What are important things to look out for when selecting a VPN provider?

Discussion in 'privacy technology' started by overworkedmonkey, Jul 21, 2011.

Thread Status:
Not open for further replies.
  1. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    I have been researching on using a VPN service to provide anonymous browsing and having not used a VPN before nor having the in-depth knowledge, what should I know and look out for when selecting a VPN provider. I also came across the following websites however am unsure how reliable they are -

    1) http://www.vpnsp.com/reviews.html

    2) http://myvpnreviews.com/

    3) http://www.how-to-hide-ip.info/2010/04/12/7-good-strongvpn-alternatives/

    4) http://filesharefreak.com/2008/10/18/total-anonymity-a-list-of-vpn-service-providers/

    Also the only provider I have come across not listed on any of the sites above was http://www.vpnpronet.com/whyvpn.php. Again not sure how reliable they are.

    My requirements are as following;

    1. No logging whatever so e.g. encrypted servers, no tracking of originating IP address, etc
    2. Minimal or next to no impact on speed
    3. The ability to use the service on multiple computers without having to purchase a new router
    4. Unlimited downloads and uploads
    5. Works with all web related applications e.g. web browsing, video streaming, chatting, audio streaming, etc
    6. Reliable support and service
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
  3. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    Thanks. I had a read of the forum however I am not that much closer to deciding on which provider supports what is recommended e.g. encryption, logging, etc as I have next to no knowledge in the area of security yet. Appreciate it if you can point me in the right direction.
     
  4. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    The problem is you said it, that you lack knowledge in the area of security.

    Of course you can take someone's recommendation and just start using a VPN, but then you're also facing greater risk without some knowledge about how all this works and how you need to go about this.

    So here are some thoughts for starters...

    1. What do you know about OpenVPN and some of the risks?
    2. Do you know how to protect yourself on the VPN?
    3. Do you use any kind of software or hardware firewall and understand it well?
    4. What Operating System do you use and what is your level of security knowledge as it pertains to your OS?
    5. Why do you want to use a VPN and do you understand, what it can and can't offer you?
    6. What do you think the differences are between OpenVPN, Tor and a Proxy?

    You should back up a little to the beginning and start there and work your way forward, because if you don't then your just short changing yourself because it's all going to connect the dots and help improve everything in the future and make you safer.

    What I'm saying, for security, all of it, you need to fit some of the pieces together with a decent understanding if you really want to accomplish some real security and not just someone that goes, oh that sounds good and he likes that for so and so reason and it all sounds good enough and that's basically your extent of knowledge.

    Yeah we all know you want to start jumping in there right away and start going for, so if it makes you feel any better, learn the security stuff now, start getting the system of yours safer and more secure and don't worry, you won't die without a VPN for the moment, but if you don't start getting some of the security stuff down now, then you're just creating greater risks for yourself.

    Hey you said it you lack security, so I'm assuming that means just about any security and probably on your computer too?

    One simple question and please don't cheat, hehe, do you know what a R.A.T. is?

    CHEERS :)
     
  5. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    Thanks my comments below.

    I would agree with you that it is better to have some knowledge than no knowledge but I also find that having little knowledge leads to assumptions hence requesting a little hand holding at the start to understand what I need to know to protect my anonymity.

    1. Nothing. All I know and understand is basic VPN i.e. connecting to a remote endpoint via a secure channel. I don't know about the various encryption techniques, what risks the hold, etc as well as issues such as DNS leaks which I don't even know what it means

    2. No.

    3. Yes I do employ various software and hardware to protect myself e.g. firewall, sandbox, encrypted harddrive, etc

    4. A combination but I know about OSs' reasonably well.

    5. I wish to use a VPN to provide anonymity but no I don't know enough about what it can and can't do.

    6. I do understand the basic difference between a VPN and Proxy but not enough about TOR apart from the fact it has been suggested it is insecure in some form or shape.

    My comment at the very top.

    Sorry, I don't know what R.A.T is
     
  6. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    lol Here we go again

    1. When the word provider is used it's not a VPN. A VPN is site to site. Expanding your private network over the internet in a secure manner. The goal is not to hide your IP but to secure the data you are transporting. That means no third party servers whatsoever.

    2. A connectivity service you will use to hide your IP and to protect your privacy to a certain extent. You pay to use a private proxy where a level of trust is exchanged. Its there to hide your IP. You can't hide from your government or ISP with it. No need why anyone in the free world needs to do that unless your doing something your not suppose to be doing where in that extent a provider will work with authorities handing all your info over to protect their business.

    Remote administration Tool I.E Poison Ivy

    OpenVPN is a user-space VPN that uses the well tested and mature SSL/TLS infrastructure to create the same site-to-site connection functionality found in IPSec VPNs. OpenVPN is referred to as a user-space VPN because it does not require sophisticated intertwining with the OS’s kernel to function. It operates in Ring3 of our secure OS Ring Architecture, which is right where we want it. Usually, in order to do link encryption, an application must be intertwined with the kernel to provide low level access to the interface where the link is found. Userspace VPNs use a “virtual interface” they control and access without this kernel dependence. This gives user-space VPNs a more secure starting point than standard IPSec devices, as well as provided more flexibility in porting to other operating systems and ease of installation and maintenance.

    Blowfish in its Cipher Block Chaining mode using a 128-bit key. That's OpenVPN default. If you stay inband you will be fine

    PCs with lot of programs or big programs installed are isolated on the network. Everything is on denied by default where application by application will receive a trust level 1 on by 1 depending on the security policy of course

    What does this have to do with a VPN?

    Connecting to my home computer from my office securely

    OpenVPN is site to site. Tor builds a circuit of encrypted connections through relays on the network. No single relay knows the complete path. Everyone is part of it yet no one knows of each other.
    A proxy is a server you use to fetch the data for you. They come in different flavors

    Regular/Caching proxy - A regular caching proxy server is a server which listens on a separate port and the clients (browsers) are configured to send requests for connectivity to that port. So the proxy server receives the request, fetches the content and stores a copy for future use.

    Anonymous Proxy - Anonymous proxy does not transfer the information about the IP-address of its user, and thus effectively hide the information about you and your surfing interests. In addition, some proxies (the so-called elite proxies) can also hide the fact that a user surfing through a proxy server. So there are two types of anonymous proxies

    Anonymous Proxy server does not send HTTP_X_FORWARDED_FOR variable to host, this improves privacy since your IP address cannot be logged.

    Elite proxy (high anonymity) does not send HTTP_X_FORWARDED_FOR, HTTP_VIA and HTTP_PROXY_CONNECTION variables. Host doesn't even know you are using proxy server and of course it doesn't know your IP address.

    Transparent proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used for their ability to cache websites and do not effectively provide any anonymity to those who use them.
     
    Last edited: Jul 22, 2011
  7. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    Thanks Spooony. Do you mean to tell me that using a service such as HideMyAss, StrongVPN, etc is not using VPN in its true form? Does that mean they are a connectivity service and they are essentially a proxy? Not that I intend to do anything I am not supposed to do (although this is arguable), for example I am in China and wish to write comments that undervalue the government, I would have though a service such as HideMyAss, etc would protect my anonymity from ISPs, governments, etc.

    I am further confused by the fact if OpenVPN is site to site connectivity and that meets the definition of VPN, I would think HideMyAss, etc are a VPN provider. Sorry if I am a complete noob and do not appreciate the complexities. I am trying to learn and understand.

    Does it matter the type of encryption employed by the services/providers such as HideMyAss, etc e.g. AES over Blowfish, etc
     
  8. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    overworkedmonkey, the VPN services you see online that know what they're doing are a VPN, don't confuse yourself like Spooony is, he's on some purist VPN trip or something, who seems to not really understand how BROAD and WIDE VPN EXPANDS! ;)

    By the way most of what you are asking should be in these two posts, (Please spend time reading through them);

    https://www.wilderssecurity.com/showthread.php?t=299102
    https://www.wilderssecurity.com/showthread.php?t=285780

    Spooony you're thinking is a bit flawed here in regards to a VPN and you're going to confuse people...

    VPN is a very inclusive term. In it's most basic form, it is a link between two computers providing a Virtual(not publically routed)
    Private(secured+encrypted) Network(it handles IP traffic) between those two machines.

    LOOK back up and READ again before you answer --> BASIC FORM!

    OpenVPN is more of a tool on which you can build your desired VPN topology, whether it be site-to-site, roaming clients, getting gateway
    redirection, or secured transports between two servers over the internet(or other untrusted link) A "VPN service provider", the sort you can
    pay $5/mo for, is usually providing the second example.

    To say that if you pay for a VPN service this is not a VPN is not correct.

    This is more advanced than simple SOCKS or HTTP proxying because it can route /all/ traffic through the link, and that link is secured by more
    and this is also an encapsulated/secure encrypted tunnel, your typical proxy that you seem to throw into the mix trying to compare this to is
    not.

    OpenVPN is a tool which you use to assemble your VPN. How you design it is up to you. And if someone offers a VPN service over the Internet,
    sorry this is VPN.

    "Proxy" within the context of a VPN Provider means that your web browsing traffic appears(to the websites you are accessing) to originate from
    the VPN Provider's servers. This is done using a VPN link between your computer and the VPN Provider's servers.

    OpenVPN proxying is fundamentally different from HTTP/SOCKS proxying in that it routes the actual TCP/UDP traffic over the OpenVPN link, which
    is completely transparent to your applications. No "enter the IP address" needed. It is a "routed proxy over OpenVPN"

    Let's PLEASE stop beating around this thing trying to make VPN seem like a SOCKS/HTTP proxy and if you're not, well, it certainly sounds like.


    P.S. The questions were for the OP not you... :(
     
    Last edited: Jul 22, 2011
  9. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    Thats correct. It fetches the data for you encrypts it then send it to you. So they see hidemyass or whatever connectivity service IP. So you pay for that trust as you and provider have a agreement. Remember they do not wash the headers and such theyprovide basic anonimity while encrypting your data. Thats what it is basically. I hope you understand now what it is and hopefully it will help you choose a service that suites you. I always believe its better if we know how a thing work more or less.
     
  10. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    Sorry DAS i was just showing a example to the OP so he can understand the difference and how it works. Was not disagreeing with you.

    ps
    Not going to repeat it again. Thats openvpn

    VPNs work by creating a virtual tunnel over the public Internet. In order to create this tunnel, symmetric encryption is used. Both sides of the tunnel share common encryption and decryption keys and use them to encrypt all traffic in both directions. Symmetric encryption is very fast and there are many solidalgorithms available to implement this (Blowfish, AES, 3DES).
     
    Last edited: Jul 23, 2011
  11. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    We are talking OpenVPN and I explained it as OpenVPN...

    I don't want to repeat it either, so please stop making OpenVPN sound like a SOCKS/HTTP proxy because it's not.

    A VPN PROVIDER is a ---> ROUTING PROXY = BIG DIFFERENCE! ;)
     
  12. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    So if they are consired to be encrypted proxy services, what would you consider to be a true VPN that provides anonymity, security, etc? When you say they don't wash headers what do you mean?
     
  13. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    Thanks DasFox. I did have a read of what was posted however most of the information is over my head and seeing that no provider is going to answer everything you have listed, how do we know what we are signing up for? Maybe I should be asking, do you use a specific provider and if so why?
     
  14. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Well the thing is, certainly people can say use this provider and send you on your way and that's that...

    But is this really where you want to be in terms of security and taking everyone's word and just leaving it at that?

    Truth is, sooner or later if this is all you do, then it's going to bite you at some point without some understanding...

    Look don't take me wrong, I'm not here trying to spin you around in circles as some might think, but there are certain aspects of this you really should get some grasp on to better help yourself.

    So you really need to go back if you haven't read and really read through these posts as a starting point, then take what you are not understanding in those posts and surf Google for the answers to try and teach some of it to yourself...

    https://www.wilderssecurity.com/showthread.php?t=299102
    https://www.wilderssecurity.com/showthread.php?t=285780

    The simple truth is, you have to do some research on your own, gain some understanding, otherwise you can't really ask the questions you really need to be asking...

    The first link really explains quite a bit about some of the different technologies and the second link has people talking about all their likes and dislikes and this is where you can get a feel for what I'm talking about, just going on people's words alone, seeing what a mess that can be. Like, oh they're great, used them for a year no problems, and don't use them they suck, always problems with tech support, well gee this really tells us a lot does it? Get what I'm saying here now?

    Cheers
     
    Last edited: Jul 25, 2011
  15. overworkedmonkey

    overworkedmonkey Registered Member

    Joined:
    Jan 31, 2011
    Posts:
    55
    Thanks. What is the best source to learn the basics of the technologies employed?
     
  16. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    Just look at what Steve is talking about as far as the technologies are concerned in this post;

    https://www.wilderssecurity.com/showthread.php?t=299102

    Then whatever you don't understand surf Google to read more about something, or you might search here on Wilders and find someone talking about something specific you're looking for information on...

    We're talking about OpenVPN here, so you should start there, they also have a community;

    http://openvpn.net/

    Just dig and read and I'm certainly not saying to go out and read and learn everything, just some basics...

    And to be honest I don't just know of one place you can simply go to and read everything...
     
  17. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Skip the trash talk and let's get to business, shall we? :)

    Most important factors when using a secure VPN;

    - The VPN provider shall not give out information about you upon request by authorities (meaning provider should be based in a country which has strong privacy laws such as Sweden, Holland etc)
    - The VPN provider shall not save any information about you or your IP.
    - The VPN encryption should be at least 2048-bit (you'll be 100% untraceable)
    - The VPN service should be cheap
    - The VPN service should be fast and responsive

    https://www.anonine.com/en -That site will suit all your needs and it meets all above criterias. Be sure to select their OpenVPN service.
     
  18. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Sorry there's no trash talking going on.

    And by what you stated does not in anyway prove, or help someone to prove that the VPN knows what they are doing, can be trusted and if you're safe using them...

    There's a lot more to it then by what you just stated...

    Since you are in Sweden do you personally know www.anonine.com?

    And why would you recommend them?

    I've asked them questions in the past and they don't seem to know much about what they're doing, not friendly or professional either...

    Also anonine, vpntunnel and darknetvpn seems to be a part of one another, or they are hosted by the same company, Sweden's largest ISP at the White Mountains;

    http://www.architecturenewsplus.com/projects/1407

    Trying to ask any of those VPN providers questions is like pulling teeth...

    P.S. I would not fully discredit these VPNs at the moment, maybe they've changed their tune and are a bit more receptive to questions and a more professional mannerism. I still would say to check them out as I favor VPNs in Sweden but do your homework and just keep an eye out and ask questions...
     
    Last edited: Jul 31, 2011
  19. bryanjoe

    bryanjoe Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    380
    what you are using that is damn good?
    u have been posting all over this forum but i did not catch what u r subscribing...

    what vpn(s) u are using? and why is it that is good?
     
    Last edited: Jul 31, 2011
  20. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    I replied in the other post you made;

    https://www.wilderssecurity.com/showthread.php?t=285780

    Cheers
     
Loading...
Thread Status:
Not open for further replies.