VPN.ac offers Double-hop VPN feature which allows you to use an encrypted VPN tunnel across two different locations, before your internet traffic leaves the VPN.
     
  4. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Is there some reason Mullvad isn't on the list? Find a flaw in their service?
     
  5. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    4 hops?... seems like overkill, and that it would produce a ton of lag.Though I consider double-hop a must.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Well, with Perfect Privacy, it's four hops through their servers. So they're still the weak point in the trust chain.

    And about latency. I have run nested chains with five VPNs, and they're pretty usable. Maybe a few hundred millisecond latency, but you get used to it. And still less than Tor can be. Also, with nested VPN chains, throughput can be amazingly high. Well over 10 Mbps, in some cases, pushed with large-swarm torrents.
     
  7. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    Mirimir I have a question for you, when we connect to an https site through tor.
    Which party negotiates the https with the endpoint web server, the user computer or the tor exit node?
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It's the user's computer. The Tor Project tests exits, to see if they MitM TLS. If they do, they're banned from Tor ("bad exit flag").
     
  9. DrearyMushroom

    DrearyMushroom Registered Member

    Joined:
    Sep 9, 2017
    Posts:
    27
    Location:
    The Internet
    No, Mullvad is one of the better ones for privacy. It's on The One Privacy Guy's site.
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I agree :)
     
  11. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    A few hundred millisecond difference... seriously, that's it? Yeah, that would definitely be faster than TOR alone. Though these days I don't trust TOR at all, and am waiting to see, for one, if TOR Astoria even becomes a reality. And if so I plan on analyzing it to see if it's really all it's cracked up to be before giving it a try. I sure hope it is. But hearing it's a US/Isreali joint effort doesn't inspire much confidence in me that it will be safe.

    With iVPN I notice a difference depending on which hops I use in tandem. If I go Netherlands > Sweden for example, I notice no difference than if I just used single hop. But if I go Netherlands > Iceland instead, it's much slower for me.
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I'm talking about nested chains with VPNs from multiple providers. And I've picked server-combinations that work well when chained, and in what order. Also, most of them are in UDP mode. For Mirimir, IVPN is always the exit VPN, because I'm so associated with it.

    And Tor. I always use it through nested VPN chains. Just in case, y'know ;)
     
  13. Rebsat

    Rebsat Registered Member

    Joined:
    Oct 20, 2014
    Posts:
    36
    Location:
    My Desk
    @mirimir Hi bro. According to your comprehensive tests...
    1. Why did you consider using multi-hop VPN chains with up to 4 hops by Perfect Privacy are still the weak point in the trust chain? Explanation please
    2. Do you think that IVPN is still offering more secure VPN Services than Perfect Privacy? if Yes then why? and How?
    3. I would greatly appreciate it if you could write down some IVPN benefits which couldn't be found in Perfect Privacy. Regards:thumb:
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    1) Because it's all from Perfect Privacy. If they give you up, you're pwned. If you chain VPNs from different providers, you're cool unless adversaries get cooperation from all or most of them. And likewise, the same is so for IVPN's multihop configs.

    2) They're both fine. Although Perfect Privacy's OSX client did leak. But that was over a year ago, so maybe it's OK now.

    3) I think that their custom client is better. But then, I don't use custom clients, so hey.
     
  15. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    So chaining VPN providers in different countries that do not usually cooperate would be a good thing then right?
     
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Yep, that's a good plan :)

    Such combinations are hard to find, however. But you can read the news, and see who's invading whom. Or threatening.

    Even then, though, it's iffy. Russia and the US, for example, have cooperated in some criminal take-downs. But maybe cooperation has become less likely, recently. I mean, the Kaspersky stuff is indicative. And even Italy can resist. Remember the upset after US rendition of "suspected terrorists"? If you can find a decent VPN in North Korea, I'd say go for it :) But in the middle of a chain, just to be discreet.
     
  17. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    TunnelBear VPN Provider Has Third-Party Public Security Audit Conducted.
    http://www.securityweek.com/tunnelbear-vpn-audit-finds-few-vulnerabilities

    NOTE: The one thing this audit didn’t address were the contents of TunnelBear’s privacy policy.

    They did remove 3 things from their privacy policy and database.
    1. Any first names that were stored by TunnelBear have been deleted from their database.
    2 .All information related to Maul Trackers has been deleted from their database including the
    blocked anonymized top level domains and the number of times these domains were blocked.
    3. Deleted all entries related to total lifetime connections from their database.

    Hotspot Shield VPN’s Privacy and Security Promises Contradict Practices.
    https://cdt.org/blog/hotspot-shield-vpns-privacy-and-security-promises-contradict-practices/
     
  18. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Oops again. When I tested Perfect Privacy in OS X, they didn't have a custom client. So I used Viscosity. Now they do have one. But I haven't tested it. Any y'all could do that, though ;)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.