Astrill VPN

Discussion in 'privacy technology' started by Subgud, Feb 22, 2011.

Thread Status:
Not open for further replies.
  1. Subgud

    Subgud Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    151
    Location:
    Norway
    I was wondering if any of you has some experience with astrill VPN?

    https://www.astrill.com/

    Is it a safe vpn service? They seem to have servers around and they support openweb (which seems more like a proxy) and openvpn which hide your whole computer and uses 2048bit encryption.

    Anyone??
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Just looking at the website you can gather a few things.

    1) Their vpn is based on VPS/cloud servers. This means that it is highly unlikely they provide anonymity, only pseudonymity. It also means their systems are extremely weak against tampering because the memory, traffic, and OS are exposed to the ISPs which are renting the VPS to Astrill.

    2) Server load is either misrepresented, or their network has strange issues. If your server load fluctuates 10% at any moment across a total of 22 servers, that is very odd. The more "servers", the less fluctuation you should have.

    3) Astrill claims to offer a unique vpn protocols called "astrillvpn" and OpenWeb along with openvpn and l2tp. I have not heard of any vpn protocol called this.

    Abstract conclusion: Astrill VPN is a pseudonymity provider like relakks and most other vpn providers, but they cost twice the price. This may be OK for you if you just need a few IPs outside of your own country to view videos.
     
  3. Subgud

    Subgud Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    151
    Location:
    Norway
    Thank you Steve. I am new to the vpn world and has read some good things about astrill. That is why I ask. I was in contact with theire support and from what I could understand you could use torrent downloading via openvpn ssl, on certain servers. Maybe that is why the serverload is high?

    The support representativ claimed that when using astrill via the openvpn modus it "hide" the whole computer. Compared to openweb modus, which "hide" only the webbrowser. Does this make sense? Just asking since I dont have a clue.
     
  4. Astrill

    Astrill Registered Member

    Joined:
    Feb 24, 2011
    Posts:
    1
    1) Astrill doesn't use VPS (cloud) servers like most VPN providers do. We have server racks or dedicated servers in many datacenters around the world.
    2) That information is not accurate. we have 48+ servers in 22 Countries. Not just 22 servers in 22countries.
    3) We offer among others, OpenVPN protocol which is considered the most safe.
    You should not make any conclusions before trying out our service. We have thousands of users around the world. Even USA military is one of our valued customer.
     
  5. ArtemisX

    ArtemisX Registered Member

    Joined:
    Aug 14, 2009
    Posts:
    19
    bit of a double edged sword is that one...
     
  6. box750

    box750 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    260
    I was with Astrill for a month and their overall servers speed was great, they do have many locations but some of them, like Australia, is only available using the OpenWeb protocol which only works for webbrowsing (ie no torrents), not a big problem with that though, there are plenty of other locations using OpenVPN.

    I did not like the OpenWeb protocol because some Web2.0 sites with feeds or video did not work with it, but nobody forces you to use it and OpenVPN is still available. Astrill has the best VPN client I have seen around, you can configure it to speed up streaming videos, block ads, etc.

    I was happy with everything except by the part where they ask for your mobile phone number in order to register a new account, they send you a SMS message with a code to verify you own that mobile phone and then they store the phone number in your account once it has been verified.

    I see it like storing your real ID because your phone number is linked to you and you just verified you own it, I felt this was unnecessary and all they should know about me is my email address, I can easily see a RIAA subpoena forcing them to release my phone number, anyone with the proper paperwork can force Astrill (or any other VPN) to reveal your account details, and you can't deny it's not you because you just verified you own that phone number using the SMS code they sent you.

    Had it not been for that I would probably still be with them, they have great server speed and good support.
     
    Last edited: Mar 17, 2011
  7. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358

    Here's the message I got when I clicked "Sign Up" using Tor.

    I always sign up to everything where I want to stay anonymous using Tor, even VPNs. It may not make much sense to sign up to a VPN using Tor, especially when you're going to use the VPN with your real IP address, but I like an extra measure of plausible deniability during the sign up process. And I always use a prepaid card. I don't know if they accept them or not.

    Giving out my real phone number is unacceptable. What's the point of claiming "no logs" if they need your real phone number. I don't think anyone paranoid enough to want a VPN with no logging would hand out their real phone number. I'd rather have a VPN WITH logging and just claim that I didn't use it rather than give them definitive proof that it is me using the service. :thumbd:
     
  8. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    Is all the sensitivity over a phone number valid?

    If it were to be obtained, all it would prove is that you had an account. It would not tie you to any specific activity, so what's the worry?

    Unless you're going through hushmail or an equivalent, email addresses aren't really that secure either.

    If you're really paranoid, get a disposable and use that to sign up.

    cheers
     
  9. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I think it's a matter of priniciple. I wonder if Astrill can tell us why they need to send a text to activate the account? The credit card either works or it's declined. All they should care about is if they get paid. Asking for a mobile number and then communicating through that number before they will perform a service is rather odd.

    Astrill, I'm really curious - why?
     
  10. axle00

    axle00 Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    92

    What happens if you don't have a mobile phone number?
     
  11. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    No reply back oh well...

    I wouldn't trust running anyone's client, let people that want OpenVPN to use OpenVPN's client...

    And the mobile number authentication, that's really bad to ask of this from people...

    slack@slackware:~/Downloads$ ./astrill-setup-linux
    [sudo] Please enter your root password:

    They also have you download an installer that doesn't even have the correct permissions on it to run so you have to make it executable, no biggie but there are plenty of newbies that don't know this.

    Then look at what it wants? --> ROOT ACCESS and you have no idea what it's going to do with root access, what it's going to install and where.

    This is really bad to begin with for anyone but in Unix circles this is really bad!
     
    Last edited: Jun 9, 2011
  12. box750

    box750 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    260
    Then you can not open an account with them, there is no work around.

    Not possible, many European countries do not have such thing as "disposable mobile phone", you always need to show a valid ID (e.g. passport, driving license) to buy a SIM card, the ID is photocopied and sent to the Home Office for "safekeeping", I believe this is the same in India.
     
    Last edited: Jun 10, 2011
  13. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Forget it people Astrill isn't the only VPN provider in the world there are many decent ones out there too.

    There's no excuse for asking for a mobile number...

    Someone at Astrill seems to have forgotten what the P in VPN means!
     
  14. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    to answer all those questions they are a ssl VPN and also support Ipsec VPN.
    Two parties who wish to create a Ipsec tunnel is must negotiate a standard way to communicate. Ipsec replace or augments the client systems Tcp/ip stack. Its site to site that means you are going to connect with your workstation or your own company or other parts of your network. That's what root is for. its a internet layer protocol.

    They also supply SSL which is in the transport layer. For what is open VPN? Because you can encrypt all the data and sent it over the ssl connection without your applications aware of it. Which means its easy to setup. It doesn't make anything less secure. open VPN is just a tap 32 adapter. That's open VPN. The config file they will probably supply you with. So no its not less secure. when you use open VPN with a proxy of a connectivity service in the middle basically what happens is that your router is that proxy. Its good for mobile internet and broadband technologies that uses 3g etc etc because they emulate a Tcp/ip and do a lot of emulation.

    Astril has been developed by the US based company Goldenfrog. If you haven¡¯t heard about GoldenFrog they are the sister company to well known and highly respected Giganews.
     
  15. box750

    box750 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    260
    I saw the same wrong information at a VPN review website, I wonder if you copied it from there because those appear to be same textual words?

    Astrill is an Australian company, its website terms and conditions say that they are under Australian law and they have an Australian Registered Number known as a ABN to register a business in Australia.
     
  16. Tjee

    Tjee Registered Member

    Joined:
    Jun 21, 2011
    Posts:
    12
    I think he means Vyprvpn.

    What do you guys think about Vyprvpn btw?
    I read it's quite slow...
     
Loading...
Thread Status:
Not open for further replies.