Public IP Swiss VPN

Discussion in 'privacy technology' started by markoman, Dec 15, 2008.

Thread Status:
Not open for further replies.
  1. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Let me clarify that PPTP thing a little. If you have PPTP connection to localhost, like to a JanusVM appliance, you aren't going to leak. Why? Perfect line quality. There is no bad routing or external travel required to communicate to yourself. So PPTP isn't inherently terrible, it's just terrible for privacy and anonymity when you are using to talk to computers outside of your localhost or home network because it is so fragile.
     
  2. emmpe

    emmpe Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    121
    SwissVPN offers PPTP and optionally EAP-TTLS. Not good enough, but then, what is? Switzerland does log traffic but is not subject to the EU data retention directive. Heaven knows what they do with the info. Like every other country they're likely to give in to the onslaught of government and corporate demands sooner or later. Maybe they already have.
     
  3. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    You need either 1) OpenVPN or 2) a SSH tunnel with a VPN connection at localhost.
     
  4. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128
    steve if you do shadow vpn for 10 usd why cant you offer your 2 hop vpn for 20 usd that is more resonable than 35 usd
     
  5. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    XeroBank doesn't just add more nodes, it provides a lot more technology, services, support, and consumes a lot more resources than a single hop vpn. The anonymous storage mechanisms, the backend and middleware, the cryptographic account anonymization via VAULTS, the secret Jabber servers and VOIP servers, anonymous server hosting for hidden services... It also uses extreme anonymity technologies that are only applicable in a multihop network like channel multiplexing. For something you can understand on the client end, the anonymity is superior to other networks, and it strongly demolishes data retention and data logging capabilities that states foist upon their citizens, and stores user records in a very secure manner, with no logged association between account holder and account activity.

    Why does a BMW cost less than a Ferrari? They both have four wheels and a motor, but there is a lot more design and cost that goes into making the magic, resulting in a different product.
     
  6. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,314
    Location:
    Oz
    I just clicked on that test several times and it kept saying page cannot be found.
     
  7. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128

    just checked and it works for me
     
  8. AnonG

    AnonG Registered Member

    Joined:
    Oct 26, 2008
    Posts:
    28
    Location:
    Central Europe
    Holy leak Batman! I'm using OpenVPN and this test gives away my ISP!
    It doesn't show my real ip though, just some subnet address. VPN connection
    is working and it does not show my current connection ip when tested but
    how can this page trace it back to my ISP??
     
  9. Hillsboro

    Hillsboro Registered Member

    Joined:
    Jul 21, 2006
    Posts:
    86
    Location:
    CH/USA
    On your local area connection (not the vpn connection) you need to set your DNS server IP's in your TCP/IP network settings and if you are using a router do the same there too and be sure and untick the file and and printer sharing. Do not set either to automatically set the DNS connection. If you don't do this your real connection IP is going to show up regardless whether you are using openVPN or PPTP service like Swiss VPN. The dns-orac site is a good way to see if have a dns leak. When I make a vpn connection the first thing I do is hit the dns-orac site to be sure the ip's showing there are the ip's for my VPN service. I suspect many people are using VPN services and are quite unaware of the need to set up their local network and router with hard dns ip numbers and to not allow the dns to be found automatically so to avoid leaks.
     
  10. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Hillsboro, that was part of our plan for writing a new OpenVPN GUI. The way windows handles DNS is atrocious. There are some commands for dumping, clearing, and resetting, but it is definitely an issue in my opinion.
     
  11. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,314
    Location:
    Oz
    Okay. I have to click try again to get it to work. So I tested it with my bare connection. The results were Poor and Great. I tried with Iphantom and the results were Poor and Great. I then switched the Iphantom to secure DNS and the result was great and great. Xerobank was Good and Great. I am not sure what it means but results are good for both Iphantom and Xerobank. But of course Iphantom is a one hop connection and it is American. But I think it is still a cool little device and a good idea. That is why I am looking forward to the Cryptorouter. Once I get the cryptorouter and XB Machione fired up, I'm gonna change my username to Caspian_007...LOL:cool:
     
  12. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Hmmm. I wonder what this means for prq.se - they are famously known for hosting any site, no matter how controversial. Many groups use them for privacy. PRQ is owned by Fredrik Neij and Gottfrid Svartholm of The Pirate Bay. For example, wikileaks.org hosts with PRQ as does just about anybody who wants true protection for their website.

    Freedom and privacy are becoming but a quaint notion.
     
  13. UhHuh

    UhHuh Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1
    I'm on Swiss now and very happy with it. Great value, great speed.

    Notice how Steve "I don't know who I work for" just ignores the EAPTTLS part and keeps chanting his mantra about "leaks"? As if he was completely unaware of IP policies in Windows.

    His boy Kylie he has wearing the assless CDC chaps (Youtube, Defcon video) knows about them. That KID did a good job with Janus (still begging for money) but he's not an expert in anything. He put some free software in a vm, big yay. Wasn't a first.

    You write so much here Steve and yet when I visit Xerobank, I can't make heads or tails out of your services. I thought it was one thing, but am reading four pages of generic fluff. Are there bw limits? Doesn't say. It says this trial you have on is recurring, but not for how long. I'm I signing up for a year or forever or what? The forum is dead and as such no help.

    The way you try and justify your price is with talk that's only relevant to people being hunted by American LE. You know your customers are simple perverts for the most part. That and people who don't want to get caught downloading some crap American movie. You spread the fear on this forum quite well.

    More then anything it's your associations with the CDC, Hacktivismo and the UN that turns me off you and thus your service. Oh yeah and being from Texas :p.

    Src: https://www.wilderssecurity.com/showthread.php?p=1348121&highlight=Topletz#post1348121

    Src:Zero40wned issue4 where they all got hacked. An excellent read.

    Is Rattle still making music in his mom's basement? Dildog joined the AARP I think. Other then producing a backdoor of some note, what do you think their, "stamp of approval" means? Because anyone can go to their websites and read their text archive full of garbage. That's all the losers ever did. Now you give that slime money? EWW. No signup for j00!. No wonder prices are so high.

    Src: http://www.hacktivismo.com/news/

    Src: http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xBB678C30
     
  14. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    here they come again. don't feed the trolls :rolleyes:
     
  15. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128


    so are you saying that swiss vpn using MS-CHAPv2 EAP-TTLS is as good as it can be because when i tested there dns it never leaked so does this mean they are good vpn provider
     
  16. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    MS CHAP is a microsoft authentication protocol, and EAP is a format for transmitting authentication protocols. Authentication is where you talk to a server, and establish identity/credentials and a way to communicate with each other.

    This does not protect against the exceptionally leaky DNS issues that PPTP has.
     
  17. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128
    so in other words swiss vpn is a good provider because they dont leak dns
     
  18. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Exactly the opposite. Swiss VPN uses PPTP. PPTP is a DNS leaky protocol, and is not appropriate or secure for anonymity. It isn't Swiss VPN who is leaking, it is your computer that is leaking, because of the protocol selected. The leaking isn't always going to occur, but some providers are worse than others. Findnot's PPTP connection seems to leak DNS about 40% of the time, whereas Relakk's PPTP connection leaks DNS 100% of the time. Why? PPTP is dependent on the connection quality to the provider. So any failures between you and the provider seem to be able to cause you to leak DNS. Even moreso on a Wireless connection I would imagine.

    PPTP is fine for home lans. PPTP is fine for work. PPTP is fine for programming and university connections. PPTP cannot pass muster for security and anonymity.
     
  19. emmpe

    emmpe Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    121
    For what it's worth I just had a look at the Xerobank "anonymity checker". It tells me there's no protection but my IP is one of SwissVPN's. Then it says network legal risk is "high", when in reality it's low, political risk is also "high" though currently non-existent, and there's "ISP spying risk" which goes whithout saying and which I have adapted to live with - after all, this is the European Federation, and the word "risk" is redundant in this context. ISP:s do spy, period. So am I impressed? No way.

    I actually intended to try out XB:s one dollar offer, but never finished the application process as my connection went down. Imagine my surprise when I got a welcome mail anyway, informing me of a bandwidth limit of 75 GB monthly (my traffic is 30 - 50 GB a week), above which limit I may be charged as I go or upgrade. Thank you very much for the info, but why not put it on the website, instead of just linking around to the same two or three fluff pages? And why not hold your mails until the deal is settled?

    By the way, I've read a lot pro's and con's about Xerobank on this forum and one thing that bothers me is the jurisdiction argument ("We're in Panama and our servers are in different jurisdictions" and so on). It doesn't seem very valid. When estimating the quality of an anonymisation facility, these links may be of interest:

    http://travel.state.gov/law/info/judicial/judicial_690.html
    http://www.transparency.org/policy_research/surveys_indices/cpi/2006

    Without promoting SwissVPN (with which I'm not really satisfied anyway) I want to point out that - if I'm not misinformed - Swiss privacy law, in contrast to that of many other countries, overrules most MLAT demands (but not heavy political pressure, as we've seen).

    UhHuh may be a troll and Xerobank may be a first class service, but in my experience sloppy marketing generally signals a sloppy product. Xerobank doesn't even try to convince by straightforward information, and their website seems to be targeting only the more credulous of us. Of course this does not prove it's a bad service, and I'd love to see good arguments supporting it, arguments based on facts, not unfounded opinion, and no salesman's sweet BS.
     
  20. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    It sounds like the SwissVPN IP either isn't being properly recognized or is a new IP they've added. I wouldn't worry about it, but SwissVPN's network risk is high because they are a one-hop proxy with low/zero/weak anonymity (encryption != anonymity). The political risk is high because the servers are in the same jurisdiction as the company. A single court order or investigation compromises the whole system.

    Your profile would fit into the 99.5 percentile, making you an abnormally heavy user compared to the rest of the internet. Your resource consumption is appropriate for a charge of approximately $100 USD/month if you want XeroBank quality traffic protection and anonymity, and $51k/year for Onyx Advanced protection (full immunity to modern traffic analysis). You would need a flat-rate 1-hop service, none of which offer cascades or multiplexing like XeroBank does. Good anonymity isn't cheap, and cheap anonymity isn't good. Xero will be offering a flat rate service later this year, and that would be your best bet for the strongest anonymity at flatrate pricing.

    I had a similar objection. The reason is that creating your accounts and activating your accounts are two seperate issues. If someone creates an account and later uses some anonymous funding on it, they would need to know the difference. As a consumer, you are not exposed to this as a usual course of business, as other businesses do not have a structure that requires individual registration and funding components, so your objection is well deserved.

    However, it is my understanding that the checkout process is going to be changed in the next two weeks, and should resolve this issue in a different way.

    Xero's jurisdiction does not accept court orders from the US, UK, and EU, despite of MLATs. A court cannot compel an answer unless it is a provable life and death situation, and has a criminal offense punishable by at least two years in jail. Even if they did, court orders do not have any effect on Xero because 1) we don't keep logs 2) our client data is fully segregated from their usage data 3) our privacy policy will be upheld regardless of legal pressure 4) if compelled to keep logs, it still will not render a client's identity 5) we have never failed once to protect a client's identity, and not for a lack of hundreds of investigations and court orders.

    Those in good standing with Xero will be protected to the ends of the earth. You'll find no such offer anywhere else. If you go to the company page and check out the values we purport, you will see that we regard our liberty and integrity as greatly as that of our clients, and we cannot aspire to our goals by compromise and complicity, and we never will.

    I am afraid you are misinformed, but it is indeed a great principality by comparison to most other countries.
     
  21. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128

    hi steve the only thing that worries me about you even though i am trying your shadow vpn is when you say things that you cannot prove unless you are working for the said company's you said

    Those in good standing with Xero will be protected to the ends of the earth. You'll find no such offer anywhere else. If you go to the company page and check out the values we purport, you will see that we regard our liberty and integrity as greatly as that of our clients, and we cannot aspire to our goals by compromise and complicity, and we never will.


    how can say Xero will be protected to the ends of the earth. You'll find no such offer anywhere else

    you would have to work or know all the other suppliers and there ins and outs now there is one company that since the new law came in they have highlighted what it means for them and that company is trackbuster go to there website and they have updated there response to the new law which to me sounds like they also are determined to protect there users

    they also use open vpn
     
  22. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    geazer, their technologies they use have nothing to do with their values. We know tons of anonymity services that secretly are working with police and state agencies to spy on their legitimate customers. It happens every day. Our difference, other than always being ahead of the competition on every front, is integrity. The people involved at xerobank are... for lack of a better word, crypto punks and antifascist. The other guys just care about short term profit because they may not be around tomorrow. People in it for the long term live by reputation and integrity.
     
  23. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128
    if you subscribe to a service and dont do anything to upset there terms and conditions which they say are

    According to the current legal situation the stored data must be released only if the demanded data provides a basis for repelling an immediate threat for body, life and freedom of men or the safety of the Federal Republic of Germany

    then they say

    The logged data must not be released for the clearing of any other criminal act

    that statement alone allows you to use the service for anything else you desire weather they are logging or not because they say

    entrapment comes to mind if they go against there own tos dont get me wrong i dont know **** only what i read but at end of the day you have to trust someone and they clearly point out like yourself what they release and what they dont

    as far as you say we know who works with what police and agency's why would you think just because you say it people believe you the more you push negative vibes to others it has the opposite effect in my opinion how do i really know you don't work with the police i don't :(



    now like i said i used your service and as you know i unsubscribed and your set up kicked me off even though i used only 5 days of a month service now i emailed you for reactivation of my account and agree you did do it but i relised that you emailed me user and pass to use to get my remaining time but after thinking i chose not to use them details and to lose my 10usd why because you have the log and pass details assigned to me now how do i know you wont log onto my user pass i dont so just resigned myself to the loss
     
    Last edited: Jan 8, 2009
  24. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Think about that: You would trust us to handle your identity, anonymity and financial details and the integrity of your exit traffic, but are concerned that we would log into your account?
     
  25. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I don't doubt it happens for a minute. But do you really know that tons of these services are working with the police? If so, who? How do you know? Why would they let their competitors know? The funny thing is, they all say the same thing about others which would include XeroBank. I'm not arguing with you as I agree and trust XeroBank, but I'm not so sure it's as rampant as you say. But then again, maybe there's a way you know. I should would like to know which ones you think are not operating with integrity.
     
Loading...
Thread Status:
Not open for further replies.