Xero Networks AG [Xerobank]

Discussion in 'privacy technology' started by DiscoGuy2009, Jan 26, 2009.

Thread Status:
Not open for further replies.
  1. DiscoGuy2009

    DiscoGuy2009 Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    11
    XeroBank has developed into quite an impressive company. I look at Xerobank and something about their business model I find compelling. The company started with TorPark, a freely distributed anonymous browsing package developed by a US citizen (Steve Topletz) who was motivated in part by his concern for Chinese civil liberties :rolleyes: .

    Now they employ ethics advisors, marketing & communication directors, project managers, etc.. operate in three markets and at least on paper seem to have a respectable company. Their products with their multiple hops and countermeasures to advanced traffic analysis and all this other techno babble appear to be (at least to this novice) more technologically advanced than any other company which operates in this market. No doubt, this is not something little Timmy can setup from his mothers basement it would require a considerable capital outlay to get Xero Networks off the ground.

    About 7-8 years ago I came across a well articulated post on USENET by someone who really came off as knowledgeable regarding the business of anonymity. Unfortunately, I can not remember the exact wording because it was so long ago but he provided some very insightful information about Anonymizer.com and its founding in particular the fact that it had (in its embryonic stages) been contracted by the DOD where it received early capital injections that later allowed it to develop into a respectable company.

    I was a premium member of this service so I did confront a representative regarding the claims made on usenet. They did not deny it and went so far as to say "you do your homework". In that same conversation I remember requesting them to cancel my service and refund in which they obliged because I was concerned about the conflict of interest.

    Since Xero Networks AG is incorporated in Panama where corporate disclosure requirements are nearly non-existent finding any information about the company is difficult. I know that their business model is not viable and its hard to imagine them generating a profitable revenue stream based on the services they publicly offer. Who are these angel investors?

    I think if Xero Networks AG was committed to its promise of upholding the highest standards of independence and integrity it would behoove them in the interest of transparency to disclose who are their financial stakeholders (past & present).

    Countless companies received private equity investment from government linked sources and that does not mean you can not maintain your independence but depending on how that information is disclosed could have a significant bearing on your reputation. I hope you choose to be upfront.
     
  2. geazer40

    geazer40 Registered Member

    Joined:
    Jun 11, 2008
    Posts:
    128
    i think he has bypassed your post lol i wander why
     
  3. Klaus_1250

    Klaus_1250 Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    45
    Sources? I looked into them, but I found that their business model could be viable. A lot of companies and government agencies need more than average security or privacy and thus need a reliable partner to supply them with that.

    Some chose to use things like TOR and got bitten by the fact that they forgot that the last exit-node could spy on them, which was mocked by the entire security community (there is a level of stupidity in trying to keep things private and secure, while relying on totally untrusted parties).
     
  4. DiscoGuy2009

    DiscoGuy2009 Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    11
    So you think based on your analysis :)-\) that you could convince a group of business savvy private investors who would demand nothing less than the maximum return for each dollar they invest to buy into the Xero Networks business plan? Steve would have to be one slick willy to convince that crowd that this is the best place for their money. So to my point - who are these angel investors?
     
  5. Klaus_1250

    Klaus_1250 Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    45
    Why the face. I'm just saying that from my point of view, with my experience and education, I do see a business model. You see you know their business model isn't viable, but I was curious how you arrived at the conclusion, hence I asked for a source of info which might or might not convince me of your view.

    I wouldn't want such investors for a business that revolves around privacy or security. Maximum ROI means cutting corners, offering the minimal level of quality that is still acceptable and going for the lowest common denominator.

    What you want is investors which share the same ideas as you around these topics. Not all investors are greedy bastards, some just want to earn money investing something they can believe in.
     
  6. Z32

    Z32 Registered Member

    Joined:
    Jul 20, 2008
    Posts:
    49
    Not to be a wet blanket, but I don't think you're going to get a straight answer out of him as to who they are. If they're private individuals desiring anonymity/respect for their privacy, like you, then surely they're not going to stick their necks out?

    As alluded to by Klaus_1250:
    ...they could see it as a long-term project, which won't generate profit from day one. How many businesses do? They could also have created the network out of other self-serving desires, such as masking their own activity. i.e. the greater the number of users, theoretically, the more they're hidden?

    Another thought - If XeroBank were a quasi-government agency out to get you, you'd think it could recruit a couple of stool pigeons as figureheads to satiate the constant requests on here for investor/owner details, and thus bring in more customers. Steve's refusal to name them, whether he knows them or not, wouldn't be doing much for global honeypot aspirations.

    Why not ask a more strategic question, that doesn't require the naming of the investors? If you as a customer want your identity protected, is it that unreasonable to presume they would like to protect their identities also? IMO, this is not unreasonable, given that governments wishing to invade the lives of their citizens would want to see XB shut down as much as Nevada/Macau would, a back alley poker game.

    I do note that their policies for dealing with customer data, while extensive, don't exactly state their allegiances beyond believing in human rights... as far as I can see.

    How about asking something like this?

    ..and you could then challenge Steve to get assurances of some kind/a statement attesting to this from management.

    I know this would be banking (excuse the pun) on Steve/XeroBank's credibility, trustworthiness, honor, integrity and whatnot, but that's really all you have to go on with anybody. How does an ordinary citizen tell a legitimate person/organisation of great integrity/high moral standards apart from a well-versed stool pigeon, at an elite level? They can't. So IMO a written assurance/statement from XB would carry more weight, than knowing that Joe Bloggs from Cape Cod, retired school teacher, is an investor.
     
    Last edited: Jan 26, 2009
  7. Klaus_1250

    Klaus_1250 Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    45
    They offer services to both consumers, businesses and government-agencies, so there is a good chance that they are "involved" with clients that other clients see as a potential threat. But that still doesn't mean anything. Even a project such as TOR would have to answer yes to that statement.

    Agree, but than again, getting a reassurance that one is the former doesn't mean anything either if one is the latter.
     
  8. Z32

    Z32 Registered Member

    Joined:
    Jul 20, 2008
    Posts:
    49
    Good pick-up. The question could be modified to make it to be more specific... i.e. no involvement/affiliation beyond the provision of customer VPN services to those agencies...with a little more fluff than that :)

    I just see it as advantageous, that further assurances be displayed for all to see, as they're then bound by their word. ..also could make it clearer, potentially, for clients of the service to demonstrate wrongdoing or harm caused to them by XB's affiliations, since the guidelines XB adheres to would be more detailed.

    I'm not saying they would do the wrong thing, or that it's a panacea for the trust issues, but the customer would potentially have more to hold them accountable to, and be able to make a more informed choice regarding their VPN services.
     
  9. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Good discussion. I see that this has lead you to some good conclusions too. In particular, we accept customers as clients only, and this is one of the reasons our minimum standard is the UN Declaration of Human Rights. This part of our "play fair" policy. We state on our law enforcement contact form that we will not accept investigations for clandestine operations like domestic surveillance, or for political purposes, and such requests will result in formal complaints being filed against the agent(s) or agency in the jurisdiction of authority. We don't play favorites, and no fishing trips allowed, under any circumstance, ever.
     
  10. DiscoGuy2009

    DiscoGuy2009 Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    11
    Who are your financial stakeholders?
     
  11. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Is it your concern that financial stakeholders can influence the operation of the company, or it's integrity?
     
  12. DiscoGuy2009

    DiscoGuy2009 Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    11
    Why dodge the question?

    The TOR project received funding from the US Navy so does that compromise their integrity? No, because they where upfront about explaining the nature of the relationship. That in my view gave them greater creditability. Now the US Navy uses that technology for real world applications.

    You must decide if you are going to be upfront and transparent about your company's financial stakeholders and it's how you choose to go about this in my view that matters the most.
     
  13. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Ah, the return of the privacy.li forum troll(s). Your message this time was well crafted, it came off as being intelligent and concerned. You even changed your writing style this time. However, when you didn't follow up that concern as your premise when I asked, and hardlined your question, your modus operandi was revealed and the facade slipped.

    You should have said that integrity and undue influence was your concern, as it is the only legitimate concern in a fiduciary relationship. Information on it's own is useless to non-adversaries, and leveraged unpredictability is an advantage for us. Your insistence without purpose defines you as wanting to be an adversary. But had you claimed that the funding was somehow related to risk, then you would not have had the opportunity to hardline because you know I've already stated the financial stakeholders have no hand in any of the operations or management, and thus do not pose any threat.

    If you're going to pretend to be someone else, you need to actually think from that person's point of view instead of wearing a username like a costume. Your behavior is simple and easy to predict, this means you are not formally trained as an agent provocateur, so you are less than an intelligence agency, but more than an honest inquiring mind. That leaves just a few groups. I'll expect better next time.

    Let this serve as an example of integrity: We do not reveal anyone's private information, not our stakeholders, not our clients, nor their data. Not even under public duress.
     
    Last edited: Jan 28, 2009
  14. DiscoGuy2009

    DiscoGuy2009 Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    11
    In my last post I made the point that its not only who your financial stakeholders are that is important but equally how you choose to go about discussing and disclosing that information. By trying to masquerade your lack of transparency as integrity, in my view only served to raise serious questions about the credibility of your company. Finally, personally attacking my character and questioning my motives was way out of line.
     
Loading...
Thread Status:
Not open for further replies.