are there any other multi-hop vpn services that don't log?

Discussion in 'privacy technology' started by scrty001, Sep 8, 2008.

Thread Status:
Not open for further replies.
  1. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    I'm trying out xerobank and so far I'm impressed. I want to do some comparisons so I'm wondering are there any other multi-hop vpn services, maybe not necessarily 3 hops but, even 2? also any other vpn services that don't log?

    these are the few that I was thinking of:

    findnot (keeps logs for 5 days)
    steganos
    swiss vpn

    I'm not sure if it was steganos or swissvpn but, I heard one of them in 2009 is going to have to start logging so that means they don't log as of now?

    besides xerobank who else do you think is up there in terms of anonymity and privacy?


    Thanks
     
  2. fuzzylogic

    fuzzylogic Registered Member

    Joined:
    Mar 12, 2008
    Posts:
    149
    there are a few that offer 'double vpn', a 2 hop system, but so fair only xb offers any multi-hop network. Openvpn.ru and secretsline.net are the only ones i know of and there isn't much of the way of information about them. you can always have search.
     
  3. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    There is only one other who is truly competitive with XeroBank on a technological and corporate level. That would be KryptoHippie.
     
  4. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    kryptohippie doesn't offer any services do they?

    and what do you think about double vpn?
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    JAP can route traffic via multiple servers (known as mixes) though the default "mix" is a single server - it is free (and therefore slow) but it does have a commercial option, JonDoNym which should offer better performance (I've not tried it myself though).

    Just to forestall the inevitable "it's been backdoored!" posts, I would point out that JAP was on the receiving end of a court order which they fought and overturned - virtually any other commercial provider would have caved in quietly. See their Crime Prevention page for more details.

    Any service will have to do some degree of logging (for accounting and abuse prevention, as well as to comply with local legislation in many countries) so using a multi-hop service with nodes in different countries (requiring co-operation between law enforcement agencies to track a user, which is likely only in serious cases) is the most prudent method of maintaining anonymity. If you are up to serious mischief though, it is unlikely that any (legal) anonymity service could (or would) guarantee complete privacy.
     
  6. Webby

    Webby Registered Member

    Joined:
    Jan 1, 2006
    Posts:
    93
  7. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    They do for corporate clients, and last year they said they wanted to start offering retail to the public.

    Depends on what you're trying to accomplish. Mostly a lousy idea, but it could have a use.
     
  8. fuzzylogic

    fuzzylogic Registered Member

    Joined:
    Mar 12, 2008
    Posts:
    149
    Good mention on JAP, its a great system and not badly priced either. Make sure to pay for Large park, you'll find it very quick and you'll burn through the quote very quicly.

    For a multi-hop vpn, you could do PTPP/IPSEC over openvpn, or SSH over openvpn.

    Krytohippie; the site has been devoid of information for a while now, would be good to have a company that directly handles data security/anonymity open up to the public.
     
  9. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    Thanks for the replies!
     
  10. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    Is JonDoNym a VPN service or is it like a paid tor service?

    If you use JonDoNym along with a VPN service will that more hops and will you still stay anonymous? or will you be exposing unencrypted traffic to the internet more?

    Also what about if you used a VPN service such as xerobank, steganos, etc.. and connected to an offshore PC remotely and used that for the internet?

    There are some web hosting companies that let you rent a PC (kind of expensive, more than VPN services) and you can login remotely with your remote desktop software. What if you connected to VPN and then connected to the offshore PC remotely. Would that add extra anonymity, more hops, etc..?


    Thanks
     
  11. fuzzylogic

    fuzzylogic Registered Member

    Joined:
    Mar 12, 2008
    Posts:
    149
    Jondo is a paid JAP service, which also provides free services. The paid services give you acccess to faster 3-hop mixes, the free option gives access to the slower 1/2-hop mixes. Using JAP over a vpn will add another several hops, it is encrypted between you and the mixes but does not layer the encyrption like TOR does.

    Remote desktops are another option in private browsing, they are bandwidth dependent therefore make sure there isn't too many hops between you and the remote desktop, otherwise it will seem like your using a 486 thus a very laggy internet session. Providers of remote desktop include cosmopod, gopc and nivio, the former two are linux based, the later is windows xp based.
     
  12. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    Thanks for your response. Could you explain the disadvantage of not having the layer encrypted like tor?
     
  13. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Tor's layered encryption (like the layers of skin on an onion) means that you don't have to worry about the first or second nodes being able to eavesdrop on traffic (though the exit node can since the traffic has to be sent decrypted from it). With JAP, an abusive operator could theoretically monitor incoming traffic after decryption but before it is encrypted for sending onto the next mix) whatever their position in the chain.

    JAP therefore is more vulnerable to abuse by a rogue operator but the project places limits on who can run a mix server. Tor is less vulnerable in one sense (only the exit operator can commit abuse) but anyone can operate a Tor node so it is more vulnerable in another.

    As for "combining" a VPN service with Tor or JAP, there is very little point since you are more likely to weaken your anonymity. If you use Tor/JAP to chain onto a VPN service, the VPN operator will still be able to identify you by seeing which account you use - if you use a VPN service to connect to the first node of Tor/JAP then you have the possibility of the VPN operator intercepting traffic before it is sent to the Tor/JAP client (which would have to be running on their machine for this to work).

    The only case proxy chaining can be useful that I've come across, is when using a "free" proxy via Tor/JAP in order to work around a site blocklist.
     
  14. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    What about using Tor or Jap to connect to another computer with remote desktop. Is that different than connecting to another computer via VPN? Will that increase your anonymity as well?


    Thanks
     
  15. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Assuming that you could run a Remote Desktop connection over Tor or JAP, then the situation would be largely identical to a VPN - if the remote system belongs to you then it will be traceable by other means breaking your anonymity.

    If it isn't, then you still have no gain in anonymity (the connections from the remote PC will be in the clear and, assuming you're the only one using it, it will be trivial to backtrack and see the incoming traffic coming from Tor) but will have (significantly) slower performace due to Remote Desktop's overheads.

    In fact, the increase in traffic volume (due to the need to transmit screen data) would likely make your activities more easily traceable through Tor (this applies to file transfers/video streaming generally) than simple web browsing would be.

    Why the obsession with trying to "improve" on something like Tor or JAP?
     
  16. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    Just trying to find ways to increase anonymity as much as possible. Although, I understand what you're saying, Steve - (xerobank) has said the same thing. Just stick with one service.

    Where do you think there is more advantage using JAP (paid, mix cascades) or using a VPN service?

    With JAP since it's a mix cascade you get a different IP regularly such as ToR correct? I like that concept more than having 1 set IP all the time. Although I like how with a VPN service all your traffic is encrypted so your ISP can't see it. Does JAP work like that as well?

    If somebody was to try to trace you through JAP they could possibly have to go through many jurisdictions due to all the different cascades?

    I know 100% anonymity isn't possible but, I want to make it as difficult and costly as possible to trace.

    I'm not really concerned if anybody sees what I'm doing as you were saying could be possible on a cascade network (rogue operator) since I'm not doing anything wrong. I'm just concerned with being anonymous and being traced.


    Thanks again for your replies.
     
  17. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Tor and JAP provide as anonymous a service as you are likely to get.
    Please review the JonDo/JAP FAQ and other project documentation - this answers the questions you have raised.

    If anonymity is your main concern then forget about VPNs completely (and any similar single-hop solutions, which includes virtually all other "anonymity services" except JonDoNym and XeroBank) since all they do is place your browsing details in the hands of the VPN provider rather than your ISP. Only if performance is important and you just wish to avoid ISP tracking should you consider them.
     
  18. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    That's what I was thinking and never felt comfortable going with any VPN service, I barely got myself to try xerobank only due to what I've heard from this site. Even after being recommended VPN services and reading up on them, I felt that ToR has a much better system but, I didn't like the idea of honeypots and anybody being able to setup their own server.

    Since I like ToR's system, I want to try JAP's mix cascade system. Although what they say below on their site is one reason I thought VPN could be more reliable:

    "JonDo fakes your IP address against websites, and replaces it by another, fixed IP of the JonDonym system. Unfortunately this alone is not enough to ensure the web surfer's anonymity. On many websites there are so-called active contents that may lead to the disclosure of the IP address, and the web browsers send data that may be used for profiling. Currently, JonDo does not block such content yet, but this may be done by additional applications."

    I have all the plug-ins to help stop that from no-script, no-referrer, turn off javscript, etc.. etc.. but, then some sites need javascript, if you're trying to browse some forums or trying to order something. I had some issues with this when using ToR.

    Although, I also saw this (below) on there so I think this could be a solution to that problem.

    "Proxomitron is a filter proxy running as a local service on the own computer. Using filters enables Proxomitron to filter harmful JavaScript, Java applets, cookies and HTTP Headers. This is accomplished by rewriting requested websites before passing them on to the browser."

    If somebody was going to try and trace you through JAP how would they have to go about doing that? Would it be really complicated?


    Thanks
     
  19. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Proxomitron is a more powerful filter than NoScript (in that it can be more selective) but it is more complex also. Essentially, if a site requires Javascript, you are going to encounter problems regardless of whether you are using Proxomitron or NoScript to block it - you have to decide whether the site is important enough to you to allow Javascript for it (or alternatively, to bypass Tor when using it).

    For someone to trace a Tor or JAP user, they would have to check the traffic logs for the exit node, try to find out which middle node was being used, check the traffic logs for that to find the entry node and then check its logs. If the nodes are in different countries then this would require co-operation between national law enforcement agencies, which in practice is only likely for major wrongdoing (and anyone in that category would need "help" well outside the province of this forum).

    JAP does have the ability to report access to specific IP addresses as a result of a previous court case (which the project fought and overturned, but may still be subject to in the future) but that is documented on their Crime Prevention page.
     
  20. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    One other thing when it comes to Javascript, etc. Make use, as much as you can, of sites created for mobile use. With the explosion of these devices, most all the major sites have "mobile views" that require only the basics to access their content. A simple example would be CNN. Instead of going to cnn.com - go to http://m.cnn.com . Few people realize these can be accessed by any computer. Even a no-frills gmail can be accessed at http://m.gmail.com . You can quickly make a personalized links page, a "mobile portal" if you will, and look at it as your privacy portal when accessing sites using TOR, JAP or whatever. Think MOBILE.
     
  21. traxx75

    traxx75 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    106
    Another advantage is that "made for mobile" sites are generally a lot more bandwidth-friendly and, as a result, more useable over restricted-bandwidth services like TOR and JAP :)
     
  22. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    oh? :D
     
  23. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    do they have a portable size for laptops that you can carry around?
     
    Last edited: Sep 20, 2008
  24. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    doesn't require a cryptorouter, you could use a ipsec or opvn connection, but yes the hardware is portable if you wanted to move it around.
     
  25. scrty001

    scrty001 Registered Member

    Joined:
    Aug 15, 2008
    Posts:
    82
    does anybody know if you can use JanusVM with the paid version of JAP?
     
Loading...
Thread Status:
Not open for further replies.