Anonymous Services - Can We Get A List Going And Feedback?

Discussion in 'privacy technology' started by DasFox, Nov 2, 2010.

Thread Status:
Not open for further replies.
  1. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Didn't I see in here that Liberty Reserve has been banished?... did I see/understand that right? That may impact the choices here.

    Anyhow, right now I'm using PRQ (direct connection), paid with Bitcoin. And Mullvad (outer) paid by cash, in VirtualBox using OpenVPN 2.2.1

    Speeds are very good, with the occasional lag by Mullvad.

    I've also used iVPN & AirVPN, and liked both of them as well. All 4 I mentioned are solid choices IMO.
     
  2. Walfor

    Walfor Registered Member

    Joined:
    Aug 4, 2013
    Posts:
    4
    Hi, I'm new here and just read the topic in this forum.

    I am wondering, when using microsoft outlook email client, do these VPN services protect the IP address in outgoing messages?

    Thanks
     
  3. Maldoran

    Maldoran Registered Member

    Joined:
    May 6, 2013
    Posts:
    37
    Location:
    Norway
    Yes, provided they allow such activity.
     
  4. Walfor

    Walfor Registered Member

    Joined:
    Aug 4, 2013
    Posts:
    4
    Basically, I'm looking for a safe and secure provider. I need a service that works well with mac os and that protects my ip in outgoing emails from outlook.

    suggestions would be much appreciated,
     
  5. Walfor

    Walfor Registered Member

    Joined:
    Aug 4, 2013
    Posts:
    4
    I am looking at unspyable - has anyone tried them?
     
  6. Maldoran

    Maldoran Registered Member

    Joined:
    May 6, 2013
    Posts:
    37
    Location:
    Norway
    While I have not used them I did contact support and asked some questions.

    It seems that the only standout feature is that they claim to have no logs of your email once it leaves their server.
    I thought that's to little to spend money on.
     
  7. Astrilluser

    Astrilluser Registered Member

    Joined:
    Aug 20, 2013
    Posts:
    1
    Location:
    US
    I'm bringing this information from an earlier thread that will no longer
    accept entries. It concerns the Astrill VPN and some claims and
    counterclaims made about it. These claims appear to involve the aspect
    of anonymity.

    In the earlier thread titled "Astrill VPN" SteveTX states:

    "Just looking at the website you can gather a few things.

    1) Their vpn is based on VPS/cloud servers. This means that it is highly
    unlikely they provide anonymity, only pseudonymity. It also means their
    systems are extremely weak against tampering because the memory, traffic,
    and OS are exposed to the ISPs which are renting the VPS to Astrill".

    This claim is refuted by a user named Astrill. Whether this individual
    is a representative of the Astrill company or not is not specified.
    However, he or she writes as if in that role, as follows:

    "
    1) Astrill doesn't use VPS (cloud) servers like most VPN providers do. We
    have server racks or dedicated servers in many datacenters around the
    world.
    2) That information is not accurate. we have 48+ servers in 22 Countries.
    Not just 22 servers in 22countries".

    Now, my comment relates to information gleaned from my email provider,
    the identity of whom I will keep as confidential. When I check my account
    information, I can obtain the login details for my last 20 accesses. As of
    today, most of them are via my local ISP. However,there are two logins
    that were made while using Astrill. These both came from IP 46.105.114.105
    with a server name ns223794.ovh.net.

    Addressing ovh.net through my browser leads to the webpage of
    ovh.co.uk, a company which discloses this:

    "OVH is an independent European company based in Roubaix, Northern France".

    and which advertises that they are in the business of providing
    Virtual Private Servers as well as web hosting and extensive cloud
    services. Therefore, it would appear that notwithstanding the claim
    made by user Astrill, the Astrill VPN does indeed use VPN and cloud
    servers. Whether they "have server racks or dedicated servers in many
    datacenters around the world" and/or what that statement means
    would appear to be subject to individual interpretation and to the
    warning from SteveTX about the quality of "anonymity" provided by
    the Astrill VPN.

    I have used the Astrill VPN service for about a year and a half. It has
    been fairly reliable and easy to use at least from the point of view of
    installation and interface. Technical assistance has been very weak
    in the sense that if I asked any questions such as might be asked in
    this forum, the rep would have no idea what I was talking about.
    Astrill is fairly inexpensive but, considering the matters mentioned
    above, I am not at all sure what I was actually getting for my fee.
    I think Astrill VPN has some 'splainin to do. Meanwhile, I am
    considering going to another provider.
     
  8. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,362
    Location:
    Oz
    I have a question for you. You have used Astrill VPN. Do you still have a subscription? If so, can you tell me what happens if you turn your wireless card off for a minute and then back on. Does Astrill disconnect allowing your true IP through? Or is your internet connection blocked until you manually disconnect?
     
  9. younameit

    younameit Registered Member

    Joined:
    Aug 19, 2013
    Posts:
    33
    Location:
    UK
    AirVPN does not provide TLS Auth Key - (ta.key). In what way is that problematic?

    AirVPN appears not to include a kill switch as of yet. What are simple workarounds?

    Does AirVPN use VPS (cloud) servers? I guess so given the amount of server locations that they offer. If so, what VPN providers are known to use no VPS at all and, obviously, no logging?
     
  10. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    599
    This thread will be of much use. I will have to subscribe to it.
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Having "ta.key" enables this:

    For the most part, that protects the OpenVPN server from attacks.

    Generally, you'll find that VPN services that use tls-auth cost more.


    Use routing and firewall rules. In windows, use Comodo -http://forums.comodo.com/firewall-help-cis/configuring-to-block-all-nonvpn-traffic-t91413.15.html. In Linux, use adrelanos' iptables script -https://github.com/adrelanos/VPN-Firewall.

    I don't know.
     
  12. younameit

    younameit Registered Member

    Joined:
    Aug 19, 2013
    Posts:
    33
    Location:
    UK
    DasFox really has to update the list in the first post.

    What I get from reading in this forum is that three VPN providers tend to be recommended:

    AirVPN - Seems good to me but only allows one connection at a time.
    -https://airvpn.org/plans/

    BolehVPN - Allows two connections at a time but only from a single IP address. Does that mean that I could not use VPN on my PC and my smartphone if outside my home?
    -http://bolehvpn.net/faqs.php

    Mullvad - Allows three connections! How about that? Unfortunately, I want a VPN provider that has a UK server as well.
    -https://mullvad.net/en/faq.php#multiple_conn

    What are trusted alternatives to those three providers?
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I'd add Insorg and iVPN. They both offer multi-hop routes. Private Internet Access is reliable and inexpensive, but the connection is less well secured.
     
  14. Grassman20

    Grassman20 Registered Member

    Joined:
    Jul 14, 2013
    Posts:
    28
    Location:
    USA
    Can you elaborate a little on the secure connection issue with Private Internet Access? I'm using them and have been happy, but I want to be aware of potential problems.
     
  15. younameit

    younameit Registered Member

    Joined:
    Aug 19, 2013
    Posts:
    33
    Location:
    UK
    Insorg is quite pricey. $190 for a year?

    $100/year for iVPN is better.

    $40/year for PIA is pricewise hard to beat. Unfortunately, any US VPN provider has to be considered a security risk in the wake of the mass surveillance scandal.
     
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It uses the bare minimum for VPN security: a server certificate (ca.crt) and username-password authentication. It doesn't provide users with a client certificate (typically client.crt) and key (client.key), or use TLS authentication (dynamic or with shared ta.key). See -http://openvpn.net/index.php/open-source/documentation/security-overview.html
     
  17. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Yes, it's pricey. But look at how many exit IPs there are, and how many are multi-hop.

    Indeed. They're multi-hop too, but don't have as many exit IPs, in as many countries.

    Yes. VPN business is booming, I gather. But I wonder how US-based services are doing.
     
  18. SebastianT

    SebastianT Registered Member

    Joined:
    Jan 22, 2014
    Posts:
    3
    Location:
    France
  19. chrismani

    chrismani Registered Member

    Joined:
    Oct 29, 2010
    Posts:
    37
    PIA does use TLS authentication
     
  20. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    For OpenVPN connections, PIA of course uses SSL/TLS.

    What it doesn't use is this ...

    http://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html

    Many VPN services provide a key (normally "ta.key") to implement this. The next block of the man page ("--tls-auth") explains the rationale.
     
  21. chrismani

    chrismani Registered Member

    Joined:
    Oct 29, 2010
    Posts:
    37
  22. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I'm not saying that I don't recommend PIA. The fact that they don't use extra TLS authentication doesn't materially affect most of their users. It just leaves their servers more vulnerable to DDoS attacks. Part of that is the increased risk of compromise through a multipronged attack.

    There's also the scenario of a resourceful adversary taking down the VPN entry server while watching your connection to Wilders, or whatever. If your connection to Wilders goes down when the VPN entry server goes down, they know that you were using it. But that's not an issue for most of us ;)

    My short list comprises:

    iVPN and Insorg for multi-hop routes
    AirVPN, BolehVPN and Mullvad
    PIA and SecurityKISS for low cost

    I don't have any information about VPS use except self reporting, and I don't pay too much attention to that.
     
  23. bolehvpn

    bolehvpn Registered Member

    Joined:
    Oct 10, 2011
    Posts:
    84
    Location:
    Malaysia
    Given that this is such a popular thread, any chance of getting the first post updated? :D
     
  24. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It's hopeless, I think :eek:

    Whatever the list, BolehVPN is close to the top :thumb:
     
  25. bolehvpn

    bolehvpn Registered Member

    Joined:
    Oct 10, 2011
    Posts:
    84
    Location:
    Malaysia
    Oh what happened to DasFox? :(
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.