VPN servers raiding/sniffing by LEA

Discussion in 'privacy problems' started by qwax, Feb 3, 2013.

Thread Status:
Not open for further replies.
  1. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    There is much discussion about vpn providers logging or not; it is good if no logging is done of course, but what about the servers?
    Looking at Mullvad, Bolehvpn, Airvpn, i see only servers located in "western oriented" locations.
    NL being especially popular, noting the increasing tendencies by authorities to "tap" the internet, in NL for instance the rightist government trying to get away with more and more spying:
    "plan to let police hack computers", http://www.dutchnews.nl/news/archives/2012/12/advisors_criticise_minister_on.php
    The idiots even want the power to infiltrate servers and destroy data on computers located in foreign jurisdictions. http://www.slate.com/blogs/future_tense/2012/10/25/netherlands_government_wants_power_to_render_inaccessible_data_on_foreign.html
    So, what are the risks LEA putting a tap on a server which hosts a VPN, on the incoming side of the server unencrypted traffic could be tapped.
    Servers are being raided all the time:
    On 25 October 2010, a team of Dutch law enforcement agents seized control of 143 servers
    https://en.wikipedia.org/wiki/BredoLab_botnet
    A while back i wrote to the owner of Mullvad about this subject, this was the response: ( i asked and got permission to post this)
    Begin quote:
    "> Question: using vpn from a home pc: i live in The netherlands and your vpn has Leaseweb.nl as server,what happens as:
    > the dutch authorities raid the data center and start sniffing traffic. (or inspect logs held at Leaseweb)
    > is my home ip adress exposed?
    Answer:
    Hi! Sniffing would be hard but there is a theoretical possibility that
    they could physically break in to our servers and compromise them
    without us noticing. If you are dutch and concerned about the dutch
    government you may want to use VPN servers that stand on ground
    controlled by people who are not friendly towards them, depending on
    the level of your needs and/or paranoia."
    End quote.

    I"d be interested to get views on this subject ,and any recommendations as to how to lessen the risk getting "tapped "
    Using 2 vpn's might be enough?
     
  2. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    I always think you should treat these situations as worst case scenario. That it is happening/already happening and protect yourself to that end. I just assume the VPN servers are already compromised and plan accordingly.

    They probably know full well the situation with people using off shore VPN's but they don't care..... Yet.

    If you don't know what a threat model is, look it up and do one yourself. That's my best advice.

    I'm lucky I guess that all I do is stream a few T.V shows so I don't need to worry. Doesn't mean I don't care though.
     
  3. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    I think everybody needs to worry , in general terms, and we need to be educated as to how to evade the government scrutiny.
    I do now about threat model , but think myself not all that technically savvy, so i would welcome any insights from those whom are.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    The advice from Mullvad is good. Better is chaining multiple VPN services, from different non-cooperating places. But, if you're going to use services from generally-unpopular places, it's best to put them in the middle of three-VPN chains, so neither your ISP nor websites can see them. The same applies to adding Tor to chains.
     
  5. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    Wouldn't think it will be easy finding those; among good vpn providers.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Insorg (-http://safe-inet.com/en) is Russian, I think. I've also heard of Chinese VPNs. Maybe I'll compile a list ;)
     
  7. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Sorry don't trust Russian or Chinese VPN's, too much of a possibility of government intervention.
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Government intervention is possible just about anywhere. The key is being uninteresting enough to them :)

    I didn't explain my plan very clearly. Start by picking a VPN that you trust. Perhaps there are shared politics, respect for privacy and human rights. And perhaps it's located in neutral territory. So that's your primary VPN. Using it won't attract very much attention.

    For your secondary VPN, pick one of the "dangerous" third-party ones. All of your traffic through it is securely encrypted, so not much is vulnerable. What it accomplishes is relaying secured traffic to a third area that's more neutral. For your third VPN, you pick a plain vanilla consumer service, that doesn't attract much LEA attention or website banning. Everything in your third VPN is end-to-end encrypted, and all traffic through it should itself be independently end-to-end encrypted by Firefox, Thunderbird, or whatever.

    What do you think of that?
     
    Last edited: Feb 4, 2013
  9. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    @mirimir
    The russian vpn has some exotic servers indeed; Romania ,Malaysia ,Russia, Panama,Latvia.
    Your plan using 3 vpn's looks secure, but how workable would this be in real life ?
    wouldn't this setup be very complicated to safely maintain?
    all servers have to work;if one stops the chain is broken.
    Preventing dns leaks ,would this be more difficult with multiple servers ?
    using vpn should ( in my case) solve the drawback of using Tor; slow,slow slow.
    Would using 2 vpn's be a reasonable compromise? the chance 2 servers in different jurisdictions being sniffed at the same time and this info shared ,might be slim?
    Perhaps one "exotic" and one regular vpn ?
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    True. So does, for example, AirVPN.

    I've used two-VPN chains (some two-hop) for years, now mostly with pfSense VMs as VPN clients. Most paid VPNs are pretty reliable, and they generally reconnect if there are problems. I occasionally need to reboot stuck VMs.

    Each VPN client is firewalled, whether it's in pfSense or a workstation VM.

    Yes :) With some combinations, I can get about 4-5Mbps each way with two-VPN chains, and about 2-3Mbps each way with three-VPN chains. While that's much less than (for example) AirVPN alone, it's better than Tor :)

    Sure, two is better than one, in this case.

    It depends what your goal is. I wouldn't use a Chinese VPN as your second VPN, unless you were posing as Chinese, and I definitely wouldn't it as your first VPN, unless you were in North Korea. But Panama is fine, I'm sure.

    Russia, however, is iffy. Some Insorg exit IPs are blacklisted, which can complicate browsing and email. And the Russian government may be logging. But hey, someone is probably logging wherever you go. Just operate accordingly.
     
  11. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    Romania is what i found, rest is "western"
    Okay ,sounds good, have to get familiar wit vm's
    I i saw a walktrough by your hand about pfsense, in: Why Should I Use a VPN https://www.wilderssecurity.com/showthread.php?t=339051
    it looks fairly complicated , i'll have to do some reading.....
    i wouln't need more speed, just normal browsing and the occasional youtube; i have ssl usenet for other things ,no need for vpn there.
    Thank you for your extensive advice, i think i go for two vpn's (in a vm ?)
    Whonix looks good too, but i'd rather not use tor if i can help it, but maybe Whonix could be used with vpn in the future.
     
  12. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    my assumption is that VPN's combined with a proper firewall/anti-keylogger/strong passwords/etc are enough for now unless you are an actual cyber-spy, activist-hacker or other high level threat to powerful people because govts/mega-corps will first go after the low hanging fruit; people who are easy to bust and who make it easy to prove they are guilty in a court of law in your country, and to make examples of. when that starts on a wide scale it's time to look into the triple-VPNs, full hard drive encryption and other security measures.

    full hard drive encryption of internal and external hard drives is a good idea anyway in case any of your equipment is stolen.
     
  13. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I do nothing illegal.

    I try to hide everything I do because privacy is my right.

    Therefore, any exit IP that can accomplish that, has a legitimate use, IMO.

    CSN thinks all governments are omnipotent. :D

    Having drawn a paycheck from them, many moons ago, I have no such view :D

    PD
     
  14. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    As a side note, a VPN chain is simple as opening several vpns one after another on the same host or guest OS?
    So it would be

    VPN #1----------->VPN #2----------->VPN #3

    Correct me if I am wrong
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    No, it's not. You can chain two VPNs by opening one on the host machine, and another on the VM. The one on the VM connects through the one on the host machine.

    To chain three VPNs, you need to use VPN gateway VMs. See this thread: https://www.wilderssecurity.com/showthread.php?t=339051. Start at the end, and work back.
     
  16. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Not to be overly pedantic, but there is actually one other way to use three services and maybe more if you were so inclined. You would need to probably be dealing only with text, no JS, and not much else. After your host connection through your VM connection you could simply browse to a simple SSL VPN such as MegaProxy or one of those once ubiquitous services. They used to be the only consumer-friendly way of using a VPN years ago. There's not many left, but there are a few - and they have their place.
     
  17. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    ot post removed. see TOS
     
  18. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    I don't think they are all powerful, but they do have the most power. They have the largest wallet, best toys and brightest minds that = power

    On the topic of VPN raids, you will find 95% of the time nation states will co-operate with each other when it's in their best interest. So no, nothing is safe.

    I could name some countries that "might" not co-operate, but they fit on two hands so it's not many.
     
Loading...
Thread Status:
Not open for further replies.