ProXPN hiding something. I think I need a new VPN service.

Discussion in 'privacy problems' started by DynoTAP, Nov 17, 2014.

  1. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    As you all may know ProXPN was hacked about a month ago now. I do realize this is old news and many of you must be wondering why I'm so late to the game, I'm not, just bare with me for a sec here and read on.

    After a month of waiting and two wasted payments to them, I finally decided to send ProXPN a ticket as I have had problems connecting to their client ever since their compromise and so I decided to ask a few questions. One of the questions crunched down, asked when they will notify their customers about the server breach.

    Clearly never, now that I have a reply answering none of my questions and a response email stating: "Hello, the user responsible and offending content has been removed. The offending users account has been terminated."


    ProXPN also put the following news out ten days after the TurkisH-RuleZ hack:

    "Dear Valued Subscribers,



    We are aware of the issue with proXPN 2.8 crashing when connecting to our servers. Between 4:00 and 5:00pm EST we made a server side change that caused the client to fail. Thanks to you and your early reporting, we have identified the issue and have completed the fix. You will not need to make any changes or re-download the client as the fix was on the server side. Please contact us should you have any other issues. We apologize for any inconvenience this may have caused you and thank you for your support.



    Team proXPN"



    Anyways, now that I know I am only a 'valued' subscriber, I think it is time for a new VPN service but don't know who to trust. I have looked around but how can I truly know to trust them?
    If any of you are willing, could you suggest a few VPN services you trust, please?


    Edit:
     
    Last edited: Nov 18, 2014
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    My favorites are AirVPN, BolehVPN, Insorg, iVPN, PIA and SecurityKISS. Insorg and iVPN are multi-hop, and cost more. PIA is very inexpensive. And SecurityKISS has a great free trial.
     
  3. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Wow thanks for your speedy reply mirimir! :')
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    It's all in the timing :)
     
  5. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Lol, quick witted mirimir, what ever will we do without you?
     
  6. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    mirimir, which are you using at the moment?
     
  7. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    oh I'll take a not so very educated guess: iVPN.
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I'm using all of them, in one way or another, more or less lately :)
     
  9. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Data retention laws, Canada? what are they really storing? I suppose I don't mind but if it is the unencrypted data being collected, what is the point of a VPN service here in Canada then? Would that not mean there's a way for hackers to "listen in"?
     
    Last edited: Nov 17, 2014
  10. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Oh wow man, I assume some of them must be more than just a vpn service. Am I correct in saying so?
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    VPN services hide activity from your ISP, and also from adversaries intercepting anywhere between you and the VPN exit. When you use VPN services, you're choosing to trust VPN providers in the same way that you would otherwise trust your ISP. But you can use a VPN service based in another country, and you can pick one that has less interest and/or leverage about you. And you can chain multiple VPN services, so that adversaries would need to work harder to compromise them and/or get their cooperation. That's how I use so many VPN services. If I'm working on several projects, I may have multiple branched chains connected, each feeding a different workspace VM. There's much more about that in my guides on iVPN.
     
  12. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Wow, that is so cool! I'll definitely read more on that, I never knew VPN services could be used that way.
     
  13. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Which OS do you use?
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Using router VMs as gateways for VPNs and Tor, you can route them through each other in various ways. pfSense VMs work well for both, although installing Tor in pfSense takes some work.
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I mostly use Linux (lately, Debian) for host machines and workspace VMs, and pfSense for router VMs. Whonix is a very easy to use setup for securely using Tor, comprising gateway and workspace VMs.
     
  16. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Wowwie! :eek:

    Almost beyond my comprehension. Is this something you learned to do through some means of training?
     
  17. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    I knew it!

    you hinted it earlier though i wasn't certain about the distro.
     
  18. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    I'm just thinking here mirimir, could VPN-chaining not make the crypto weaker? I don't have any reasoning behind this. I have just heard before (some time ago actually), that encrypting an already encrypted data source could weaken encryption.

    Would you disagree?
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Nope, no training. Just reading stuff online. Some years ago, I'd been using multi-hop VPN services and Tor. I'd read about JonDonym, and was dreaming about some way to replicate trust-distribution with VPNs. I'd also been using VMs for a while, and had read about plans for Qubes. And I'd started using pfSense as my LAN router. I was reading some article about virtual networking, and then it struck me that I could use VPN-gateway VMs and Tor-gateway VMs to create nested chains. And it worked :)
     
  20. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I'm no crypto expert, but I've also read that. But using nested chains of VPNs and Tor isn't about multiple layers of encryption to better hide stuff. There are multiple layers of encryption, of course. But the goal is making it harder for an adversary to connect you and your online activity. Rather than just getting one VPN provider to cooperate, they need to go after multiple VPN providers. I discuss this in https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me and https://www.ivpn.net/privacy-guides/adversaries-and-anonymity-systems-the-basics.
     
  21. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Wow, well I'll definitely be trying this out and hope to be as successful as you have been.

    Oh right and thanks!
     
  22. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Thanks :)

    As you get into it, don't be put off by the walls of text. I've made my guides to be totally step-by-step, in order to reduce confusion. But that does make them long. If anything goes wrong, just ask :)

    I need to redo the guides on host machine setup and workspace VMs, because Ubuntu 12.04 is nearing its end. I'm now using Debian 7.6 instead.
     
  23. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Hi mirimir, thanks a ton for your support, I'm probably going to need some help as I haven't used Linux for some time now. Do you think this could be done with raspberry pi's?
     
  24. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Maybe. But there's a security issue about having all of the various networks available physically, through ethernet ports. With a host machine with FDE that's locked, getting in by compromising the password without triggering a reboot is tough. It's doable with a RAM attack, I know. Better would be struggling a bit with Linux.
     
  25. DynoTAP

    DynoTAP Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    17
    Location:
    Canada
    Hi again mirimir I still haven't checked your link I've not been well lately.

    Please tell me, is all of this done on a single system? I feel like I missed something in one of your messages. It sounded like you are using multiple machines.

    Cheers man,
    I hope you are doing very well.
    -DynoTAP
     
Loading...