Tag Archives: searches

Police Forces Around Europe Hit Pirate IPTV Operation

2018-05-19 Andy

Post Syndicated from Andy original https://torrentfreak.com/police-forces-around-europe-hit-pirate-iptv-operation-180519/

Once upon a time, torrent and web streaming sites were regularly in the headlines while being targeted by the authorities. With the rise of set-top box streaming, actions against pirate IPTV operations are more regularly making the news.

In an operation coordinated by the public prosecutor’s office in Rome, 150 officers of the Provincial Command of the Guardia di Finanza (GdF) this week targeted what appears to be a fairly large unauthorized IPTV provider.

Under the banner Operation Spinoff, in Italy, more than 50 searches were carried out in 20 provinces of 11 regions. Five people were arrested. Elsewhere in Europe – in Switzerland, Germany and Spain – the Polizei Basel-Landschaft, the Kriminal Polizei and the Policia Nacional coordinated to execute warrants.

A small selection of the service on offer

“Through technical and ‘in-the-field’ investigations and the meticulous reconstruction of financial flows, carried out mainly through prepaid credit cards or payment web platforms, investigators have reconstructed the activity of a pyramid-like criminal structure dedicated to the illegal decryption and diffusion of pay-per-view television content through the Internet,” the GdF said in a statement.

Italian authorities report that the core of the IPTV operation were its sources of original content and channels. These were located in a range of diverse locations such as companies, commercial premises, garages and even private homes. Inside each location was equipment to receive, decrypt and capture signals from broadcasters including Sky TV.

Italian police examine hardware

These signals were collected together to form a package of channels which were then transmitted via the Internet and sold to the public in the form of an IPTV subscription. Packages were reportedly priced between 15 and 20 euros per month.

It’s estimated that between the 49 individuals said to be involved in the operation, around one million euros was generated. All are suspected of copyright infringement and money laundering offenses. Of the five Italian citizens reported to be at the core of the operations, four were taken into custody and one placed under house arrest.

Reports identify the suspects as: ‘AS’, born 1979 and residing in Lorrach, Germany. ‘RM’, born 1987 and living in Sarno, Italy. ‘LD’, born 1996 and also living in Sarno, Italy. ‘GP’, born 1990, living in Pordenone, Italy. And ‘SM’, born 1981 and living in Zagarolo, Italy.

More hardware

Players at all levels of the business are under investigation, from the sources who decrypted the signals to the sellers and re-sellers of the content to end users. Also under the microscope are people said to have laundered the operation’s money through credit cards and payment platforms.

The GdF describes the pirate IPTV operation in serious terms, noting that it aimed to set up a “parallel distribution company able to provide services that are entirely analogous to lawful companies, from checks on the feasibility of installing the service to maintaining adequate standards and technical assistance to customers.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Accessing Cell Phone Location Information

2018-05-16 Bruce Schneier

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/05/accessing_cell_.html

The New York Times is reporting about a company called Securus Technologies that gives police the ability to track cell phone locations without a warrant:

The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show.

Another article.

Boing Boing post.

Leaking securely, for White House staffers

2018-05-14 Robert Graham

Post Syndicated from Robert Graham original https://blog.erratasec.com/2018/05/how-to-leak-securely-for-white-house.html

Spencer Ackerman has this interesting story about a guy assigned to crack down on unauthorized White House leaks. It’s necessarily light on technical details, so I thought I’d write up some guesses, either as a guide for future reporters asking questions, or for people who want to better know the risks when leak information.

It should come as no surprise that your work email and phone are already monitored. They can get every email you’ve sent or received, even if you’ve deleted it. They can get every text message you’ve sent or received, the metadata of every phone call sent or received, and so forth.

To a lesser extent, this also applies to your well-known personal phone and email accounts. Law enforcement can get the metadata (which includes text messages) for these things without a warrant. In the above story, the person doing the investigation wasn’t law enforcement, but I’m not sure that’s a significant barrier if they can pass things onto the Secret Service or something.

The danger here isn’t that you used these things to leak, it’s that you’ve used these things to converse with the reporter before you made the decision to leak. That’s what happened in the Reality Winner case: she communicated with The Intercept before she allegedly leaked a printed document to them via postal mail. While it wasn’t conclusive enough to convict her, the innocent emails certainly put the investigators on her trail.

The path to leaking often starts this way: innocent actions before the decision to leak was made that will come back to haunt the person afterwards. That includes emails. That also includes Google searches. That includes websites you visit (like this one). I’m not sure how to solve this, except that if you’ve been in contact with The Intercept, and then you decide to leak, send it to anybody but The Intercept.

By the way, the other thing that caught Reality Winner is the records they had of her accessing files and printing them on a printer. Depending where you work, they may have a record of every file you’ve accessed, every intranet page you visited. Because of the way printers put secret dots on documents, investigators know precisely which printer and time the document leaked to The Intercept was printed.

Photographs suffer the same problem: your camera and phone tag the photographs with GPS coordinates and time the photograph was taken, as well as information about the camera. This accidentally exposed John McAfee’s hiding location when Vice took pictures of him a few years ago. Some people leak by taking pictures of the screen — use a camera without GPS for this (meaning, a really old camera you bought from a pawnshop).

These examples should impress upon you the dangers of not understanding technology. As soon as you do something to evade surveillance you know about, you may get caught by surveillance you don’t know about.

If you nonetheless want to continue forward, the next step may be to get a “burner phone”. You can get an adequate Android “prepaid” phone for cash at the local Walmart, electronics store, or phone store.

There’s some problems with such phones, though. They can often be tracked back to the store that sold them, and the store will have security cameras that record you making the purchase. License plate readers and GPS tracking on your existing phone may also place you at that Walmart.

I don’t know how to resolve these problems. Perhaps the best is grow a beard and on the last day of your vacation, color your hair, take a long bike/metro ride (without your existing phone) to a store many miles away and pick up a phone, then shave and change your color back again. I don’t know — there’s a good chance any lame attempt you or I might think of has already been experienced by law enforcement, so they are likely ahead of you. Maybe ask your local drug dealer where they get their burner phones, and if they can sell you one. Of course, that just means when they get caught for drug dealing, they can reduce their sentence by giving up the middle class person who bought a phone from them.

Lastly, they may age out old security videos, so simply waiting six months before using the phone might work. That means prepaying for an entire year.

Note that I’m not going to link to examples of cheap burner phones on this page. Web browsers will sometimes prefetch some information from links in a webpage, so simply including links in this page can condemn you as having interest in burner phones. You are already in enough trouble for having visited this web page.

Burner phones have GPS. Newer the technology, like the latest Android LTE phones, have pretty accurate GPS that the police can query (without a warrant). If you take the phone home and turn it on, they’ll then be able to trace back the phone to your home. Carrying the phone around with you has the same problem, with the phone’s location correlating with your existing phone (which presumably you also carry) or credit card receipts. Rumors are that Petraeus was partly brought down by tracking locations where he used his credit card, namely, matching the hotel he was in with Internet address information.

Older phones that support 3G or even 2G have poorer GPS capabilities. They’ll still located you to the nearest cell tower, but not as accurately to your exact location.

A better strategy than a burner phone would be a burner laptop computer used with WiFi. You can get a cheap one for $200 at Amazon.com. My favorite are the 11 inch ones with a full sized keyboard and Windows 10. Better yet, get an older laptop for cash from a pawn shop.

You can install chat apps on this like “Signal Desktop”, “Wire Desktop”, or “WhatsApp” that will allow you to securely communicate. Or use “Discord”, which isn’t really encrypted, but it’s popular among gamers so therefore less likely to stand out. You can sit in a bar with free WiFi and a USB headset and talk to reporters without having a phone. If the reporter you want to leak to doesn’t have those apps (either on their own laptop or phone) then you don’t want to talk to them.

Needless to say, don’t cross the streams. Don’t log onto your normal accounts like Facebook. If you create fake Facebook accounts, don’t follow the same things. Better yet, configure your browser to discard all information (especially “cookies”) every time you log off, so you can’t be tracked. Install ad blockers, or use the “Brave” web browser, to remove even more trackers. A common trick among hackers is to change the “theme” to a red background, as a constant subliminal reminder that you using your dangerous computer, and never to do anything that identifies the real you.

Put tape over the camera. I’m not sure it’s a really big danger, but put tape over the camera. If they infect you enough to get your picture, they’ve also infected you enough to record any audio on your computer. Remember that proper encryption is end-to-end (they can’t eavesdrop in transit), but if they hack the ends (your laptop, or the reporter’s) they can still record the audio.

Note that when your burner laptop is in “sleep” mode, it can still be talking to the local wifi. Before taking it home, make sure it’s off. Go into the settings and configure it so that when the lid is closed, the computer is turned completely off.

It goes without saying: don’t use that burner laptop from home. Luckily, free wifi is everyone, so the local cafe, bar, or library can be used.

The next step is to also use a VPN or Tor to mask your Internet address. If there’s an active investigation into the reporter, they’ll get the metadata, the Internet address of the bar/cafe you are coming from. A good VPN provider or especially Tor will stop this. Remember that these providers increase latency, making phone calls a bit harder, but they are a lot safer.

Remember that Ross Ulbricht (owner of dark website market Silk Road) was caught in a library. They’d traced back his Internet address and grabbed his laptop out of his hands. Having it turn off (off off, not sleep off) when the lid is closed is one way to reduce this risk. Configuring your web browser to flush all cookies and passwords on restart is another. If they catch you in mid conversation with your secret contact, though, they’ll at least be able to hear your side of the conversation, and know who you are talking to.

The best measure, though it takes some learning, is “Tails live”. It’s a Linux distribution preconfigured with Tor and various secure chat apps that’ll boot from the USB or SD card. When you turn off the computer, nothing will be saved, so there will be no evidence saved to the disk for investigators to retrieve later.

While we are talking about Tor, it should be noted that many news organizations (NYTimes, Washington Post, The Intercept, etc.) support “SecureDrop” accessed only through Tor for receiving anonymous tips. Burner laptops you use from bars from Tails is the likely your most secure way of doing things.

Summary

The point of this post was not to provide a howto guide, but to discuss many of the technological issues involved. In a story about White House people investigating leaks, I’d like to see something in this technological direction. I’d like to know exactly how they were investigating leaks. Certainly, they were investigating all work computers, accounts, and phones. Where they also able to get to non-work computers, accounts, phones? Did they have law enforcement powers? What could they do about burner phones and laptops?

In any case, if you do want a howto guide, the discussion above should put some fear into you how easily you can inadvertently make a mistake.

Pre-Release Game of Thrones Leaks Bred Pirates, Research Shows

2018-04-27 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/pre-release-game-of-thrones-leaks-bred-pirates-research-shows-180427/

The pre-release leak of four Game of Thrones episodes, early 2015, is one of the most prominent piracy cases in TV history.

The first copies, leaked from a review screener, quickly spread across public torrent sites and were downloaded millions of times.

HBO was understandably upset and feared that the leaks would hurt their bottom line. While that was not immediately apparent after the official premiere, new research suggests that they had a significant impact. And not just on Game of Thrones.

A new working paper published by economy researcher Wojciech Hardy of the Institute for Structural Research and the University of Warsaw carefully dissected the aftermath.

The findings show that the pre-release leaks triggered more people to pirate, and not just the four leaked episodes. This led to a decrease in expected viewers for Game of Thrones, but also for comparable TV-shows.

“The general conclusion is that the leak provided a strong incentive for some of the viewers to look for unauthorized sources for TV shows and that, in consequence, some of them started watching TV shows through unauthorised channels in general,” Hardy tells TorrentFreak.

The reasoning behind this effect is that the leaks introduced some people to these unauthorized sources for the first time. They then kept using these for subsequent episodes.

Ratings, viewership and predicted viewership.

For his research, Hardy used an extensive dataset of US TV-viewership of a variety of shows over time, as well as related Google search data. This revealed that other series, similar to Game of Thrones, were negatively impacted too, compared to a control group.

“Importantly, a negative shift in viewership was found, evidenced both by a drop in the viewership of GoT and by a decline in the viewership of TV shows that share an audience with GoT,” Hardy writes in the paper.

This makes sense, as newcomers to pirate sites are likely to use them for other content as well. That this appears to be a direct effect of the leaks is evidenced by the fact that the decrease in expected viewership wasn’t visible for unrelated TV-shows.

The findings are backed up by Google search data too. Following the pre-release leaks, Google search phrases linked to unauthorized viewing (such as ‘show_name watch online’) gradually increased for GoT-related shows, relative to a control group.

The key message of the current research, according to Hardy, is that even temporary piracy incentives such as pre-release leaks can have long-term effects. They only affect a small percentage of the total audience, but every lost viewer costs money.

This is bad news for HBO and others who have been in a similar situation. However, the data also shows that there may be a promotional effect, possibly because people discover new shows.

As searches for unauthorized sources increased, the viewership of GoT-like shows slowly recovered. This suggests that there may be a promotional piracy effect, where people start to watch shows legally after discovering them on pirate sites.

“On the one hand, this means that the content providers should pay much attention not to incentivize their audience to switch to unauthorized sources to avoid losses,” Hardy says.

“On the other hand, it’s possible that adequate promotional incentives might convince some of the ‘pirates’ to switch to the authorized distribution channels instead, he adds.”

Follow-up studies may provide more clarity on this and other effects.

—

A copy of the full working paper, titled Pre-release leaks as one-time incentives for switching to unauthorised sources of cultural content, is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Classify sensitive data in your environment using Amazon Macie

2018-04-04 Alexander Watson

Post Syndicated from Alexander Watson original https://aws.amazon.com/blogs/security/classify-sensitive-data-in-your-environment-using-amazon-macie/

In this post, I’ll show you how to create a sample dataset for Amazon Macie, and how you can use Amazon Macie to implement data-centric compliance and security analytics in your Amazon S3 environment. I’ll also dive into the different kinds of credentials, document types, and PII detections supported by Macie. First, I’ll walk through creating a “getting started” sample set of artificial, generated data that you can use to test Macie capabilities and start building your own policies and alerts.

Create a realistic data sample set in S3

I’ll use amazon-macie-activity-generator, which we call “AMG” for short, a sample application developed by AWS that generates realistic content and accesses your test account to create the data. AMG uses AWS CloudFormation, AWS Lambda, and Python’s excellent Faker library to create a data set with artificial—but realistic—data classifications and access patterns to help test some of the features and capabilities of Macie. AMG is released under Amazon Software License 1.0, and we’ll accept pull requests on our GitHub repository and monitor any issues that are opened so we can try to fix bugs and consider new feature requests.

The following diagram shows a high level architecture overview of the components that will be created in your AWS account for AMG. For additional detail about these components and their relationships, review the CloudFormation setup script.

Depending on the data types specified in your JSON configuration template (details below), AMG will periodically generate artificial documents for the specified S3 target with a PutObject action. By default, the CloudFormation stack uses a configuration file that instructs AMG to create a new, private S3 bucket that can only be accessed by authorized AWS users/roles in the same account as the bucket. All the S3 objects with fake data in this bucket have a private ACL and inherit the bucket’s access control configuration. All generated objects feature the header in the example below, and AMG supports all fake data providers offered by https://faker.readthedocs.io/en/latest/index.html, as well as a few of AMG‘s own custom fake data providers requested by our customers: aws_creds, slack_creds, github_creds, facebook_creds, linux_shadow, rsa, linux_passwd, dsa, ec, pgp, cert, itin, swift_code, and cve.

# Sample Report - No identification of actual persons or places is # intended or should be inferred


74323 Julie Field
 Lake Joshuamouth, OR 30055-3905
 1-196-191-4438x974
 53001 Paul Union
 New John, HI 94740
 Mastercard
 Amanda Wells
 5135725008183484 09/26
 CVV: 550
354-70-6172
 242 George Plaza
 East Lawrencefurt, VA 37287-7620
 GB73WAUS0628038988364
 587 Silva Village
 Pearsonburgh, NM 11616-7231
 LDNM1948227117807
 American Express
 Brett Garza
 347965534580275 05/20
 CID: 4758

599.335.2742 JCB 15 digit Michael Arias 210069190253121 03/27 CVC: 861

Create your amazon-macie-activity-generator CloudFormation stack

You can deploy AMG in your AWS account by using either these methods:

Use the CloudFormation Template: https://s3.amazonaws.com/amazon-macie-activity-generator-us-east-1-fb58a9df3468/CloudFormationTemplate.yml
Or use this One-click CloudFormation launch stack.

Follow these steps:

Log in to the AWS Console in a region supported by Amazon Macie, which currently includes US East (N. Virginia), US West (Oregon).
Select the One-click CloudFormation launch stack, or launch CloudFormation using the template above.
Read our terms, select the Acknowledgement box, and then select Create.

Creating the data takes a few minutes, and you can periodically refresh CloudWatch to track progress.

Add the new sample data to Macie

Now, I’ll log into the Macie console and add the newly created sample data buckets for analysis by Macie.

Note: If you don’t explicitly specify a bucket for S3 targets in CloudFormation, AMG will use the S3 bucket that’s created by default for the stack, which will be printed out in the CloudFormation stack’s output.

To add buckets for data classification, follow these steps:

Log in to Amazon Macie.
Select Integrations, and then select Services.
Select your account, and then select Details from the Amazon S3 card.
Select your newly created buckets for Full classification, including existing data.

For additional details on configuring Macie, refer to our getting started documentation.

Macie classifies all historical and newly created data in the buckets created by AMG, and the data will be available in the Macie console as it’s classified. Typically, you can expect the data in the sample set to be classified within 60 minutes of the time it was selected for analysis.

Classifying objects with Macie

To see the objects in your test sample set, in Macie, open the Research tab, and then select the S3 Objects index. We’ll use the regular expression search capability in Macie to find any objects written to buckets that start with “amazon-macie-activity-generator-defaults3bucket”. To search for this, type the following text into the Macie search box and select the magnifying glass icon.

filesystem_metadata.bucket:/amazon-macie-activity-generator-defaults3bucket.*/

From here, you can see a nice breakdown of the kinds of objects that have been classified by Macie, as well as the object-specific details. Create an advanced search using Lucene Query Syntax, and save it as an alert to be matched against any newly created data.

Analyzing accesses to your test data

In addition to classifying data, Macie tracks all control plane and data plane accesses to your content using CloudTrail. To see accesses to your generated environment (created periodically by AMG to mimic user activity), on the Macie navigation bar, select Research, select the CloudTrail data index, and then use the following search to identify our generated role activity:

sessionName.key:/amazon-macie-activity-generator-LambdaFunction-.*/

From this search, you can dive into the user activity (IAM users, assumed roles, federated users, and so on), which is summarized in 5-minute aggregations (user sessions). For example, in the screen shot you can see that one of our AMG-generated users listed objects one time (ListObjects) and wrote 56 objects to S3 (PutObject) during a 5-minute period.

Macie alerts

Macie features both predictive (machine learning-based) and basic (rule-based) alerts, including alerts on unencrypted credentials being uploaded to S3 (because this activity might not follow compliance best practices), risky activity such as data exfiltration, and user-defined alerts that are based on saved searches. To see alerts that have been generated based on AMG‘s activity, on the Macie navigation bar, select Alerts.

AMG will continue to run, periodically uploading content to the specified S3 buckets. To stop AMG, delete the AMG CloudFormation stack and associated resources here.

What are the costs?

Macie has a free tier enabling up to 1GB of content to be analyzed per month at no cost to you. By default, AMG will write approximately 10MB of objects to Amazon S3 per day, and you will incur charges for data classification after crossing the 1GB monthly free tier. Running continuously, AMG will generate about 310MB of content per month (10MB/day x 31 days), which will stay below the free tier. Any data use above 1GB will be billed at the Macie public price of $5/GB. For more detail, see the Macie pricing documentation.

If you have feedback about this blog post, submit comments in the Comments section below. If you have questions about this blog post, start a new thread on the Amazon Macie forum or contact AWS Support.

Facebook and Cambridge Analytica

2018-03-29 Bruce Schneier

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/03/facebook_and_ca.html

In the wake of the Cambridge Analytica scandal, news articles and commentators have focused on what Facebook knows about us. A lot, it turns out. It collects data from our posts, our likes, our photos, things we type and delete without posting, and things we do while not on Facebook and even when we’re offline. It buys data about us from others. And it can infer even more: our sexual orientation, political beliefs, relationship status, drug use, and other personality traits — even if we didn’t take the personality test that Cambridge Analytica developed.

But for every article about Facebook’s creepy stalker behavior, thousands of other companies are breathing a collective sigh of relief that it’s Facebook and not them in the spotlight. Because while Facebook is one of the biggest players in this space, there are thousands of other companies that spy on and manipulate us for profit.

Harvard Business School professor Shoshana Zuboff calls it “surveillance capitalism.” And as creepy as Facebook is turning out to be, the entire industry is far creepier. It has existed in secret far too long, and it’s up to lawmakers to force these companies into the public spotlight, where we can all decide if this is how we want society to operate and — if not — what to do about it.

There are 2,500 to 4,000 data brokers in the United States whose business is buying and selling our personal data. Last year, Equifax was in the news when hackers stole personal information on 150 million people, including Social Security numbers, birth dates, addresses, and driver’s license numbers.

You certainly didn’t give it permission to collect any of that information. Equifax is one of those thousands of data brokers, most of them you’ve never heard of, selling your personal information without your knowledge or consent to pretty much anyone who will pay for it.

Surveillance capitalism takes this one step further. Companies like Facebook and Google offer you free services in exchange for your data. Google’s surveillance isn’t in the news, but it’s startlingly intimate. We never lie to our search engines. Our interests and curiosities, hopes and fears, desires and sexual proclivities, are all collected and saved. Add to that the websites we visit that Google tracks through its advertising network, our Gmail accounts, our movements via Google Maps, and what it can collect from our smartphones.

That phone is probably the most intimate surveillance device ever invented. It tracks our location continuously, so it knows where we live, where we work, and where we spend our time. It’s the first and last thing we check in a day, so it knows when we wake up and when we go to sleep. We all have one, so it knows who we sleep with. Uber used just some of that information to detect one-night stands; your smartphone provider and any app you allow to collect location data knows a lot more.

Surveillance capitalism drives much of the internet. It’s behind most of the “free” services, and many of the paid ones as well. Its goal is psychological manipulation, in the form of personalized advertising to persuade you to buy something or do something, like vote for a candidate. And while the individualized profile-driven manipulation exposed by Cambridge Analytica feels abhorrent, it’s really no different from what every company wants in the end. This is why all your personal information is collected, and this is why it is so valuable. Companies that can understand it can use it against you.

None of this is new. The media has been reporting on surveillance capitalism for years. In 2015, I wrote a book about it. Back in 2010, the Wall Street Journal published an award-winning two-year series about how people are tracked both online and offline, titled “What They Know.”

Surveillance capitalism is deeply embedded in our increasingly computerized society, and if the extent of it came to light there would be broad demands for limits and regulation. But because this industry can largely operate in secret, only occasionally exposed after a data breach or investigative report, we remain mostly ignorant of its reach.

This might change soon. In 2016, the European Union passed the comprehensive General Data Protection Regulation, or GDPR. The details of the law are far too complex to explain here, but some of the things it mandates are that personal data of EU citizens can only be collected and saved for “specific, explicit, and legitimate purposes,” and only with explicit consent of the user. Consent can’t be buried in the terms and conditions, nor can it be assumed unless the user opts in. This law will take effect in May, and companies worldwide are bracing for its enforcement.

Because pretty much all surveillance capitalism companies collect data on Europeans, this will expose the industry like nothing else. Here’s just one example. In preparation for this law, PayPal quietly published a list of over 600 companies it might share your personal data with. What will it be like when every company has to publish this sort of information, and explicitly explain how it’s using your personal data? We’re about to find out.

In the wake of this scandal, even Mark Zuckerberg said that his industry probably should be regulated, although he’s certainly not wishing for the sorts of comprehensive regulation the GDPR is bringing to Europe.

He’s right. Surveillance capitalism has operated without constraints for far too long. And advances in both big data analysis and artificial intelligence will make tomorrow’s applications far creepier than today’s. Regulation is the only answer.

The first step to any regulation is transparency. Who has our data? Is it accurate? What are they doing with it? Who are they selling it to? How are they securing it? Can we delete it? I don’t see any hope of Congress passing a GDPR-like data protection law anytime soon, but it’s not too far-fetched to demand laws requiring these companies to be more transparent in what they’re doing.

One of the responses to the Cambridge Analytica scandal is that people are deleting their Facebook accounts. It’s hard to do right, and doesn’t do anything about the data that Facebook collects about people who don’t use Facebook. But it’s a start. The market can put pressure on these companies to reduce their spying on us, but it can only do that if we force the industry out of its secret shadows.

This essay previously appeared on CNN.com.

EDITED TO ADD (4/2): Slashdot thread.

Spotify’s Two Million Unauthorized Users Hammered Google For Alternatives

2018-03-26 Andy

Post Syndicated from Andy original https://torrentfreak.com/spotifys-two-million-unauthorized-users-hammered-google-for-alternatives-180326/

It is now common knowledge that Spotify launched its service more than a decade ago with the aim of attracting pirates.

With the disruption of The Pirate Bay ringing in the music industry’s ears, Spotify set out to capture the hearts and minds of music fans, particularly those with an aversion to paying.

Although it is yet to turn a profit, there can be little doubt that Spotify is a rampant success, at least as far as user numbers go. With premium and ad-supported free tiers available, the service is superbly accessible, no matter the depth of one’s pockets.

Naturally, those who pay get a better and smoother service so it’s no surprise that many free tier users aspire to that level of access. But while some pay the extra, others prefer to hack their way to music utopia.

How many people were accessing Spotify’s service using mainly hacked Android APK files has remained a mystery, but late last week, as part of the company’s IPO, Spotify dropped the bombshell.

“On March 21, 2018, we detected instances of approximately two million users as of December 31, 2017, who have been suppressing advertisements without payment,” Spotify wrote.

“We previously included such users in calculations for certain of our key performance indicators, including MAUs [Monthly Active Users], Ad-Supported Users, Content Hours, and Content Hours per MAU.”

Two million users is hardly an insignificant number and it appears Spotify felt the need to disclose them since up to January 1, 2017, the company had been including these users in its accounting. A couple of million users on the free tier is great, but not if they’re riding ad-free and therefore less likely to upgrade to premium, the suggestion goes.

Earlier this month, with its IPO process underway, Spotify clearly had these freeloading users on its mind. As previously reported, the company started to send out emails to people using hacked installation files, largely on Android, putting them on notice that their activities were not going unnoticed.

“We detected abnormal activity on the app you are using so we have disabled it. Don’t worry – your Spotify account is safe,” the email from Spotify said.

“To access your Spotify account, simply uninstall any unauthorized or modified version of Spotify and download and install the Spotify app from the official Google Play Store. If you need more help, please see our support article on Reinstalling Spotify.”

At the time it became apparent that this email had gone out to a large number of people, with significant volumes of users reporting problems with their accounts. It also seemed to target users fairly methodically, in that some countries’ users retained access while others suffered, only to be hit later on as more and more waves were sent out.

As the chart below from Google Trends shows, it appears that Spotify began taking action on March 1, which drove people to start searching for Spotify APK files that were still working.

By March 3, search volumes had doubled on the index and on March 7, Google searches for ‘Spotify APK’ reached a dramatic peak never before witnessed in the history of the search term. That’s quite an achievement given how many people use these pieces of software.

No prizes for guessing when Spotify got tough….

But after a flurry of activity, on March 22 search volumes were back down to March 3 levels, which is quite interesting in itself.

Although various modified APKs are still managing to evade Spotify’s ban, there doesn’t seem to be a dominant modified client proving popular enough to stop hundreds of thousands of people from continuing to search for an APK solution. So, presuming these ‘banned’ people still want the music offered by Spotify, where have they gone?

Aside from those using the APKs that have slipped through the net, reports suggest others have migrated to Deezer downloading solutions, which are also being targeted by Deezer. Others are using tools to convert their Spotify playlists to use with other pirate services or even YouTube.

The big question then is whether hitting the ban button to potentially eject up to two million users has resulted in a net positive for Spotify?

There’s no doubt it lowered the bandwidth bill for the growing company but how many former freeloaders traded the pirate high seas for an ad-supported account or even the premium service? Only Spotify has the numbers, and it won’t be sharing those yet – if ever.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Google Should Begin Delisting Pirate Sites, Aussie Rightsholders Say

2018-03-22 Andy

Post Syndicated from Andy original https://torrentfreak.com/google-should-begin-delisting-pirate-sites-aussie-rightsholders-say-180322/

After being passed almost three years ago, in February the Australian government announced a review of its pirate site-blocking laws.

The Department of Communications asked for feedback on the effectiveness of the mechanism, from initial injunction application through to website blocking and, crucially, whether further amendments are required.

“The Department welcomes single, consolidated submissions from organizations or parties, capturing all views on the Copyright Amendment (Online Infringement) Act 2015 (Online Infringement Amendment) [pdf],” the consultation paper began.

Several responses from interested groups have been filed with the government and unsurprisingly, most come from entertainment industry groups seeking to expand on what has been achieved so far.

The most aggressive submissions come from the two companies that have made the most use of the blocking scheme so far – movie group Village Roadshow and TV provider Foxtel. Together the companies have had dozens of sites blocked in Australia by local ISPs but now they want the blocking regime expanded to online service platforms too.

Indeed, in the Roadshow and Foxtel submissions combined, Google is mentioned no less than 29 times as being part of the piracy problem Down Under.

“Village Roadshow strongly supported the original site blocking legislation and now we strongly support strengthening it,” Village Roadshow co-chief Graham Burke writes.

“With all major pirate sites blocked in Australia, the front door of the department store is shut. However, pirates, facilitated by Google and other search engines, are circumventing Australian Laws and Courts and opening a huge back door. Australia needs the power to require Google and other search engines to take reasonable steps to stop facilitating searches which lead to pirate sites.”

Burke goes on to criticize Google’s business model, which pushes tens of millions of people “searching for stolen goods” to pirate sites that hit them with “rogue advertising including illegal gambling, drugs, sex aids and prostitution.”

In a nutshell, the Village Roadshow co-chief suggests that Google’s business model involves profiting from knowingly leading consumers to illegal locations where they are ultimately ripped off.

“The analogy for Google is a Westfield Shopping Centre knowing they are getting big traffic to the center from a store that is using stolen goods to lure people and then robbing them!” he writes.

This anti-Google rant heads in a predictable direction. At the moment, Australia’s site-blocking regime only applies to ‘carriage service providers’, the home ISPs we all use. Village Roadshow wants that provision expanded to include ‘intermediary service providers’, which covers search engines, social media, and other types of internet intermediaries.

“Apart from ISP’s, many intermediaries are able to meaningfully impact traffic to infringing sites, and in fact, can and are currently used by pirates to find new locations and proxies to circumvent the ISP blocks,” Burke adds.

In other words, when served with an injunction, companies like Google and Facebook should delist results that lead people to pirate sites. This position is also championed by Foxtel, which points to a voluntary arrangement in the UK between search engines and the entertainment industries.

Under this anti-piracy code introduced last year, search engines agreed to further optimize their algorithms and processes to demote pirated content in search results. The aim is to make infringing content less visible and at a faster rate. At the same time, legal alternatives should be easier to find.

But like Village Roadshow, Foxtel doesn’t appear to be content with demotion – blocking and delisting is the aim.

“Foxtel strongly believes that extending the site blocking powers to search engines so that they must remove copyright infringing sites from search results would have a substantial impact on reducing piracy in Australia,” the company says.

“Search engines already remove URLs from site indexes to comply with local laws and product community standards and therefore, technologically Foxtel understands it would be a relatively simple exercise for search engines to comply with Australian blocking orders.”

Both Foxtel and Roadshow agree in other areas too. Currently, Australia’s site-blocking provisions apply to “online locations” situated outside Australia’s borders but both companies see a need for that restriction to be removed.

Neither company can understand why local pirate sites can’t be handled in the same way as those based overseas, with Foxtel arguing that proving an overseas element can be a costly process.

“Applicants must review individual domain locations and IP addresses and put on evidence relating to these matters to ensure that the location of the sites is established. This evidence, which we consider to be unnecessary, is produced at significant time and cost, all of which is borne by the rights holders,” Foxtel says.

While none of the above is particularly new in the global scheme of things, it’s interesting to note that even when agreements are reached and new legislation is formed, rightsholders always keep pushing for more.

That’s clearly highlighted in the Foxtel submission when the company says that the threshold for determining a pirate site should be lowered. Currently, a site must have a “primary purpose” to “infringe, or to facilitate the infringement” of copyright. Foxtel sees this as being too high.

In order to encompass general hosting sites that may also carry large quantities of infringing content, it would like to remove the term “primary purpose” and replace it with “substantial purpose or effect.” Given the recent criticisms leveled at Google and particularly YouTube for the infringing content it hosts, that request could prove difficult to push through.

Foxtel also sees a need to better tackle live streaming. In the UK, injunctions obtained by the Premier League and UEFA last year allow pirated live sports streams to be blocked in real-time. Although the injunctions are overseen by the courts, on a practical level the process is carried out between rightsholders and compliant ISPs.

Foxtel believes that Australia needs something similar.

“For site blocking to be effective in Australia in respect of live sport streaming sites which frequently change location, Foxtel anticipates that a similar process will ultimately be required to be implemented,” the company notes.

With the consultation process now over, dissenting submissions are in the minority. The most notable come from the Pirate Party (pdf) and Digital Rights Watch (pdf) although both are likely to be drowned out by the voices of rightsholders.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Which VPN Services Keep You Anonymous in 2018?

2018-03-04 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/vpn-services-keep-anonymous-2018/

Using a VPN service is a great way to protect your privacy online.

However, not all VPN services are as private as you might think. In fact, some are known to keep extensive logs that can easily identify specific users on their network.

This is the main reason why we publish a yearly VPN review, asking providers about their respective logging policies as well as other security and privacy aspects.

It’s worth keeping in mind though that not all VPN protocols and encryption algorithms are equally secure. PPTP is known to be vulnerable for example, and pre-shared keys are also a risk. We ask all VPN providers what their best recommendation is, but we encourage readers to fully research all options.

This year’s questions are as follows:

1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?

2. What is the name under which your company is incorporated, and under which jurisdiction does your company operate?

3. What tools are used to monitor and mitigate abuse of your service, including limits of concurrent connections if these are enforced?

4. Do you use any external email providers (e.g. Google Apps), analytics, or support tools ( e.g Live support, Zendesk) that hold information provided by users?

5. In the event you receive a DMCA takedown notice or a non-US equivalent, how are these handled?

6. What steps are taken when a court orders your company to identify an active or past user of your service? How would your company respond to a court order that requires you to log activity going forward? Has any of this ever happened?

7. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?

8. Which payment systems/providers do you use? Do you take any measures to ensure that payment details can’t be linked to account usage or IP-assignments?

9. What is the most secure VPN connection and encryption algorithm you would recommend to your users?

10. Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?

11. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Do you use your own DNS servers? (if not, which servers do you use?)

12. What countries are your servers physically located? Do you offer virtual locations?

—-

Below is the list of responses from the VPN services in their own words. These are not endorsements and trust is crucial. Providers which didn’t answer our questions directly, blocked certain traffic, or are logging extensively were excluded. We specifically chose to leave room for detailed answers where needed. The order of the list holds no value.

—

Private Internet Access

1. We do not store any logs relating to traffic, session, DNS or metadata. We do not keep any logs for any person or entity to match an IP address and a timestamp to a user of our service. In other words, we do not log, period. Privacy is our policy.

2. Private Internet Access is operated by London Trust Media, Inc., with branches in the US and Iceland, which are a few of the countries that still respect privacy and do not have a mandatory data retention policy.

3. We have an active, proprietary system in place to help mitigate abuse.

4. At the moment we are using Google Apps Suite and Zendesk. However, we are in the process of migrating our support to Deskpro, an in-house self-hosted solution.

5. We do not monitor our users, and we keep no logs, period. That said, we do have an active, proprietary system in place to help mitigate abuse.

6. Every court order is scrutinized to the highest extent for compliance with both the “spirit” and “letter of the law.” We do periodically receive subpoenas from law enforcement agencies that we scrutinize for compliance and respond accordingly. This is all driven based upon our commitment to privacy. All this being said, we do not log and do not have any data on our customers other than their signup e-mail and account username.

7. Yes, BitTorrent and file-sharing traffic are allowed and treated equally to all other traffic (although it’s routed through a second VPN in some cases). We do not censor our traffic because we believe in an open internet, period.

8. We utilize a variety of payment systems, including, but not limited to: PayPal, Credit Card (with Stripe), Amazon, Google, Bitcoin, Bitcoin Cash, Zcash, CashU, PaymentWall, and any major store-bought gift card and OKPay. Payment data is not linked nor linkable to user activity do to our no logs policy.

9. At the moment, the most secure and practical VPN connection and encryption algorithm that we recommend to our users would be our cipher suite of AES-256 + RSA4096 + SHA256.

10. Yes, our users gain access to a plethora of additional tools, including but not limited to:

(a) Kill Switch: Ensures that traffic is routed through the VPN such that if the VPN connection is unexpectedly terminated, the traffic will not route.
(b) IPv6 Leak Protection: Protects clients from websites which may include IPv6 embeds, which could lead to IPv6 IP information coming out.
(c) DNS Leak Protection: This is built-in and ensures that DNS requests are made through the VPN on a safe, private, no-log DNS daemon.
(d) Shared IP System: We mix clients’ traffic with many other clients’ traffic through the use of an anonymous shared-IP system ensuring that our users blend in with the crowd.
(e) MACE™: Protects users from malware, trackers, and ads.

11. We utilize our own bare metal servers in third-party data centers that are operated by trusted friends and, now, business partners whom we have met and on which we have completed serious due diligence. Our servers are located in facilities including 100TB, Choopa, Leaseweb, among others.

We also operate our own DNS servers on our high throughput network. These servers are private and do not log.

12. As of the beginning of 2018, we operate 3172 servers across 43 locations in 28 countries. For more information on what countries are available, please visit our network information page. All of our locations are physical and not virtualized.

Private Internet Access website

NordVPN

1. We do not keep any logs nor timestamps that could allow our customers to be identified.

2. The registered company name is Tefincom co S.A., and it operates under the jurisdiction of Panama.

3.We have developed and implemented an automated tool that limits the maximum number of connections to six devices. We do not use any other tools.

4. We use Google Analytics and third-party ticket/live chat tools (Zendesk/Zopim). Google Analytics is used to improve our website and provide our users with the most relevant information. The ticket/live chat tool is used to provide the best support in the industry (available 24/7), but not tracking our users by any means.

5. We operate under Panama’s jurisdiction, where DMCA and similar orders have no legal bearing. Therefore, they do not apply to us.

6. If the order or subpoena is issued by a Panamanian court, we would have to provide the information if we had any. However, our zero-log policy means that we don’t have any information about our users’ online activity. So far, we haven’t had any such cases.

7. Yes, we allow P2P traffic. We have optimized a number of our servers specifically for file-sharing; this way, we ensure that other servers, which are meant for streaming and other purposes, have uninterrupted speeds.

8. Our customers are able to pay via credit card, PayPal and Bitcoin. Our payment processing partners collect basic billing information for payment processing and refund requests, but it cannot be related to any Internet activity of a particular customer. Bitcoin is the most anonymous option, as it does not link the payment details with the user identity or other personal information.

9. The ciphers we use along with the OpenVPN and IKEv2/IPSec protocols have never been cracked. Therefore, both of these protocols are highly secure. For OpenVPN connection, we use the AES 256 CBC algorithm. IKEv2/IPSec ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys.

10. Yes, we do provide both an automatic kill switch and a feature for DNS leak protection.

11. We use a hybrid model, whereby we control some of our servers but also partner with premium data centers with strong security practices. Due to our special server configuration, no one is able to collect or retain any data, ensuring compliance with our no-logs policy. We also have specific requirements for network providers to ensure highest service quality for our customers. We do have our own DNS servers, and all DNS requests go through those.

12. All of our servers are dedicated and located in the same countries we state they are – we do not offer virtual locations. At the moment, NordVPN provides more than 3000 servers in 59 countries. Full location list can be found at nordvpn.com/servers.

NordVPN website

ExpressVPN

1. No, ExpressVPN doesn’t keep any connection or activity logs, including never logging browsing history, data contents, DNS requests, timestamps, source IPs, outgoing IPs, or destination IPs. This ensures that we cannot ascertain whether a given user was connected to the VPN at a certain time, assumed a particular outgoing IP address, or generated any specific network activity. It is not possible to match a user to data points that we never possess.

2. Express VPN International Ltd. is a BVI (British Virgin Islands) company. Being under BVI jurisdiction helps to protect user privacy, as the BVI has no data retention laws, is not party to any 14 Eyes intelligence sharing agreements, and has a dual criminality provision that safeguards against legal overreach.

3. To protect our customers’ privacy, we do not monitor or log any user activity on our network. We do however reserve the right to block specific abusive traffic to protect the server network and other ExpressVPN customers. With regards to limits on the number of devices simultaneously connected, no timestamps or IP addresses are ever logged; our systems are merely able to identify how many active sessions a given license has at a given moment in time and use that counter to decide whether a license is allowed to create one additional session. This counter is temporary and is not tracked over time.

4. We use Zendesk for support tickets and SnapEngage for live chat support; we have assessed the security profiles of both and consider them to be secure platforms. We use Google Analytics and cookies to collect marketing metrics for our website and several externals tools for collecting crash reports (a setting that can be switched off in any of our apps). ExpressVPN is committed to protecting the privacy of our users, and our practices are discussed in detail in our comprehensive Privacy Policy.

5. As we do not keep any data or logs that could link specific activity to a given user, ExpressVPN does not identify or report users as a result of DMCA notices. User privacy and anonymity are always preserved.

6. Legally our company is only bound to respect subpoenas and court orders when they originate from the British Virgin Islands government or in conjunction with BVI authorities via a mutual legal assistance treaty. As a general rule, we reply to law enforcement inquiries by informing the investigator that we do not possess any data that could link activity or IP addresses to a specific user. Regarding a demand that we log activity going forward: Were BVI law enforcement ever to make such a request, we would refuse to re-engineer our systems in a way that infringes on the privacy protections that our customers trust us to uphold.

7. We do not believe in restricting or censoring any type of traffic. ExpressVPN allows all traffic, including BitTorrent and other file-sharing traffic (without re-routing), from all of our VPN servers.

8. ExpressVPN accepts all major credit cards, PayPal, and a large number of local payment options. We also accept Bitcoin, which we recommend for those who seek maximum privacy with relation to their form of payment. As we do not log user activity, IP addresses, or timestamps, there is no way for ExpressVPN or any external party to link payment details entered on our website with any VPN activities.

9. ExpressVPN apps generally default to our recommended protocol for security and performance: OpenVPN UDP. Our apps use a 4096-bit CA, AES-256-CBC encryption, TLSv1.2, and SHA512 signatures to authenticate our servers.

10. Yes, ExpressVPN protects users from privacy and security leaks in a number of ways (for more info about leak protection, see our Privacy Research Lab). Our “Network Lock” feature, which is turned on by default, prevents all types of traffic including IPv4, IPv6, and DNS from leaking outside of the VPN, such as when your internet connection drops or in various additional scenarios where other VPNs might leak.

11. Our VPN servers are hosted in trusted data centers with strong security practices. The data center employees do not have server credentials, and the server disks are fully encrypted to mitigate risks from physical seizure. Our policy of not collecting activity or connection logs also means that servers do not contain any data that could map users to specific activity.

We run our own logless DNS on every server, meaning no personally identifiable data is ever stored. We do not use third-party DNS.

12. ExpressVPN has over 2,000 servers covering 94 countries. For more than 97% of these servers, the physical server and the associated IP addresses are located in the same country — a physical footprint covering every continent save Antarctica, ensuring there are server locations near all users.

For countries where it is difficult to find servers that meet ExpressVPN’s rigorous standards for server security, reliability, and speed, we use virtual locations to still make it possible for users to assume IP addresses from those countries. These locations represent less than 3% of ExpressVPN’s server count, and the specific countries are published on our website here.

ExpressVPN website

Ipredator

1. No logs are retained that would allow the correlation of the user’s IP address to a VPN address. The session database does not include the origin IP address of the user. Once a connection has been terminated the session information is deleted from the session database.

2. The name of the company is PrivActually Ltd which operates out of Cyprus.

3. Real abuse is mitigated by meatware [humans]. User traffic is not monitored or inspected in any way. TCP/IP sessions are not limited individually, but by server, to 10 million established connections. Packet floods are dealt with by using adaptive packet rate limiters at the switch port level and kick in at 90k pps. The number of concurrent connections is limited by the VPN backend software.

4. There is no visitor tracking mechanism, not even passive ones analyzing the web server logs. IPredator runs its own mail infrastructure and does not use third party products like GMail. Neither do we use data hogs like a ticket system to manage support requests. IPredator sticks to a simple mail system and deletes old data after three months from the mailboxes.

5. Requests are evaluated according to the legal frameworks set forth in the jurisdictions the service operates in and we react accordingly. After receiving a request its validity is verified. DMCA takedown abuse using fake credentials seems to be all the rage these days.

6. A canary is maintained to indicate the current legal state of affairs. In case of a court order that forces us to enable log activity we would rather shut down the service than comply.

7. BitTorrent and other file-sharing traffic is allowed.

8. PayPal, Bitcoins, Payza, and Payson are fully integrated. Other payment methods are available on request. An internal transaction ID is used to link payments to the payment processor. We do not store any other data about payments associated with the user’s account. The systems dealing with payments have no connection to the part of the infrastructure that handles VPN connections. Frontend proxies are used to make sure user IP addresses do not show up in any of the backend systems.

9. IPredator provides config files for various platforms and clients that enforce TLS1.2 on supported systems. Ideally, the client negotiates ECDHE-RSA-AES256-GCM as a suite for the control and AES256 for the data channel. For further protection, detailed setup instructions and howtos are provided to our users.

10. Netsplice, IPredator’s cross-platform VPN client, has native support for various types of kill switches. You can kill a program, just put it to sleep, shutdown your machine or wipe your hard disk … it is up to you. Users can use this page to check for a number of leaks, not just DNS leaks.

11. We own every server, switch, and cable we use to provide the VPN service up to our uplink network. The machines are located in Sweden due to the laws that allow us to run our service in a privacy-protecting manner. If the situation should change we are able to move operations to a different country. The core for any privacy service is trust in the integrity of the underlying infrastructure. Everything else has to build upon that, which includes the DNS servers.

12. Sweden.

Ipredator website

TorGuard

1. No logs or timestamps are kept whatsoever. TorGuard does not store any traffic logs or user session data on our network. In addition to a strict no logging policy we run a default shared IP configuration across all servers. Because there are no logs kept and multiple users sharing a single IP address, it is not possible to match any user with an IP and time stamp.

2. TorGuard is owned and operated by VPNetworks LLC under US jurisdiction, with our parent company VPNetworks LTD, LLC based in Nevis.

3. We utilize a number of highly customized scripts to monitor network performance and limit simultaneous connections through a radius-based authentication server.

4. We use anonymized Google Analytics data to optimize our website and Sendgrid for transactional email. TorGuard’s 24/7 live chat services are provided through Livechatinc’s platform. Customer support desk requests are maintained by TorGuard’s own private ticketing system.

5. In the event a valid DMCA notice is received it is immediately processed by our abuse team. Due to our no log and no time stamp policy and shared IP network – we are unable to forward any requests to a single user.

6. If a court order is received, it is first handled by our legal team and examined for validity in our jurisdiction. Should it be deemed valid, our legal representation would be forced to further explain the nature of our shared IP network configuration and the fact that we do not hold any identifying logs or time stamps. TorGuard’s network was designed to operate with minimum server resources and is not physically capable of retaining such logs. There is no on/off switch to log activity so it would be impossible to comply with such a request. No, this has never happened.

7. Yes, BitTorrent and all P2P traffic is allowed. By default we do not block, re-route, or limit any types of traffic across our network.

8. We currently offer over 200 different payment options. This includes all forms of credit card, PayPal, Bitcoin, cryptocurrency (e.g. Litecoin, Ethereum, Monero + many more), Alipay, WeChat Pay, UnionPay, 100+ Gift Card brands, and many other worldwide local payment options. No user can be linked back to account usage or IP assignments because we maintain zero logs across our network.

9. For best security, we advise clients to use OpenVPN and select the cipher option AES-256-GCM, with 4096bit RSA and SHA512 HMAC. We use TLS 1.2 on all servers with perfect forward secrecy enabled. For faster speeds and “obfuscated” Stealth VPN access, we suggest using OpenConnect SSL VPN with cipher option AES-256-GCM. TorGuard offers a wide range of VPN protocols, including OpenVPN, iKEV2, IPsec, SSTP, OpenConnect/AnyConnect, Stunnel, and Shadowsocks.

10. TorGuard’s VPN software provides strict security features by automatically disabling IPv6 and blocking any potential DNS or WebRTC leaks. We offer a full connection kill-switch that safeguards your VPN traffic against accidental disconnects and can hard kill your interfaces if needed, and an application kill-switch that can terminate specific apps if the VPN connection is interrupted for additional safety.

11. We retain full physical control over all hardware and only seek partnerships with data centers who can meet our strict security criteria. All servers are deployed and managed exclusively by TorGuard staff. By default, the TorGuard VPN app uses private no log DNS on each VPN endpoint. The TG also app allows clients to modify their VPN session with a custom DNS entry of their choosing.

12. TorGuard currently maintains thousands of servers in over 55 countries around the world, and we continue to expand the network each month. All servers are physically located in the stated country of origin and we do not use any virtual locations.

TorGuard website

AzireVPN

1. No, we do not record or store any logs related to our services. No traffic, user activity, timestamps, IP addresses, number of active and total sessions, DNS requests, or any other kind of logs are stored. System logs are disabled. Anonymity of our users is very important to us as described in our Terms of Service.

2. The registered company name is Netbouncer AB and we operate under Swedish jurisdiction where there are no data retention laws that apply to VPN providers.

3. Our servers are running using Blind Operator mode which means we took extra security steps to ensure that we cannot monitor any traffic at all. Abuses like incoming DDoS attacks are usually mitigated with UDP filtering on the source port used by an attacker.

4. No, we do not rely on and refuse to use external third-party systems. We run our own email infrastructure and encourage people to use PGP encryption. Ticketing support system, website analytics (Piwik, with anonymization settings) and other tools are hosted in-house on open-source software. We have plans to replace some of these tools by solutions developed by ourselves.

5. We politely inform the sender party that we do not keep any logs and are unable to identify a user.

6. In the case that a valid court order is issued, we will inform the other party that we are unable to identify an active user or past user of our service while running as a Blind Operator, which is preventing live analysis of traffic. In that case, they would probably force us to handover physical access to the server, which is fine since they would have to reboot to gain any kind of access, and since we are running diskless in RAM – all data will be lost. So far, we have never received any court order and no personal information has ever been given away.

7. Yes, BitTorrent, peer-to-peer and file-sharing traffic is allowed and treated equally to any other traffic on all of our locations. We strongly believe in net neutrality.

8. As of now, we propose a variety of payments options including anonymous methods such as Bitcoin, Bitcoin Cash, Litecoin, Monero, Ethereum and some other cryptocurrencies (through CoinPayments) and cash money via postal mail. We also offer PayPal, credit cards (VISA, MasterCard and American Express through Paymentwall) and Swish. We do not store sensitive payment information on our servers, we only retain an internal reference code for order confirmation.

9. We recommend our users to use our new WireGuard servers available on Linux, some routers (LEDE/OpenWRT), and soon on Android.
– Data channel cipher: CHACHA20 with POLY1305 for authentication and data integrity
– Authenticated key exchange: Noise Protocol Framework’s Noise_IKpsk2, using Curve25519, Blake2s, and CHACHA20-POLY1305, a formally verified
construction.

Otherwise, we recommend OpenVPN with default configuration available in UDP and TCP modes. These settings offer the highest grade of security achieved through OpenVPN on all of our servers:
– Data channel cipher: AES-256-GCM (OpenVPN 2.4) or AES-256-CBC with HMAC-512 for authentication and data integrity (OpenVPN 2.3)
– Control channel cipher: TLS v1.2 using TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 (AEAD)
– Authenticated key exchange: Diffie-Hellman method and Perfect Forward Secrecy (DHE) using a RSA key with a 4096 bit key size, re-keying every 120 minutes (can be lowered)
– Additional auth key: RSA with a 2048 bit key size
– Additional crypt key: RSA with a 2048 bit key size

10. We offer a new custom open-source VPN application called azclient, for all desktop platforms (Windows, macOS and Linux), with source code released on Github under the GPLv2 license, currently supporting OpenVPN. Our client is developed by a security expert and designed with ease of installation and use in mind, allowing users to connect to the VPN servers with only a few clicks. We plan to add a kill switch and DNS leak protection features to the client in the future.

11. We physically own all of our hardware, in all of our locations, including bare metal dedicated servers and switches, co-located in closed racks on different data centers around the world meeting our strict security criteria, using network dedicated links and carefully chosen providers for maximum network quality and throughput. We host our own non-logging DNS servers in different locations and provide DNSCrypt support for DNS requests encryption.

12. As of now, we operate across five locations including Canada, Spain, Sweden, United Kingdom and the United States. Moldova is planned later this
year, as indicated on our roadmap. There are no virtual locations.

AzireVPN website

HideIPVPN

1. Currently, we store no logs related to any IP address. There is no way for any third-party to match a user IP to any specific activity on the internet.

2. Registered name of the company is Server Management LLC and we operate under US jurisdiction.

3. A single subscription can be used simultaneously for three connections. Abuses of service usually means using non-P2P servers for torrents or DMCA notices. Also, our no-log policy makes it impossible to track who downloaded/uploaded any data from the internet using our VPN. We use iptables plugin to block P2P traffic on servers where P2P is not explicitly allowed. We block outgoing mail on port 25 to prevent spamming activity.

4. We use live chat provided by tawk.to and Google Apps for incoming email. For outgoing email we use our own SMTP server.

5. Since no information is stored on any of our servers there is nothing that we can take down. We reply to the datacenter or copyright holder that we do not log our users’ traffic and we use shared IP-addresses, which makes it impossible to track who downloaded any data from the internet using our VPN.

6. HideIPVPN may disclose information, including but not limited to, information concerning a client, in order to comply with a court order, subpoena, summons, discovery request, warrant, statute, regulation, or governmental request. But due to the fact that we have a no-logs policy and we use Shared IPs, there won’t be anything to disclose excepting billing details. This has never happened before.

7. This type of traffic is welcomed on our German (DE VPN), Dutch (NL VPN), Luxembourg (LU VPN) and Lithuanian (LT VPN) servers. It is not allowed on US, UK, Canada, Poland, Singapore and French servers as stated in our TOS – the reason for this is our agreements with data centers. We also have specific VPN plan for torrents.

8. Currently, HideIPVPN accepts following methods: PayPal, Bitcoin, Credit & Debit cards, JCB, American Express, Diners Club International, Discover. All our clients billing details are stored in WHMCS billing system.

9. SoftEther VPN protocol looks very promising and secure. Users can currently use our VPN applications on Windows and OSX systems.

10. Yes, our free VPN apps have both features built in.

11. We don’t have physical control on our VPN servers. Servers are outsourced in premium data-center with high-quality tier1 networks.

12. At the moment we have VPN servers located in 10 countries – US, UK, Netherlands, Germany, Luxembourg, Lithuania, Canada, Poland, France and Singapore. As you can see number of available locations is steadily growing.

HideIPVPN website

Hide.me

1. No, we don’t keep any logs. We have developed our system with an eye on our customers’ privacy, so we created a distributed VPN cluster with independent public nodes that do not store any customer data or logs at all.

2. Hide.me VPN is operated by eVenture Limited and based in Malaysia with no legal obligation to store any user logs at all.

3. We do not limit or monitor individual connections. To mitigate abuse we deploy general firewall rules on some servers that apply to specific IP ranges. By design, one username can only establish one simultaneous connection.

4. Our landing pages, which are solely used for advertising purposes, include a limited amount of third-party tracking scripts, namely Google Analytics. However, no personal information that could be linked with the VPN usage is shared with these providers. We do not send information that could compromise someone’s security over email.

5. Since we don’t store any logs and/or host copyright infringing material on our services, we’ll reply to these notices accordingly.

6. Although it has never happened, in such a scenario, we won’t be able to entertain the court orders because our infrastructure is built in a way that it does not store any logs and there is no way we could link any particular cyber activity to any particular user. In case we are forced to store user logs, we would prefer to close down rather than putting our users at stake who have put their trust in us.

7. There is no effective way of blocking file-sharing traffic without monitoring our customers which is against our principles and would be even illegal. Usually, we only recommend our customers to avoid the US & UK locations for file-sharing but it is on a self-regulatory basis since these countries have strong anti-copyright laws in place.

8. We support a wide range of popular payment methods, including all major cryptocurrencies like Bitcoin, Litecoin, Ethereum, Dash, Monero, PayPal, Credit Cards and Bank transfer. All payments are handled by external payment providers and are linked to a temporary payment ID. This temporary payment ID can’t be connected to the user’s VPN account/activity. After the payment is completed, the temporary payment ID will be permanently removed from the database.

9. After all, modern VPN protocols that we all support – like IKEv2, OpenVPN and SSTP – are considered secure even after the NSA leaks. We follow cryptographic standards and configured our VPN servers accordingly in order to support a secure key exchange with 8192-bit key size and a strong symmetric encryption (AES-256) for the data transfer.

10. Our users’ privacy is of utmost concern to us. Our Windows client has the features such as Kill Switch, Auto Connect, Auto Reconnect etc which makes sure that the user is always encrypted and anonymous.

11. We operate our own non-logging DNS-servers to protect our customers from DNS hijacking and similar attacks. We operate 30+ server locations in 27 different countries. However we do not own physical hardware. There is intrusion detection and other various security measures in place to ensure the integrity and security of all our single servers. Furthermore, we choose all third-party hosting providers very carefully, so we can assure that there are certain security standards in place (ISO 27001) and no unauthorized person can access our servers. Among our reputable partners are Leaseweb, NFOrce, Equinix and Softlayer.

12. Our servers are located in countries all over the world, among the most popular ones are Canada, Netherlands, Singapore, Germany, Brazil, Mexico and Australia. Below is the complete list of countries, alternatively you can view all available locations here.

Hide.me website

IVPN

1. No, not doing so is fundamental to any privacy service regardless of the security or policies implemented to protect the log data. In addition, it is not within our interest to do so as it would increase our liability and is not required by the laws of any jurisdiction that IVPN operates in.

2. Privatus Limited, Gibraltar.

3. We use a few custom scripts (based on PSAD) to proactively detect and alert malicious activity. From a management perspective, we monitor our network using Zabbix. In the almost 10 years we’ve been operating its safe to say we’ve seen almost everything.

4. No. We made a strategic decision from day one that no company or customer data would ever be stored on 3rd party systems. All our internal services run on our own dedicated servers that we setup, configure and manage. No 3rd parties have access to our servers or data.

5. Our legal department sends a reply stating that we do not store content on our servers and that our VPN servers act only as a conduit for data. In addition, we inform them that we never store the IP addresses of customers connected to our network nor are we legally required to do so.

6. Firstly, this has never happened. However, if asked to identify a customer based on a timestamp and/or IP address then we would reply factually that we do not store this information. If legally compelled to log activity going forward we would do everything in our power to alert the relevant customers directly (or indirectly through our warrant canary).

7. Yes, all file-sharing traffic is permitted and treated equally on all servers. We do encourage customers to use non-USA based exit servers for P2P as any company receiving a large number of DMCA notices is exposing themselves to legal action and our upstream providers have threatened to disconnect our servers in the past.

8. We accept Bitcoin, Cash, PayPal and credit cards. When using cash there is no link to a user account within our system. When using Bitcoin, we store the Bitcoin transaction ID in our system. If you wish to remain anonymous to IVPN you should take the necessary precautions when purchasing Bitcoin. When paying with PayPal or a credit card a token is stored that is used to process recurring payments but this is not linked in anyway to account usage or IP-assignments.

9. We provide RSA-4096 / AES-256-GCM with OpenVPN, which we believe is more than secure enough for our customers’ needs.

10. Yes, the IVPN client offers an advanced VPN firewall that blocks every type of IP leak possible including IPv6, DNS, network failures, WebRTC STUN etc.

11. We use bare metal dedicated servers leased from 3rd party data centers in each country where we have a presence. We install each server using our own custom images and employ full disk encryption to ensure that if a server is ever seized the data is worthless. We also operate an exclusive multi-hop network allowing customers to choose an entry and exit server in different jurisdictions which would make the task of legally gaining access to servers at the same time significantly more difficult. We operate our own network of log free DNS servers that are only accessible to our customers.

12. Please see https://www.ivpn.net/server-locations. We do not offer virtual locations.

IVPN website

Windscribe

1. We don’t keep any logs that can match a user to an IP and timestamp.

2. Windscribe Limited, Ontario (Canada) Corporation.

3. We store the total amount of bytes transferred in a 30 day period. This counter gets reset monthly and there is no historical usage. We block SMTP port 25 to prevent email spamming.

4. Everything is self-hosted including but not limited to email, support desk, and live chat.

5. We notify the sender that the IP address is a VPN node and is shared by hundreds of people at any given moment, so there is no way to trace the activity to any single user.

6. We received multiple subpoenas and court orders requesting subscriber information. Our response was identical to what we send in case of a DMCA related request in every case. We were never ordered to log users (although there were requests), but since we’re in Canada which has no mandatory data retention directives that apply to VPNs, we wouldn’t need to comply.

7. BitTorrent is allowed in all locations as we don’t interfere with the traffic. We request that users don’t do it in Japan and India due to more stringent providers in those regions, but it’s more of a guideline than a rule.

8. Credit cards (Stripe), PayPal, all major cryptocurrencies and various gift cards. As we store no logs of this type, there is nothing to link the payments to.

9. We support OpenVPN and IKEv2. Both are equally secure as we use the strongest encryption possible (GCM-AES-256) with both. We recommend trying IKEv2 first, as it’s faster almost in all cases. If it’s blocked on your network, then you can use OpenVPN which operates on common ports and is a lot harder to block, especially when using Stealth (Stunnel) mode. Our application tries all the protocols automatically and uses the best one for your specific network.

10. Windscribe Firewall is built into our Windows and Mac applications. It blocks all connectivity outside of the tunnel to ensure there is zero chance of any kind of leak, including but not limited to DNS leaks, IPv6 leaks, WebRTC leaks, etc.

A firewall blocks ALL connectivity outside of the tunnel. If the VPN connection drops, there is nothing that needs to be done, and not a single packet can leave the machine, since the firewall will not allow it. In geek terms, it fails closed.

11. All our servers are bare metal machines which are leased from various reputable hosting providers worldwide. As we have servers in over 100 different data-centers, listing them here would create a fairly lengthy list.

Each VPN node we operate has a recursive DNS server running on it, which is only accessible over the tunnel as it listens exclusively on a LAN IP address.

12. We have servers in 50 countries and over 100 cities. The full list is shown here. All our servers are physically where they are claimed to be, as we don’t have any fake/virtual locations.

Windscribe website

VPNBaron

1. We do not keep traffic logs that match an IP address with a user. We do monitor the number of active connections for the user in order to prevent unlimited connections from one subscription.

2. Our registered legal name is Hexville SRL. We’re under Romanian jurisdiction, inside of the European Union.

3. Our tools are developed in-house. To limit the concurrent connections we keep track of the active connections of users. Every user has a limited number of concurrent connections, depending on his subscription. When he connects, we subtract one. When he disconnects, we add one back. Reach zero and the service will not allow the user to connect until he disconnects one of his active instances.

To limit the brute force types of abuses, we monitor the health of the servers and limit the network priority of the obvious DDOS that might be masked through our service. SMTP abuses will also result in temporary port blocking for that service.

4. Emails and the support platform are hosted in-house. For our sales site analytics, we rely on Google Analytics. Live support is hosted by tawk.to which has a great privacy policy.

5. We designed our system in such a way that DMCA notices cannot be forwarded to our users. A diverse approach is needed to deal with this particular industry issue: from explaining that we don’t host any content to replacing IPs and servers that received multiple strikes.

6. No subpoena has been received by our company. If that happens, we’ll be sure to assist as much as we’re legally obliged. Keep in mind that we don’t have much information to provide.

7. Net neutrality is king. We allow any kind of traffic. P2P included.

8. We use Bitcoins (and many other kinds of virtual currencies: ETH, XRP, DGB, LTC ), PayPal, PerfectMoney and Credit Cards. The sales & billing platform is stored separately of the actual VPN system.

9. We use only OpenVPN protocol, one of the most secure and hard to crack protocols, with AES-256-CBC cipher, TLSv1/SSLv3 DHE-RSA-AES512-SHA, 2048 bit RSA.

On top of the OpenVPN, you can also choose one of the two anti DPI (Deep Package Inspection) protocols: “TOR’s OBFSPROXY Scamblesuit” and “SSL” that mask your VPN connection from your ISP. These protocols come handy in places that actively block VPN connections, like China, Egypt or university campuses.

10. Yes, we have an incorporated kill switch in our client and DNS leak protection.

11. We do use our own DNS and Google DNS for some servers.

Because of the nature of the industry, we consider that replacing servers and blacklisted IPs as fast as possible, having the ability to migrate from one ISP to another, and not existing in a constant physical location is a great plus. That’s why decided to rent the VPN servers.

12. At the time of writing this, we do not offer virtual locations. We offer more than 30 servers in 18 countries and we’re expanding fast. You can find the full list here.

VPNBaron website

SecureVPN.to

1. We don’t log any individually identifying information. The privacy of our customers is our top priority.

2. Our service is operated by a group of autonomous privacy activists outside of “Fourteen Eyes” or “Enemy of the Internet” countries. Each server is handled within the jurisdiction of the server’s location.

3. There are no tools which monitor our customers but we use techniques which don’t require any logging to prevent the abuse of our service.

4. Our website has been entirely developed by ourselves and thus we don’t rely on external service providers.

5. We reply to takedown notices but can’t be forced to hand out information because of our non-logging policy.

6. This hasn’t happened yet, but if we were forced to identify any of our customers at a specific server location, we would immediately terminate this location. We are not going to log, monitor or share any information about our customers under any circumstances.

7. BitTorrent and other file-sharing traffic is allowed and treated equally to other traffic on all servers.

8. We offer a wide range of anonymous payment methods like Bitcoin, Dash, Ethereum, Paysafecard and Perfect Money. No external payment processor receives any information because all payments are processed by our own payment interface.

9. We would recommend OpenVPN, available in UDP and TCP mode. We are using AES-256-GCM/CBC for traffic encryption, 4096 bit RSA keys for the key exchange and SHA-512 as HMAC. These settings offer you the highest grade of security available.

10. Our VPN Client provides advanced security features like a Kill Switch, DNS Leak Protection, IPv4/IPv6 Leak Protection, WebRTC Leak Protection and many more.

11. We rent 27 servers in 20 countries and are continuously expanding our server park. During the last year we focused on replacing our 100 Mbit/s servers with high-end dedicated gigabit servers and thus the number of servers slightly decreased. It is impossible to have physical control over all widespread servers but we took security measures to prevent unintended server access. At the moment we are using the nameservers of Quad9 which offer good privacy.

12. Every server is physically located in its specified country and thus we don’t offer virtual locations. You can find our server list at the following link.

SecureVPN.to website

VPNArea

1. We do not keep or record any logs. We are therefore not able to match an IP-address and a time stamp to a user of our service.

2. The registered name of our company is “Offshore Security EOOD” (spelled “ОФШОР СЕКЮРИТИ ЕООД” in Bulgarian). We’re a VAT registered business. We operate under the jurisdiction of Bulgaria.

3. To prevent mail spam abuse we block mail ports used for such activity, but we preemptively whitelist known and legit email servers so that genuine mail users can still receive and send their emails.

To limit concurrent connections to 6, we use our in-house developed system that adds and subtracts +1 or -1 towards the user’s “global-live-connections-count” in a database of ours which the authentication API corresponds with anonymously each time the user disconnects or connects to a server. The process does not record any data about which servers the subtracting/detracting is coming from or any other data at any time, logging is completely disabled at the API.

4. We host our own email servers in Switzerland. We host our own Ticket Support system on our servers in Switzerland. The only external tools we use are Google Analytics for our website and Zopim Live Chat.

5. DMCA notices are not forwarded to our members as we’re unable to identify a responsible user due to not having any logs or data that can help us associate an individual with an account. We would reply to the DMCA notices explaining that we do not host or hold any copyrighted content ourselves and we’re not able to identify or penalize a user of our service.

6. This has not happened yet. Should it happen our attorney will examine the validity of the court order in accordance with our jurisdiction, we will then delegate our no logs policy to the appropriate party pointing out that we’re not able to match a user to an IP or timestamp due to not keeping or recording any logs. In our six year history we’ve upheld our reputation and we believe one of the reasons such court orders don’t reach us is our clearly stated no-logs policy.

7. BitTorrent/P2P is allowed on most of our servers but not all of them. Why not? Some servers that we use are not tolerant to DMCA notices, but some of our members utilize them for other activities not related to torrenting. That is why we keep them in our network despite the inability to use P2P/torrents on them. Most of our VPN servers and locations do allow torrents and P2P. We even allow torrenting on server locations that most VPN providers don’t, such as USA and Canada.

8. We accept PayPal, Credit/Debit cards and Webmoney via third party payment processor, plus Bitcoin and Payza. We do not require personal details to register an account with us. In the case of PayPal/Payza/card payments we link usernames to their transactions so we can process a refund. We do take active steps to make sure payment details can’t be linked to account usage or IP assignments. We do not use a recurring payments system.

9. We use AES-256-CBC + SHA256 cipher and RSA4096 keys on all our VPN servers with without exception. We also have Double VPN servers, where for example the traffic goes through Russia and Israel before reaching the final destination.

10. Yes, we provide both KillSwitch and DNS Leak protection for our Windows and Mac apps. Our new Android app already has DNS Leak protection and AdBlocking and within a couple of days will also have KillSwitch in the upcoming new version.

11. We work with reliable and established data centers. Nobody but us has virtual access to our servers. The entire logs directories are wiped out and disabled, rendering possible physical brute force access to the servers useless in terms of identifying users.

12. All our servers are physically located in the stated countries. A list of our servers in 70 countries can be found here.

VPNArea website

AirVPN

1. No, we don’t.

2. The name of the company is Air and it is located in Italy.

3. We do not use any monitoring or traffic inspection tools. We do associate a connections counter for each account to enforce the limit of five simultaneous connections per account. We also promptly investigate any service (website etc.) running behind our service to prevent phishing and other scams (malware spreading, bot controllers, etc) if we receive a complaint about them. However, checking those services after a complaint or a warning from a third-party does not require any traffic monitoring.

4. Absolutely not.

5. They are ignored.

6. The matter is handled by our law firm which explains to the competent authorities how our system works and why it is not possible to track a user “ex-post” when such identification requires access to traffic logs, which simply do not exist. We have so far not received any order trying to force us to “log activity going forward” and we would not be able to comply for strictly technical reasons.

7. Yes, BitTorrent (just like any other protocol) is allowed on all servers without any re-routing.

8. Nowadays we use Coinpayments, BitPay, PayPal and Avangate. We accept a wide variety of cryptocurrencies and several credit cards. We also planned to accept payments in Bitcoin (and some other cryptocurrency) directly in late 2018, with no need for any third party payment processor, which anyway does not require any personal data to complete a transaction.

We do not keep any information about account usage and/or IP address assignments, so there can’t be any correlation with any payment. As usual a customer needs to consider that any payment via a credit card or PayPal will be recorded for an indefinite amount of time by the respective financial companies. We also accept cryptocurrencies inherently designed to provide a strong layer of anonymity.

9. We recommend only and exclusively OpenVPN. A proper configuration must include TLS mode, Perfect Forward Secrecy, 4096 bit Diffie-Hellmnn keys, and at least 2048 bit (preferably 4096 bit) RSA keys. About the channels ciphers, AES-256 both on the Control Channel and the Data Channel is an excellent choice, while digests like HMAC SHA (when you don’t use an AED cipher such as AES-GCM) for authentication of packets are essential to guarantee integrity (preventing for example injection of forged packets in the stream), both on the Control and the Data channels.

Our service provides all of the above. About Elliptic Curve Cryptography, since it is finally of public domain that at least one random number generator (Dual_EC_DRBG) had a backdoor, and that an NSA program did exist with the aim to implement backdoors in some curves and then have exactly those curves recommended by NIST, momentarily we would suggest to drop ECC completely, just to stay on the safe side and according to Bruce Schneier’s considerations.

10. Yes, of course. They are integrated in our free and open source software “Eddie” released under GPLv3. Anyway, usage of our software is not mandatory to access our service, so we also provide guides to prevent any kind of traffic leaks outside the VPN “tunnel” on a variety of systems.

11. The VPN server management is never outsourced. Even the IPMI, which has proven to be the source of extremely dangerous vulnerabilities, is patched and access-restricted by the AirVPN core management persons only. The Air company does not own datacenters. Owning a datacenter would put Air in a vulnerable position in the scenario described in your question number 6 (second part: court order to start logging traffic).

12. We do not offer “virtual” locations. No IP address geo-location trick, hidden re-routing or any other trick is ever performed. We do not use Virtual Servers at all. Currently, we have physical (bare metal) servers really located in the following countries: Austria, Belgium, Bulgaria, Canada, Czech Republic, Germany, Hong Kong, Japan, Latvia, Lithuania, Netherlands, Norway, Romania, Singapore, Spain, Sweden, Switzerland, Ukraine, United Kingdom, United States.

AirVPN website

Trust.Zone

1. Trust.Zone doesn’t store any logs. All we need from users is just an email to sign up. No first name, no last name, no personal info, no tracking, no logs.

2. Trust.Zone is under Seychelles jurisdiction and we operate according to the law in Seychelles. There is no mandatory data retention law in Seychelles. In our jurisdiction, a foreign court order would not be enforceable and since we don’t store any logs, there is nothing to be taken from our servers. The company is operated by Extra Solutions Ltd.

3. We have no usage restriction on our service. As we don’t have any logs, we can’t track any user online activity. Trust.Zone doesn’t use any third party tools on the website. The single restriction we have is three simultaneous connections per user.

4. Trust.Zone does not use any third-party support tools, tracking systems like Google Analytics or live chats. If a user loads our website in a browser, all information like Javascript, HTML and CSS belongs to trust.zone domain only.

5. If we receive any type of DMCA requests or Copyright Infringement Notices – we ignore them. Why? Trust.Zone is under Seychelles offshore jurisdiction. There is no mandatory data retention law in Seychelles. Since we don’t store any logs, there is nothing to be had from our servers.

6. A court order would not be enforceable because we do not log information and therefore there is nothing to be had from our servers. Trust.Zone is a VPN provider with a Warrant Canary. Trust.Zone has not received or has been subject to any searches, seizures of data or requirements to log any actions of our customers.

7. We don’t restrict any kind of traffic. Trust.Zone does not throttle or block any protocols, IP addresses, servers or any type of traffic whatsoever.

8. All major credit cards are accepted. Besides, Bitcoin, PayPal, Webmoney, Alipay, wire transfer and many other types of payments are available. To stay completely anonymous, we highly recommend using anonymous payments via Bitcoin.

9. Trust.Zone uses the highest level of data encryption. We use a protocol which is faster than OpenVPN and also includes Perfect Forward Secrecy (PFS). The unique feature of Trust.Zone VPN is that you can forward your VPN traffic via ports – 21(FTP) 22 ( SCP, SFTP ), 80 (HTTP), 443 (HTTPS) or 1194 (OpenVPN), most of which can’t be blocked by your ISP. Trust.Zone uses AES-256 Encryption by default. We also offer L2TP over IPsec which also uses 256bit AES Encryption.

10. Trust.Zone supports a kill-switch function. We also own our DNS servers and provide users with using our DNS to avoid any DNS leaks. Trust.Zone has no support for IPv6 connections to avoid any leaks. We also provide users with additional recommendations to be sure that there are no any DNS leaks or IP leaks.

11. We have a mixed infrastructure. Trust.Zone owns some physical servers and we have access to them physically. In locations with lower utilization, we normally host with third parties. But the most important point is that we use dedicated servers in this case only, with full control by our network administrators. DNS queries go through our own DNS servers.

12. We are operating with 150+ servers in 30+ countries and still growing. The most popular Trust.Zone locations are France, Australia, US, Canada and UK. The full map of the server locations is available here.

Trust.Zone website

CactusVPN

1. We don’t keep any logs.

2. CactusVPN Inc., Canada

3. We restrict our services with up to five devices per package for VPN connection and to unlimited devices for SmartDNS service as long as all of them have the same IP address. Abuse of services is regulated by our Linux firewall and most of the datacenters we hire servers from provide additional security measures for servers attacks.

4. No.

5. We did not receive any official notices yet. We will only respond to a local court order.

6. If we have a valid order from Canadian authorities we have to help them identify the user. Bus as we do not keep any logs we just can’t do that. We did not receive any orders yet.

7. BitTorrent and other file-sharing traffic is allowed on Netherlands, Germany, Switzerland and Romanian servers.

8. PayPal, Visa, MasterCard, Discover, American Express, Bitcoin & Altcoins, Alipay, Qiwi, Webmoney, Boleto Bancario, Yandex Money and other not so popular payment options.

9. We recommend users to use SoftEther with ECDHE-RSA-AES128-GCM-SHA256 cipher suite.

10. Yes, our apps include Kill Switch and Apps. Killer options in case a VPN connection is dropped. Also they include DNS Leak protection.

11. We use servers from various data centers.

12. USA, UK, France, Germany, Canada, Netherlands, South Korea, Australia, Poland, Japan, Switzerland, Singapore, Romania.

CactusVPN website

ShadeYou VPN

1. ShadeYou VPN does not keep any logs. To use our service only a username and e-mail are required. No personal or real data is required.

2. We are incorporated as DATA ACCENTS LP and operate under the United Kingdom jurisdiction.

3. Limits of concurrent connections are regulated in real time on the server side by our own developed tools without any logs kept.

4. We are using Google Analytics as a tool which allows us to improve our website and bring our users better experience. Also, we are using SiteHeart online support. But none of these tools track / hold personal information.

5. The abuse team of ShadeYou VPN answers as follows: A) We do not store any illegal content on our servers. B) Every user agrees with our privacy policy while registering, so we warned that illegal actions are prohibited and at this time we are not responsible. C) We have no any personal data of our users or any logs of their activities that can be shared with third-parties because we simply do not store it.

6. There are no any special steps since we have no logs to share and analyze. It means we can’t help with identifying the active or past user of our service. Logging activity is not acceptable for our service. We had different cases but we can guarantee that none of our users were compromised.

7. BitTorrent and any other file-sharing traffic is allowed mostly on all our servers. There are only a few exceptions (such as when traffic is limited on the servers).

8. ShadeYou VPN uses payment systems including PayPal, Perfect Money, Webmoney, Qiwi, Yandex Money, Easy Pay, Ligpay, UnionPay, AliPay, MINT, CashU, Ukash also accept payments via Visa, Master Card, Maestro and Discover. Of course, Bitcoin is available. Important note: we do not store billing information which is required to improve users safety.

9. We strongly recommend using OpenVPN since it is the safest and uses the strongest encryption (TLS Protocol with 4096-bit key length and AES-256-CBC crypto-algorithm).

10. We support “Kill switches” and DNS leak protection using our desktop client.

11. All our servers are collocated around the world in data centers of different leading hosting companies. Yes, we are using our own DNS servers.

12. Here is an overview and all servers are physically located.

ShadeYou VPN website

PrivateVPN

1. We don’t retain or log any identifiers namely IP addresses, timestamps of any sort of connections on our VPN or authentication servers, data used, the speed of connection at all. Period.

2. PrivateVPN is run by a Swedish company viz. ‘Privat Kommunikation Sverige AB’ under Swedish jurisdiction.

3. Owing to our above-mentioned privacy promise, active monitoring of our service is out of the question.

4. We use a service known as LiveAgent to provide email or ticket and live chat support. They do not hold any information about chat sessions. Chat conversation transcripts are not stored on chat servers. They remain on the chat server for the duration of the chat session, then optionally sent by email to a user, and then destroyed.

5. DMCA is not applicable to our service as it is not a codified law or act under Swedish jurisdiction. So, it is none of our business. A Swedish equivalent isn’t in the scene as of now in our jurisdiction at all.

6. As already mentioned above, we don’t retain or log any identifiers at all. So, basically even when ordered to actively investigate a user we are limited to the number of active logins which is just a numerical value. That being said, we have not received a court order to date.

7. Of course, we are not in the business of restricting and throttling things. The whole point of a user connecting to our VPN servers is to get uncensored and unrestricted Internet.

8. We support PayPal, Stripe, and Bitcoin. Alipay as a payment method is en route. We offer a 30-day money-back guarantee and in order to enforce it, we keep a track of payments linked to a user account. There is no way to link an IP address assigned from us to a user account as we do not log such data.

9. No single VPN protocol works for everyone. We support multiple VPN protocols viz. PPTP,L2TP,IPsec,IKEv2,OpenVPN,Shadowsocks(beta) and soon SSH(in labs). Our default VPN protocol on all the platforms other than iOS is OpenVPN over UDP with 256-bit AEAD ciphers when you use our VPN application.

We recommend a user with an ideal ISP to use OpenVPN over UDP/1194. In case your ISP happens to throttle default OpenVPN port 1194, you can use OpenVPN over TCP/443, which is deployed with the latest –tls-crypt that OpenVPN offers for additional privacy and very basic obfuscation of the protocol itself.

For users who love built-in VPN clients for an OS, like Windows, Mac, Blackberry, iOS etc, we recommend IKEv2. For users from UAE, Egypt, some parts of China etc, we are working on secure Shadowsocks over TCP/80 with AEAD cipher and/or SSH-based solutions to tunnel their OpenVPN traffic. Shadowsocks is already being tested and working with many happy users new and old users from Egypt & UAE. For Tor lovers, we offer a guide, help, instructions on how to connect to our OpenVPN servers over Tor for additional security and privacy.

10. Our Windows VPN App offers robust Kill switch and DNS leak protection. DNS leaks on any major platform are owing to broken installations which are fixed as soon we see a report or any issues. IPv6 leak protection is available on every platform and multiple VPN protocols. We offer guides and instructions to set up a kill switch on macOS, GNU/Linux, BSD etc and are rapidly working with our developers to add these features in our easy to use and install VPN applications.

11. We have physical control over our servers and network in Sweden. We’re only using trusted data centers with strong security. Our providers have no access to PrivateVPN’s servers and most importantly, there is no customer data/activities stored on the VPN servers or on any other system we have.

We have deployed our own multiple DNS nameservers which work from within tunnel and are automatically pushed to VPN clients upon successful connection. You are at liberty to use whatever DNS nameservers you like though. For example, if you or someone you trust hosts a server with additional security features like DNSCRYPT and DNSSEC, it is fair if you wish to use it.

12. We use a mix of physical and virtual servers depending on the demand and needs of a given location.

PrivateVPN website

OctaneVPN

1. No.

2. Octane Networks, LLC. US registered company.

3. We block port 25 outbound to reduce the possibility of spam. Our auth system limits concurrent connections via our custom backend.

4. We use Google Analytics for general website trends. We use Hotjar occasionally for A/B and user experience testing. Support is internal.

5. If the customer session is still connected to our service we take action. Repeat infringers must be disabled since we are a US based company and must comply with DMCA.

6. This has not happened. We would take every action we legally could to maintain the privacy of our customers. Since logs are not used, there is little information we could provide if ordered to do so by a court of competent jurisdiction.

7. Yes. We operate with net neutrality with the exception of restricting outgoing SMTP to prevent spammers from abusing the service.

8. Bitcoin, Credit/Debit Card and PayPal. IP addresses are not linked to payment details.

9. OpenVPN
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
cipher AES-256-CBC
auth SHA512

10. Our client disables IPv6 completely as part of our DNS and IP leak protection in our Windows and Mac OS X OctaneVPN clients. Our OpenVPN based client’s IP leak protection works by removing all routes except the VPN route from the device when the client has an active VPN connection.

This a better option than a ‘kill switch’ because our client ensures the VPN is active before it allows any data to leave the device, whereas a ‘kill switch’ typically monitors the connection periodically, and, if it detects a drop in the VPN connection, reacts. With a ‘kill switch’, data sent during the time between checks is potentially vulnerable to a dropped connection. Our system is proactive vs a reactive kill switch.

Customers should vigilant as other software such as JavaScript, Flash, Java and WebRTC can leak IP independently of their VPN connection. Customers might want to consider creating a profile in their web browser specifically tailored toward web browsing privacy by disabling 3rd party plugins/extensions.

11. In our more active gateway locations, we colocate. In locations with lower utilization, we normally host. We do not do the virtual location BS you hear about sometimes. Each of our gateways acts as a DNS server for the end-user.

12. We have gateways in 45 countries and 92 cities.

OctaneVPN website

SlickVPN

1. SlickVPN doesn’t log traffic or session data of any kind. We don’t store connection time stamps, used bandwidth, traffic logs, or IP addresses.

2. Slick Networks, Inc. is our recognized corporate name. We operate a complex business structure with multiple layers of offshore holding companies, subsidiary holding companies, and finally some operating companies to help protect our interests. The main marketing entity for our business is based in the United States of America but the top level of our operating entity is based out of Nevis.

3. We block port 25 to reduce the likelihood of spam originating from our systems. The SlickVPN authentication backend is completely custom and limits concurrent connections.

4. We utilize third party email systems to contact clients who opt in for our newsletters and Google Analytics for basic website traffic monitoring and troubleshooting. We believe these platforms to be secure. Because we do not log your traffic/browsing data, no information about how users may or may not use the SlickVPN service is ever visible to these platforms.

5. If a valid DMCA complaint is received while the offending connection is still active, we stop the session and notify the active user of that session. Otherwise, we are unable to act on any complaint as we have no way of tracking down the user. It is important to note that we rarely receive a valid DMCA complaint while a user is still in an active session.

6. This has never happened in the history of our company. Our customer’s privacy is of topmost importance to us. We are required to comply with all valid court orders. We would proceed with the court order with complete transparency, but we have no data to provide any court in any jurisdiction. SlickVPN uses a warrant canary to inform users if we have received any such requests from a government agency. Users can monitor our warrant canary here: SlickVPN Warrant Canary

7. Yes. All traffic is allowed. SlickVPN does not impose restrictions based on the type of traffic our users send.

8. We accept PayPal, Credit Cards, Bitcoin, Cash, and Money Orders. We keep user authentication and billing information on independent platforms. One platform is operated out of the United States of America (Marketing) and the other platform is operated out of Nevis (Operations).

Payment details are held by our marketing company which has no access to the Operations data. We offer the ability for the customer to permanently delete their payment information from our servers at any point and all customer data is automatically removed from our records shortly after the customer ceases being a paying member.

9. We recommend using OpenVPN if at all possible (available for Windows, Apple, Linux, iOS, Android) and we use the AES-256-CBC algorithm for encryption.

10. Our leak protection (commonly called a ‘kill-switch’) keeps your IPv4 and IPv6 traffic from leaking to any other network and protects against DNS leaks. Your network will be disabled if you lose the connection to our servers and the only way to restore the network is manual intervention by the user.

11. We physically control some of our server locations where we have a heavier load. Other locations are hosted with third parties unless there is enough demand in that location to justify racking our own server setup. To ensure redundancy, we host with multiple providers in each location. We have server locations in over forty countries. We’re currently in the process of deploying 10Gb connected nodes that are physically controlled by our company.

In all cases, our network nodes load over our encrypted network stack and run from ramdisk. Anyone taking control of the server would have no usable data on the disk. We periodically remount our ramdisks to remove any lingering data. Each of our access servers acts as the DNS server for customers connected to that node.

12. At SlickVPN we actually go through the expense of putting a physical server in each country that we list. SlickVPN offers VPN service in 40 countries around the world. We do not do offer virtual locations.

SlickVPN reviews

CryptoStorm

1. No. The only logs on our servers are security related, such as: [[email protected] ~]# tail -n1 /var/log/messages Feb 21 17:27:51 wilno kernel: grsec: exec of /usr/bin/tail (tail -n1 /var/log/messages ) by /usr/bin/tail[bash:14447] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:12336] uid/euid:0/0 gid/egid:0/0

This is so we can monitor for unauthorized commands in the unlikely event that a server is compromised by some 0day exploit. Strict privilege separation and access control is done to minimize the access any potential attackers would get if any of our services were vulnerable to a 0day exploit. None of those logs contain any customer-related data.

2. Cryptostorm consists of several different entities that are in different regions. This is so if any adversary were to put legal pressure on one of those entities, we can simply drop and replace it, along with any resources that might be under it. The names and locations of these entities are not publicly disclosed, simply to make it more difficult for any potential adversaries.

3. Abuse is mitigated by using snort’s NFQ DAQ as an Intrusion Prevention System. This allows us to block the most basic or automated attacks/scans that would violate the Terms of Service at most data centers. It also allows us to prevent basic attacks without requiring us to keep any data that could be used to identify a customer. No customer IPs ever show up in those snort alerts.

4. No.

5. Most of the data centers we’ve chosen aren’t legally required to do anything about DMCA or similar complaints. The few that are legally required to do something, are only required to forward the complaint to us. Currently, the only exception is one of our Netherlands data centers, who requires a response from us. For them, we use a template very similar to this.

If an ISP, data center, or anyone else were to request customer information related to a DMCA complaint, we wouldn’t be able to provide anything since we don’t have anything. If a data center threatens to suspend our server if we don’t comply, we simply stop doing business with that data center.

6. The locations of the entities that make up Cryptostorm were specifically chosen for their strong privacy and business laws. We wouldn’t be able to comply with any court order requesting customer information since we don’t have any information to give. If a court successfully ordered one of our entities to start collecting customer information, we would absolve any entities in that court’s region.

In the highly unlikely event that international courts coordinating together were successful in ordering all of our entities to comply, we would shut down Cryptostorm, Lavabit style. As of February 2018, we have never received any such court orders. If we were to receive any “gag orders”, our warrant canary would inform customers of its existence.

7. Yes.

8. Credit/debit card payments are accepted via PayPal and Stripe. Bitcoin is accepted through BitPay. Bitcoin, Bitcoin Cash, BlackCoin, Dash, DigiByte, Dogecoin, Ether Classic, Ether, GameCredits, Litecoin, PotCoin, Vertcoin, Monero, and Zcash are accepted through CoinPayments.net. Our anonymous token authentication system plus our no-logging policy prevents us from knowing which customers are connected to which server, or what traffic they’re generating on that server.

9. Our most secure OpenVPN instances use: SHA512 for authentication; AES-256-GCM to encrypt the data channel; TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 for the control channel, forced to TLS v1.2 to prevent downgrade attacks; Unique 4096-bit DH parameters for perfect forward secrecy; prime256v1 ECC server/CA certificates, signed with ecdsa-with-SHA512; 2048-bit static key for additional encrypting/authenticating of control channel packets.

For backwards compatibility on older devices that might not support OpenVPN 2.4.x, we also provide instances using: SHA512 for auth, AES-256-CBC for the data channel, TLS-DHE-RSA-WITH-AES-256-CBC-SHA for the control channel, and unique 2048-bit DH parameters for perfect forward secrecy.

10. We do provide firewall rule sets for IPtables, ufw, pf, etc. For Windows users, our open-source VPN client includes a kill switch.

11. We rent/lease servers at various data centers throughout the world. To account for the possibility of physical compromise (i.e., a confiscated server), each server is designed to be as disposable as possible. We don’t keep any data on the servers that can be used to identify a customer, and the data cannot be used to gain access to any other server. We do use our own DNS servers, and we also provide more secure alternatives to DNS such as DNSCrypt and DNSChain.

12. Currently, we have servers in Germany, Netherlands, Lithuania, Finland, Poland, Moldova, Spain, Latvia, Canada, England, Italy, France, Switzerland, Portugal, and eight US servers. We do not use VPS/VMs for our VPN servers. Only bare metal dedicated servers.

CryptoStorm website

WhatTheServer

1. Our OpenVPN servers are configured with “verb 0” so that they keep no logs at all.

2. What The * Services, LLC is incorporated in the USA. We have VPN servers in the USA, Germany, and the Netherlands.

3. We use a custom session management system which operates completely on real-time data and keeps no logs. The session management infrastructure (and all VPN servers) is built on top of OpenBSD and uses the services built into OpenBSD to enforce user management.

4. We run all of our own communications infrastructure. However, we do use Google Analytics on the WhatTheServer.me website.

5. We have never received a DMCA take-down notice or a non-US equivalent regarding our VPN service. However, we did receive a DMCA take-down notice regarding a website one of our customers was running on our Virtual Private Servers.

We responded by replying to the requester letting them know we were looking into it, and we notified the customer via his email on file. Then we contacted the EFF and they put us in touch with a lawyer who helped us get the case dropped, because we did not have the information requested. The customer’s identity was never revealed to the people making the DMCA take-down request, because the bill was paid in Bitcoin & a throwaway email account was used.

6. We have not yet received such a court order or subpoena for user information. However, if we do we will take several steps. First, we would consult with our lawyers to confirm the validity of the order/subpoena, and respond accordingly if it is NOT a valid order/subpoena. Then we would alert our user of the event if we are legally able to.

If the order/subpoena is valid, we would see if we have the ability to provide the information requested, and respond that we do NOT have the information requested. If we DO have the information requested, we would immediately reconfigure our systems to stop keeping that information. Then we would consult with our lawyer to determine if there is any way we can fight the order/subpoena and/or what is the minimum level of compliance we must meet, as well as, notify the user of the event if we are legally able to do so.

If we were forced to start keeping logs on our users, we would go out of business and start a new company in a different jurisdiction.

7. BitTorrent and other file-sharing traffic is allowed on all VPN/Proxy servers which are NOT located in the USA.

8. We accept PayPal, as well as Monero, Bitcoin and over 140 CryptoCurrencies and AltCoins via CoinPayments.net We encourage our users to pay with anonymous payment methods and supply false contact information. We also use a completely different authentication infrastructure and random usernames for the VPN accounts.

9. All of our OpenVPN and SOCKS Proxy servers are running OpenBSD and are using LibreSSL instead of OpenSSL. This protects our servers from a wide range of attacks on the encryption. Our OpenVPN Servers use AES-256-CBC & SHA512 HMAC for the Data Channel, and DHE-RSA-AES256-GCM-SHA384 on the Control Channel. Our OpenVPN Servers are also configured with 4096bit RSA keys and a custom 4096bit Diffie-Hellman parameters. Our SOCKS Proxy is based on OpenSSH, so they support any ciphers the client wants to use. With the OpenSSH protocol, the Client decides what cipher to use instead of the Server.

10. We push Google DNS 8.8.8.8 and 8.8.4.4 to clients. We also have ‘push “block-outside-dns”’ in our OpenVPN server config files which will prevent the client from leaking DNS requests. Additionally, we include “resolve-retry infinite” and “persist-tun” in the OpenVPN client config files which will prevent the client from sending data in the clear if the VPN connection goes down.

11. All of our infrastructure is hosted in third party colocations. However, we use full-disk-encryption on all of our servers. We use Google DNS at this time but we are currently testing alternatives.

12. We offer VPN server locations in the USA, Germany, and Netherlands.

WhatTheServer website

ibVPN

1. We do not keep any log that can identify a user of our service with an IP address and/or a timestamp. We are getting ready to be GDPR compliant and (in our opinion) keeping this kind of logs is not respecting the Privacy by Design guidelines.

2. Company’s registered name is Amplusnet SRL. We are a Romanian company, which means we are under EU jurisdiction.

3. We limit the number of concurrent connections and we are using Radius for this purpose.

4. The back end of the website is a dedicated WHMCS for billing and support tickets. We do not use external e-mail providers (we host our own mail server). Our users can contact us via live chat (Zopim). The chat activity logs are deleted on a daily basis. There is no way to associate any information provided via live chat with the users’ account.

5. So far we did not receive any DMCA notice for any P2P server from our server list. That is normal considering that the servers are located in DMCA free zones. For the rest of the servers, p2p and file sharing activities are not allowed/supported.

6. So far, we have not received any court order. We do not support criminal activities, and in case of a valid court order, we must follow the EU laws under which we operate.

7. We have dedicated P2P servers that allows BitTorrent and other file-sharing applications. The servers are located in Netherlands, Luxembourg, Canada, Sweden, Russia, Hong Kong and Lithuania. We do not reroute P2P connections.

8. Payments are performed exclusively by third party processors, thus no credit card info, PayPal ids or other identifying info are stored in our database. For those who would like to keep a low profile, we accept BitCoin, LiteCoin, Ethereum, WebMoney, Perfect Money etc.

9. We support SSTP and SoftEther on most of the servers. We also offer double VPN and TOR over VPN.

10. Yes, Kill Switch and DNS leak protections are implemented in our VPN Clients. Kill Switch is one of the most used features. Our users can decide to block all the traffic when the VPN connection drops or to kill a list of applications. We allow customers to disable IPv6 Traffic and to make sure that only our DNS servers are used while connected to the VPN.

11. We do not have physical control over our VPN servers. We have full remote control to all servers. Admin access to servers is not provided for any third party.

12. The full list of server locations is available here.

ibVPN website

OVPN

1. Our entire infrastructure and VPN service is built to ensure that no logs can be stored – anywhere. Our servers are locked in cabinets and operate without any hard drives. We use a tailored version ofAlpine, which doesn’t support SATA controllers, USB ports etc. To further increase security, we use TRESOR and grsecurity to be resistant to cold boot attacks.

2. OVPN Integritet AB (Org no. 556999-4469). We operate under Swedish jurisdiction.

3. None.

4. For website insights, we use Piwik, an Open Source solution that we host ourselves. The last two bytes of visitors’ IP addresses are anonymized; hence no individual users can be identified. For support, we use an internally built system.

The mail server is hosted by Glesys, a trusted provider in Sweden. Automatic emails from the website are sent using Mailgun, but we never send any sensitive information via email. Zendesk chat is used for live chat, which we will eventually migrate from when we’ve built a satisfactory in-house solution.

5. Since we don’t store any information, such requests aren’t applicable to us.

6. We can’t provide any information to the court. A court wouldn’t be able to do that [require logging] in our jurisdiction – but in case it did happen we would move the company abroad.

7. Yes.

8. We offer PayPal, credit cards (via Braintree), Bitcoin (via Bitpay), cash in envelopes as well as a Swedish payment system called Swish. We never log IP addresses of users, so we can’t correlate an IP address to a payment.

9. We offer AES-256-GCM. In terms of connection, we recommend using our Multihop add-on.

10. Yes.

11. Yes. We own all the servers and routers, and they’re co-located in various data centers in locked cabinets.

12. USA, Germany, Sweden, United Kingdom, the Netherlands, Canada and Norway. No virtual locations are offered.

OVPN website

Mullvad

1. No, all details are explained in our no-logging data policy.

2. Amagicom AB, Sweden.

3. We limit the number of simultaneous connections to five per account. This is monitored in real time by our VPN servers which report this information to our central service. When a customer connects to one of our servers, the server asks the central service if the account has reached its connection limit. As we do not save this information, we cannot, for example, tell you how many connections your account had five minutes ago.

4. We have no external elements at all on our website. We do use an external email provider; for those who want to email us, we encourage them to use PGP encryption which is the only effective way to keep email somewhat private. The decrypted content is only available to us.

5. There is no such Swedish law that is applicable to us.

6. From time to time, we are contacted by governments asking us to divulge information about our customers. Given that we don’t store activity logs of any kind, we have no information to give out. So far this has never happened.

In addition, we do not believe that it’s possible for Swedish law to order us to actually give out information about our users. Not that we would anyway. We started Mullvad for political reasons and would rather discontinue the service than have it work against its purpose.

7. All traffic is treated equally, therefore we do not block or throttle BitTorrent or other file-sharing protocols.

8. We accept cash, Bitcoin, Bitcoin Cash, bank wire, credit card, PayPal, and Swish. We encourage anonymous payments via cash or one of the cryptocurrencies. We run our own full node in each of the blockchains and do not use third parties for any step in the payment process, from the generation of QR codes to adding time to accounts. Our website explains how we handle payment information.

9. On Windows, macOS, and mobile, we offer OpenVPN with RSA-4096 and AES-256-GCM. On Linux, we also offer WireGuard which uses Curve25519 and ChaCha20-Poly1305. We also offer an experimental post-quantum secure VPN tunnel using WireGuard and NewHope.

10. We offer a kill switch and DNS leak protection, both of which are supported in IPv6 as IPv4. While the kill switch is only available via our client/app, we also provide a SOCKS5 proxy that works as a kill switch and is only accessible through our VPN.

11. Yes, we use our own DNS servers.

12. Our website has an up-to-date server list.

Mullvad website

AceVPN

1. We do not log period. No meta-data logging, no traffic logging, no bandwidth usage tracking. We do not have any hidden fair usage policy. We respect our users’ privacy. We do not store any personal or billing information on VPN servers. IP’s are shared amongst users and our configuration makes it extremely difficult to single out any user.

2. We are registered in USA and operate as AceVPN.com

3. We have developed tools to mitigate abuse.

4. We use Google Analytics on www.acevpn.com (marketing site). We do not track proxied pages. We use G Suite for email. Emails are deleted regularly.

5. If we receive DMCA takedown, we block the port mentioned in the complaint. IPs are shared by other users and our configuration makes it extremely difficult to single out any user. We do not share any information with third parties.

6. To date, we have not received a court order. We only store billing information which the payment processor or bank or credit card issuer has.

7. We have special servers for P2P and are in datacenters that allow such traffic. These servers also have additional security to protect privacy when p2p programs are running. We do not reroute traffic as this require inspecting and analyzing traffic which contradicts with our no logs policy.

8. We accept Paypal, Bitcons and Credit cards for payments. We store billing information on a secure server separate from VPN servers and do not track usage nor IP assignments.

9. Both our IKEv2 and OpenVPN supports Elliptic curve cryptography (ECC) which we recommend for secure connectivity. To give an idea, 384 bits ECDSA is equivalent to RSA 7680 bits. Higher the bits, more secure it gets.

10. Yes, we do provide kill switches if a connection drops. Our servers are tested for DNS leak.

11. We have full control over our servers. Servers are housed in reputed datacenters. Many of them are ISO certified and are designed to the highest specifications for performance, reliability and security. We operate our own DNS servers (Smart DNS) for streaming videos. For VPN, we use Google, OpenDNS and Level3 DNS.

12. We have servers in 26+ countries and over 50+ locations /datacenters. USA, Brazil, Canada, Mexico, Denmark, Egypt, France, Germany, Ireland, Italy, Japan, Latvia, Luxembourg, Netherlands, Norway, Romania, Russia, Spain, Sweden, Switzerland, Turkey, UK, Hong Kong, Singapore, Australia, and South Africa.

AceVPN website

BlackVPN

1. No. We purge all this information when the user disconnects from the VPN.

2. The name of the company is BLACKVPN LIMITED and is registered in Hong Kong and operates under the jurisdiction of Hong Kong.

3. Most of the time we use iptables to manually monitor and mitigate abuse, but in some special and complicated cases we have used fwsnort and psad to detect hacking and spamming from our platform. Limiting concurrent sessions is done through built in functionality in FreeRadius.

4. We run our own email server plus support and live chat systems using open source tools. We use StreamSend for sending generic welcome and renewal reminder emails, as well as for the occasional news updates. We have Twitter widgets on our frontpage that may track visitors. We use our own website analytics (Piwik) where we only save anonymous IP data.

5. We block the port in the firewall on the server listed in the notice.

6. If we received a valid court order from a Hong Kong court, then we would be legally obliged to obey it. So far this has never happened.

7. Bittorrent traffic is not restricted in our Privacy VPN locations, but due to stricter enforcement of DMA notices in the USA and UK we restrict most BitTorrent traffic and only whitelist torrents of known open source software.

8. PayPal and PaymentWall for Credit Cards, Bank Transfers and Prepaid cards. Coingate for all kind of Cryptocurrencies. The transaction details (ID, time, amount, etc) are linked to each user account.

9. We recommend to use IKEv2 or OpenVPN for the most secure VPN connection. We support the very secure GCM cipher mode (AES-256-GCM) together with 4096 bit RSA and Diffie Hellman keys. We also enforce DHE/ECDHE enabled cipher suites and key exchange is done with Diffie-Hellman, providing forward secrecy.

10. For OpenVPN, we stop IPv6 and DNS leaks with the OpenVPN config, and we also disable and blackhole all IPv6 traffic server side. Our custom VPN app provides 100% IPV6 and DNS leak protection client side and we are working on adding a 100% working kill switch there soon.

11. We use dedicated servers which are hosted in 3rd party data centers, but they do not have access to login or manage the server. We run our own DNS servers which do not save any logs. Among others we use Steadfast, i3D, Zenex5ive, Worldstream, Evoluso, Estnoc,Amanah, Voxility, Rackend, CherryServers.

12. We do not now offer virtual locations. Our servers are in USA, UK, Australia, Brazil, Canada, Czech Republic, Estonia, France, Germany, Japan, Lithuania, Luxembourg, Netherlands, Norway, Romania, Spain, Switzerland and Ukraine.

BlackVPN website

Perfect Privacy

1. We do not log or store any traffic, IP addresses or any other kind of data that would allow identification of our users or their activities. The anonymity and privacy of our users is our highest priority and the Perfect Privacy infrastructure was built with this in mind.

2. Perfect Privacy is operated by Vectura Datamanagement, registered in Zug, Switzerland.

3. The primary method to mitigate abuse is reacting to email tickets. In case of malicious activity towards specific targets, we block IP addresses or ranges so they are not accessible from our VPN servers. Additionally, we have limits on new outgoing connections for protocols like SSH, IMAP, and SMTP to prevent automated spam and brute force attacks. We do not limit or keep track of the number of connections per user.

4. All email and support tools are developed and hosted in-house under our control. We use Google Analytics for website optimization and better market reach, but with the anonymizeIp parameter set. However, Perfect Privacy users are exempted from any tracking by Google Analytics and are also able to use our TrackStop filter which will block any tracking (as well as ads and known malware domains) directly on our servers.

5. Because we do not host any data, DMCA notices do not directly affect us. However, we do receive copyright violation notices for file-sharing in which case we truthfully reply that we have no data that would allow us to identify the responsible party.

6. The only step on our side is to inform the contacting party that we do not have any data that would allow the identification of a user. There had been incidents in the past where Perfect Privacy servers have been seized but never was any user information compromised that way. Since no logs are stored in the first place and additionally all our services are running within ramdisks, a server seizure will never compromise our customers. In August 2016 Dutch Authorities seized two of our servers in Rotterdam and no user data was compromised.

7. Yes, BitTorrent and other file sharing is generally allowed and treated equally to other traffic. However, at certain locations that are known to treat copyright violations rather harshly (very quick termination of servers) we block the most popular torrent trackers to reduce the impact of this problem. Currently, this is the case for servers located in the United States and France.

8. We offer a variety of payment options ranging from anonymous methods such as sending cash, or Bitcoin. However, we also offer payment with PayPal and credit cards for users who prefer these options. Because we do not monitor or log IP assignments or account usage, there is no link to the payments.

9. While we offer a range of connection possibilities we would recommend using OpenVPN with 256 bit AES encryption. Additional security can be established by using a cascaded connection over up to four hops and by activating NeuroRouting for optimized routing to keep all traffic in the encrypted VPN network as long as possible.

10. Our VPN client versions for Windows and MacOS both have “kill-switch” functionality (firewall protection against IP and DNS leaks) integrated.

11. All our VPN servers are dedicated servers that run in various data centers around the world. While we have no physical access to the servers, they all are running within RAM disks only and are fully encrypted. We operate our own DNS servers.

12. Currently, we offer servers in 23 countries. All servers are located in the city displayed in the host name – there are no “virtual locations”. For full details about all servers locations please check our server status site as we are constantly adding new servers.

Perfect Privacy website

VPN.ht

1. We keep 0 logs about usage or to match IP-Timestamp to a user.

2. VPN.ht Limited, a Hong Kong Company

3. We allow five concurrent connections with the same UserID.

4. Google Analytics.

5. We do not handle DMCA notices, our data center partners do, and in all cases we do not keep logs so we cannot identify the customer.

6. We will stop updating our Warrant Canary. It has never happened before.

7. Allowed on all our servers.

8. We accept various payment methods: Credit card / PayPal / Cryptocurrency / Other national payments. All are linked by an email.

9. For general use 128bit AES, but we do offer 256bit AES as maximum encryption level.

10. On the next application update.

11. We don’t, but we do have a strong relationship with our partners who operate data centers.

12. We have 127 servers in around 33 countries and we try our best to expand to locations most requested by our customers.

VPN.ht website

VPN Land

1. We store only payment IP addresses for the reasons of fraud prevention, applies to Credit Card and PayPal payments. We don’t record or store information about what our clients do online and it is practically impossible to reverse track an external IP with a timestamp back to a real user.

2. VPNLand Inc., Canada

3. We use custom modified Radius databases to limit concurrent connections. We have AVs installed on all servers, and obvious known attacks are blocked at the firewall level.

4. We use ZenDesk (former Zopim online chat) online chat. Email and support databases are all in-house.

5. Ignored

6. We haven’t received any court order, thankfully. If there is a court order it will be evaluated first and then any action will be taken.

7. P2P is OK on all our VPN servers, except the US ones

8. We use Stripe, PayPal, PaymentWall, BitPay. As said above – IP addresses are logged only for fraud prevention purposes. Payment details are not linked to account usage

9. OpenVPN with AES-256-CBC key, SHA512 Hash Auth, and additional 2048 bit “tls-crypt” key

10. At this moment no, but the work is in progress and with our updated iOS, Android, Windows and Mac apps a “kill-switch” feature will be offered

11. We own half of our infrastructure in Canada, UK and Netherlands. In other countries we rent dedicated servers from hosting companies.

12. USA, Canada, UK, Netherlands, Germany, France, Sweden, Italy, Belgium, Luxembourg, Russian Federation, Singapore, Korea and Japan. VPN Land has no “virtual locations.”

VPN Land website

Hidester

1. We do not log any information that can link a VPN IP-address and timestamp to a specific user. We do not collect connecting IP addresses from our members when they are using Hidester VPN Service.

2. Our company is incorporated under the name of Hidester Limited. We are incorporated in Hong-Kong, as this country does not have any data retention laws or regulations.

3. As explained above, we do measure total traffic volume (incoming and outgoing) by our members on a daily basis, to avoid excessive consumption of bandwidth by abusive users that would significantly reduce quality of service for other members. So far, we do not have had any problem with any our members.

4. Our website analytics tool is Piwik and is self-hosted on our server. This tool records information about hidester.com website visitors, and is not linking in anyway website visitors with our Subscribed Members.

5. Our P2P-enabled servers are opened in countries known by us to not process DMCA or local equivalent. So we in case we receive such enquiry, we simply apologize that we CANNOT provide further information regarding our Member as we do not record the data needed to link traffic sources and destinations.

6. We will reply to such a court order that we do not know which users are using our servers and that we are not legally obliged to do so. This has not happened so far.

7. All P2P-enabled servers are identified in the server list window of Hidester VPN application by a small double arrow icon on the right side of the server name in the list. Some servers are not P2P-enabled for legal reasons (hosting countries could force us to shut them down in case of court summon).

8. We are using Paymentwall, PayPal, and CoinPayments as our payment providers. Paymentwall and PayPal collect payers IPs and we cannot guaranty full anonymity for our Members using Paymentwall (Credit Card) or PayPal. For full anonymity even at account creation level, we recommend our Members to use CoinPayments with many cryptocurrencies of their choice to ensure full anonymity.

But once again, our NO LOG on traffic data does not allow us to link data traffic sources and destinations, which was the cornerstone of our VPN software development on all computer applications (Mac / Windows / Linux).

9. Our most secure VPN protocol is OpenVPN, running with an AES-256-CBC TLS 2048 bits Encryption. We recommend using this one for torrenting, except for Members located in censored countries, where CamoVPN might provide a more stable connection.

10. We provide a kill switch function, as well as a DNS leak protection when using CamoVPN and OpenVPN protocols.

11. We use third-party hosting providers VPS servers. We mostly use well-recommended hosting providers which exist for a long time on the market. We use OpenDNS and Google DNS servers for our services.

12. We have servers located in over 33 countries, the full list is available here. We do not offer virtual locations.

Hidester website

BolehVPN

1. We do not keep any logs on our VPN servers that would allow us to do this.

2. BV Internet Services Limited, in the Seychelles.

3. Generally, we just look at network graphs and number of connections and see if there is any abnormal activity. We also block certain sensitive ports that are often used for hacking/spamming.

4. We use Zendesk to deal with support queries and do track referrals from affiliates. We also provide the option to send us PGP encrypted messages via e-mail and also Zendesk. We do not use Cloudflare.

5. We generally find providers that are friendly towards such DMCA notices or where it cannot be avoided, we just keep them as surfing/streaming servers with P2P disabled. These servers are more for geo-location or general purpose surfing rather than P2P. We at no times give out customer information to handle this.

6. We maintain a warrant canary which we do update once a month or when there is a request for information (even if we have not complied with it).

7. We marked a few servers as surfing-streaming, as they are on providers with strict DMCA requirements. All other servers support P2P and are not treated differently from any other traffic.

8. PayPal, Paymentwall, Coinpayments, Paydollar, MolPay, Z-Coin/Z-Cash, direct bank-in and we also accept direct Bitcoin/Dash payments.

9. We recommend OpenVPN, with our Cloak servers running AES-256 bit encryption as well as an XOR patch that obfuscates your traffic. This obfuscation prevents it from being recognized as VPN traffic.

10. Yes we do. Our leak prevention also includes IPv6.

11. They are bare metal boxes hosted in various providers. We use our own DNS servers.

12. Canada, France, Germany, Italy, Japan, Luxembourg, Malaysia, Netherlands, Singapore, Sweden, Switzerland, United Kingdom and USA.

BolehVPN website

SaferVPN

1. No logs, timestamps or IP addresses are kept whatsoever. At SaferVPN, we guarantee that we will never log your browsing activity, data, or IP addresses. This includes any websites you visited, any data you may have downloaded, shared or viewed, and any of your IP address or DNS queries.

In respecting everyone’s right to privacy, we also encrypt all of your data traffic, never share or sell any of your traffic details, never read your traffic, and never identify which traffic is yours.

2. SaferVPN operates under our Safer Social Limited company, under Israeli jurisdiction. Israel has strict privacy regulations which do not include a mandatory data retention policy and only apply specifically within the state.

3. Firstly, we do not monitor our users, and we keep no logs, period. That said, we have an active, proprietary system in place to help mitigate abuse. In addition, we also limit our simultaneous connections to five devices per user.

4. We use standard business tools including Google Analytics to improve our website and provide users with the most relevant information. We also use Zendesk as a secure third-party support platform and SendGrid for transactional emails. Our users’ information is never stored within these apps, rather in a separate proprietary database used solely for support and billing requirements.

Any information about how our customers use the VPN itself (such as browsing history, traffic data or DNS queries) is never revealed to third parties and is never logged or stored by SaferVPN.

5. We have not received any court orders as of yet, but in the case that we would be served with one, we would not be able to offer any information at all. We do not log IP addresses nor browsing activity, and we cannot match any activity to real IP addresses, even if we were asked by the court. We simply don’t have that data.

6. See above.

7. BitTorrent and other file-sharing traffic is welcome on our Dutch (NL) VPN servers without any throttling. It isn’t allowed on our other servers as stated in our Terms of Service, due to our agreements with data centers.

8. Our customers can pay via credit card, PayPal and Bitcoin. Payments are performed exclusively by third-party processors — BlueSnap for credit cards, PayPal for PayPal and CoinBase for Bitcoin — who only get the necessary data to verify the payment. As we don’t monitor account usage, payment details cannot be linked to any IP assignments.

9. In most cases we recommend (and default to) OpenVPN UDP and our cipher suite of AES-256 + RSA4096 + SHA256. Our apps use a 4096-bit CA, AES-256-CBC encryption, TLSv1.2, and SHA512 signatures to authenticate our servers. We use TLS 1.2 on all servers with enabled Perfect Forward Secrecy keys. At the same time, we also offer a wide range of VPN protocols, including OpenVPN, L2TP, IPsec, OpenConnect/AnyConnect (SSL VPN), and iKEV2 – we still offer PPTP for those of you who need it, but we don’t recommend it.

10. SaferVPN provides both an automatic app-level kill switch and a feature for DNS leak protection across all mobile and desktop platforms. We also ensure that our users enjoy Automatic Wi-Fi Security that activates immediate VPN protection across public Wi-Fi hotspots.

11. We use dedicated servers at premium data centers with strong security practices. Due to our special server configuration, no one can access, retain or collect any data. All servers have been set up with a zero logs policy, ensuring that no customer data nor activity is stored on any VPN server.

12. Our servers are physically located in over 34 countries, and across every continent except Antarctica (we’re working on that!).

SaferVPN website

HeadVPN

1. We DO NOT keep any logs. We do not store logs relating to traffic, session, DNS or metadata.

2. We’re registered in the United Kingdom under the name “HEADVPN LTD”

3. We use a pre-configured firewall which is configured by our own technology.

4. Google is the one mail external based system we use. We make standard use of Google Apps and Google Analytics. Of course, we provide 24/7 Live Chat support (powered by Tawk). All other support tools are kept internal for our users and visitors.

5. Since we don’t keep any information on any of our servers there is nothing that we can take down. If we receive a valid DMCA notice we can only take action if the connection is still active (we notify the user and stop the session).

6. We haven’t received any court orders. If that happens, the agency will be informed that no user information is available as we DO NOT keep log. In our practice this was not the case.

7. Yes, we allow P2P/BitTorrent downloading. For P2P/Bittorent traffic we have special VPN servers (which are located in a data center that allows such traffic). On other VPN servers, P2P/Bittorent traffic is blocked.

8. We accept all forms of Credit/Debit cards payments through the Stripe payment gateway, Bitcoins, QIWI, Yandex.Money, WebMoney, AliPay, CashU, iDeal, PaySafecard, and PayPal payment method. We do not store any billing information such as credit cards or addresses.

9. We provide all kinds of encryption methods, including PPTP, L2TP/IPsec, SSTP, OpenVPN and SoftEther protocols. We recommend using OpenVPN protocol as it’s the most secure and using RSA 4096 bit and AES 256 bit encryption keys.

10. We do not offer DNS leak protection via kill switches. DNS leak protection is best handled by using OpenVPN protocol (AES-256-CBC algorithm for encryption).

11. All our VPN servers are hosted in 3rd party data centers with the highest specifications for performance, reliability and security. We have direct access to each server and they all are running within RAM disks (which are fully encrypted).

12. Our VPN servers are located in the United Kingdom, United States, Germany and Netherlands. We do not offer virtual locations.

HeadVPN website

Zenmate

1. No, we do not keep any such logs. We do not monitor the bandwidth usage, nor the websites that users visit.

2. ZenMate is incorporated under the legal entity “ZenGuard GmbH”, registered and operating under German jurisdiction. Germany is known for its strict internet privacy and security laws, we are therefore bound to Germany’s data privacy rules. The latter are reflected in the company’s strict privacy policies, which are followed rigorously.

3. All of our VPN systems and tools that are used to prevent abuse are proprietary and maintained in-house.

4. For user support we use ZenDesk that holds the email address the user provided us and a name if the user added that to the support ticket. For our website we do use Google Analytics, but with the “anonymize_IP” setting enabled.

5. We answer that due to the absence of any user-related data in regards to the usage with ZenMate we cannot give any support to these authorities, as this kind of data is not logged.

6. Due to the absence of any log data we cannot give any historical data to these authorities. As of now, no judge was ever willing to sign a court order to make us start logging (in general, without a specific suspicion) in the future, as this would result in a breach of several other German/European laws. We therefore have been successfully defending our users’ rights for now more than five years, without having to fear any change anytime soon.

7. Yes, we allow all traffic on all servers – as we do not have any control over the user’s traffic at all.

8. We offer a variety of payment methods depending on the country you are located in. Among others, we support payments via VISA, MasterCard, American Express, PayPal, Sofort Banking. We do not process payments on our own. We contracted with Adyen B.V. as our payment provider for the processing of payments – who is fully PCI DSS and PCI SAQ compliant.

We do not have a linked connection between payment details (which is on Adyen’s side) and account usage (which we do not log) or IP assignment (which happens completely automatically), as these are completely different systems at two different companies.

9. We use the latest TLS 1.2 (RFC 5246) protocol and support different cipher suites with PFS (Default for Chrome is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) and up to TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. No known attack currently target these cyphers. AES 128 is preferred to AES 256. There have been discussions on whether AES 256 extra security was worth the cost, and the result is far from obvious. At the moment, AES 128 is preferred, since it provides bulletproof security, it is really fast and seems to be more resistant to timing attacks.

10. Yes, we provide kill switches in the browser extensions, Windows and Android.

11. We work with a small number of trusted partners that operate premium data centers with strong security practices. Nevertheless, due to the high encryption and the zero-logging policy even at an unauthorized access, the attacker could not get any information about the activity of a specific user, as there is none on our VPN servers.

12. With ZenMate you can relocate your IP address to hide your real location and circumvent network restrictions to unblock geo-restricted sites.

We are currently offering over 30 different country locations to choose from, for example: Germany, Romania, Hong Kong, United States, Austria, Australia, Belgium, Bulgaria, Canada, Czech Republic, Finland, France, Israel, Italy, Japan, Latvia, Luxembourg, Moldova, Netherlands, Norway, Poland, Russia, Singapore, South Africa, Spain, Sweden, Switzerland, Ukraine, United Kingdom, United States.

Zenmate website

Buffered

1. We do not keep any logs that can link a user to a certain IP address. We keep anonymized logs of some usage so that we can improve the service. No single user can ever be identified.

2. We are incorporated in Gibraltar as Buffered Ltd. All card payments are taken via this entity. We take payments on PayPal via our Hungarian subsidiary, which is fully owned by the Gibraltar company.

3. Our own internal tools monitor how many devices a user has connected.

4. We do not use any external email providers, we only use internal traffic analytics (no Google Analytics or any other tracking). We use Livechat.com for live support.

5. We are not a content provider, but a network/transit service, therefore DMCA requests are not applicable to us. If we do receive one we do not attempt to identify the user (since we cannot anyway).

6. This has not happened.

7. Yes, we do not interfere with traffic in this way.

8. We use Checkout.com and PayPal, and Bitpay for bitcoin payments. Since we do not store usage logs of users this cannot be linked to payment providers, however, users should be aware that paying for a VPN with anything other than bitcoin will make it easy to identify that you have at least paid for that particular VPN.

9. Even though blowfish is sufficiently secure, now with hardware-accelerated AES, this is faster than blowfish. Consequently, we are rolling this out everywhere as it greatly improves battery consumption and security, especially in resource-constrained environments like routers and mobiles.

10. Yes we do, we recently released a firewall based killswitch. It blocks all traffic in case of the VPN connection dropping.

11. We use our own DNS servers. We rent servers across the world from providers like Leaseweb and 100TB.

12. We offer connections in 45 countries, and there are no virtual locations.

Buffered website

VPN providers With Some Logs

Seed4.me

1. We do not analyze or DPI traffic. We also do not keep logs on VPN nodes. General connection logs are stored on a secure server for seven days to solve network issues if there are any (for example if VPN IP is blocked in China and needs replacement). These logs are deleted after seven days if there are no network problems.

2. Taiwan. Seed4.Me Inc. We are not aware of any legislation requiring to share client information and we are not aware of any precedents in Taiwan, where client information was disclosed. We do not hold much information anyway. On the other hand, we do not welcome illegal activities which potentially harm other people.

3. We use simple firewall rules to avoid some abuses in advance. Regarding concurrent connections: we do not have any limits when Client uses our Windows, MAC, iOS or Android app. When Customer sets up L2TP/PPTP VPN manually he has one simultaneous connections by default, this number can be increased and it’s totally free. We use our own solution to manage abusive accounts and limit concurrent L2TP/PPTP connections.

4. Currently, we utilize Google Analytics and G Suite (ex. Google Apps). Regarding G Suite, we do not store any sensitive information there, only support issues.

5. In case of abuse we null route the IP to keep ourselves in compliance with the DMCA. Currently, we use simple firewall rules to block torrents in countries where the DMCA applies.

6. We will act in accordance with the laws of the jurisdiction, only if court order comes from a jurisdiction where the affected server is located. Fortunately, as I said before, we do not keep any logs on VPN nodes, on the other hand – we do not encourage illegal activity. This never happened.

7. Torrents are allowed on our VPN servers in Switzerland, Sweden, and Latvia. This is torrent-friendly countries with high-quality data centers and networks.

8. We accept Bitcoin, PayPal, Visa, MasterCard, Webmoney, QIWI, Yandex.Money, Bank transfer and In-App purchases in our mobile apps. We do not store sensitive payment information on our servers, in most cases payment system simply sends us a notification about successful payment with the amount of payment. We validate this data and grant access to VPN. BTW, we do not require name of the cardholder when he pays for the VPN in our desktop app.

9. Obfuscated OpenVPN with 2048-bit key will be a good choice, it’s available in our Desktop and Android apps. Also our iOS App has Automatic protection option that guarantees for example that all outgoing connections on open Wi-Fi will be encrypted and passed through secure VPN channel.

10. Yes, we have a kill switch in our Desktop VPN app. Yes, we provide DNS leak protection in our Desktop VPN app.

11. All servers are remotely administered by our team only, no outsourcing. No data is stored on VPN nodes (if the node is confiscated, there will not be any data). We prefer to deal with trustworthy Tier-3 (PCI-DSS) data centers and providers to ensure reliable service with high security. As for DNS, we use Google, users can override these settings with their own.

12. Currently we offer VPN nodes in 21 location: USA, UK, Canada, France, Russia, Switzerland (torrent-friendly), Sweden (torrent-friendly), Belgium, Ukraine, Latvia (torrent-friendly), Bulgaria, Netherlands, Spain, Germany, Italy, India, Hong Kong, Singapore, Israel, Taiwan and South Korea.

We offer one virtual location. Currently, we try not to fake IP locations and provide real IPs directly from the country where the VPN server is physically located.

Seed4.me website

VPN.ac

1. We keep connection logs for one day to help us in troubleshooting customers’ connection problems but also to identify attacks (e.g. bruteforce, account theft). This information contains IP address, connection start and end time, protocol used (including port) and amount of data transferred.

2. Netsec Interactive Solutions SRL, registered in Romania.

3. There are automated firewall rules that can kick-in in the event of some specific abusive activities, manual intervention can be done when absolutely necessary in order to maintain the infrastructure stable and reliable for everyone. Concurrent connections are limited by the authentication back-ends.

4. No.

5. We are handling DMCA complaints internally without involving the users (i.e. we are not forwarding anything). We use shared IP addresses so it’s not possible to identify the users.

6. It never happened. In such event, we would rely on legal advice.

7. It is allowed.

8. All major cryptocurrencies, PayPal, credit cards, Perfect Money, several country-specific payment methods, gift cards. Payment with cryptocurrencies can be anonymous.

9. OpenVPN using Elliptic Curve Cryptography for Key Exchange (ECDHE, curve secp256k1) is used by default in most cases. We also support RSA-4096, SHA256 and SHA512 for digest/HMAC. For data encryption we use AES-256-GCM and AES-128-GCM.

10. Yes, such features are embedded in our client software.

11. We have physical control of our servers in Romania. In other countries, we rent or collocate our hardware. We use our own DNS resolvers and all DNS traffic between VPN gateways and DNS resolvers is encrypted.

12. We don’t use “virtual locations”. All servers are physically located in several countries (and growing), such as: Australia, Canada, Switzerland, Germany, Spain, Finland, France, Hong Kong, Italy, Japan, South Korea, Lithuania, Luxembourg, Mexico, Netherlands, Norway, Poland, Portugal, Romania, Sweden, Singapore, Taiwan, UK, USA.

VPN.ac website

IronSocket

1. We keep limited session logs for all of our services. These logs record the duration of a connection, the IP address used for the connection and the number of bytes transferred.

These logs are typically kept for 72 hours, usually less, after which they are purged. We log this data for fraud and abuse detection/prevention. Since we use shared IPs on our servers, and do not log activity, it is difficult to associate specific activity with individual users.

2. IronSocket is owned and operated by Pusa and Daga Hong Kong Limited in the jurisdiction of the Hong Kong Special Administrative Region.

3. We do not use any third-party email providers or support tools. We use Google Analytics and HasOffers which have minimal visitor tracking information used for website usage reporting and management of our affiliate program, respectively.

4. IronSocket is not subject to the DMCA or any international equivalent. We do NOT host any user-uploaded content on any of our servers. While IronSocket is not subject to DMCA, some of our hosting and data center partners reside in locations that are. If they escalate a DMCA notice to us, we reply to the provider that we are a service provider like them, and that we do not log our user’s activity.

5. This has not happened. It is our policy to cooperate with legal orders that are valid under Hong Kong SAR law. The process to address such request is: (A) Verify the order is legal and valid. (B) Consult with legal counsel to determine what we are required to provide. (C) Determine if we have the data being requested.

Because of our privacy policy, terms of service, shared IP usage, and anonymous payment methods, it would be difficult to impossible to associate a specific activity with an individual user.

6. P2P traffic is allowed on servers in countries where such traffic is not restricted. We do not allow P2P on all servers due to the legal pressure on the data centers in certain regions of the world. All traffic is treated equally on our network.

7. We accept credit / debit card payments via SafeCharge and PayPal. Bitcoin transactions are processed by BitPay and major US brand gift cards are handled by PayGarden. We do not collect sensitive payment information. Any sensitive payment information is maintained by each respective payment processor and is linked by a unique transaction number.

8. OpenVPN with strong encryption: AES 256-bit encryption with SHA256 message authentication, using a 4096-bit key for secure authentication.

9. We are currently beta testing a new client for Microsoft Windows systems that offers DNS leak protection and VPN drop protection. VPN drop protection has the option of killing specific applications or the system’s network connection.

10. We are currently beta testing a new client for Microsoft Windows systems that offers support for the OpenVPN, L2TP, and PPTP VPN protocols.

11. We host and maintain our own DNS servers. We manage all our VPN servers but they are hosted and maintained by third-party data centers. We vet all providers prior to engaging their services and we continuously evaluate the quality of service and responsiveness to our requirements and requests.

12. We have hundreds of servers in 38 different countries and are always adding more. The most up-to-date list can be found here.

IronSocket website

—–

Note: several of the providers listed in this article are TorrentFreak sponsors. We reserve the first three spots for our sponsors, as a courtesy.

VPN providers who want to be in future question rounds are free to get in touch.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

OfflineBay ‘Saves The Day’ When Pirate Bay Goes Down

2018-03-03 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/offlinebay-saves-the-day-when-pirate-bay-goes-down-180303/

The Pirate Bay is touted as one of the most resilient torrent sites. While it has indeed weathered many storms, occasional downtime is no longer an exception, as became clear again this week.

This can be quite frustrating for users, including software developer TechTac, who came up with a simple but effective solution: OfflineBay.

Simply put, OfflineBay is a multi-platform application that people can install on their local computer. As the same suggests, it helps users to store a copy of all Pirate Bay torrents locally, in case the site does down.

The idea for the tool started a few weeks ago when TechTac realized that he had quite a bit of his monthly bandwidth quota left. However, as The Pirate Bay and other sites were down, he was unable to download anything through the usual channels.

“All of that remaining quota went to waste. Only if I had a tool like OfflineBay at that moment. So I thought ‘Never again’ and ended up developing this tool,” TechTac tells TorrentFreak.

The end result is an application that allows users to search and download Pirate Bay torrents, without having to use the website. Instead, the application searches through the publicly available TPB dump file, which users have to download first.

This means that only those torrents that were available at the time of the latest dump file update will be in the local database as a backup, in case TPB and other major torrent indexes go down.

OfflineBay

“OfflineBay is designed to discover torrents when online torrent search providers are not available. Torrents will be available up to the time the last dump file was created,” TechTac says.

The developer realizes that downloading and updating the dump file, which is just under 100 MB in size, is a major drawback. While he considered automating the process, there’s not really an elegant way to implement that at the moment.

This may change in the future though. TechTac will continue to develop the software. While it’s closed source at the moment, open sourcing the code is under consideration for the future.

One of the most interesting plans is to use a blockchain for this project. This would mean that the torrent database is stored and shared among users, without the need to import a dump file.

“I’m planning to move this project to the blockchain so it won’t be depending on the dump file anymore. This is the ultimate goal,” TechTac tells us.

These types of changes require a lot of time though, and that’s proven to be a bottleneck. TechTac is doing all the work on his own right now but he hopes that other developers will join the project.

“Currently, I’m the only one developing this tool. I can’t handle this on my own anymore. Waiting for more developers to get in contact. There’s a lot to discuss,” he says.

The official OfflineBay announcement and related information are available in the Pirate Bay forums over at Suprbay, where it was posted with permission of the Pirate Bay crew.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Jumping Air Gaps

2018-02-13 Bruce Schneier

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/02/jumping_air_gap_2.html

Nice profile of Mordechai Guri, who researches a variety of clever ways to steal data over air-gapped computers.

Guri and his fellow Ben-Gurion researchers have shown, for instance, that it's possible to trick a fully offline computer into leaking data to another nearby device via the noise its internal fan generates, by changing air temperatures in patterns that the receiving computer can detect with thermal sensors, or even by blinking out a stream of information from a computer hard drive LED to the camera on a quadcopter drone hovering outside a nearby window. In new research published today, the Ben-Gurion team has even shown that they can pull data off a computer protected by not only an air gap, but also a Faraday cage designed to block all radio signals.

Here’s a page with all the research results.

BoingBoing post.

ISP: We’re Cooperating With Police Following Pirate IPTV Raid

2018-01-13 Andy

Post Syndicated from Andy original https://torrentfreak.com/isp-were-cooperating-with-police-following-pirate-iptv-raid-180113/

This week, police forces around Europe took action against what is believed to be one of the world’s largest pirate IPTV networks.

The investigation, launched a year ago and coordinated by Europol, came to head on Tuesday when police carried out raids in Cyprus, Bulgaria, Greece, and the Netherlands. A fresh announcement from the crime-fighting group reveals the scale of the operation.

It was led by the Cypriot Police – Intellectual Property Crime Unit, with the support of the Cybercrime Division of the Greek Police, the Dutch Fiscal Investigative and Intelligence Service (FIOD), the Cybercrime Unit of the Bulgarian Police, Europol’s Intellectual Property Crime Coordinated Coalition (IPC³), and supported by members of the Audiovisual Anti-Piracy Alliance (AAPA).

In Cyprus, Bulgaria and Greece, 17 house searches were carried out. Three individuals aged 43, 44, and 53 were arrested in Cyprus and one was arrested in Bulgaria.

All stand accused of being involved in an international operation to illegally broadcast around 1,200 channels of pirated content to an estimated 500,000 subscribers. Some of the channels offered were illegally sourced from Sky UK, Bein Sports, Sky Italia, and Sky DE. On Thursday, the three individuals in Cyprus were remanded in custody for seven days.

“The servers used to distribute the channels were shut down, and IP addresses hosted by a Dutch company were also deactivated thanks to the cooperation of the authorities of The Netherlands,” Europol reports.

“In Bulgaria, 84 servers and 70 satellite receivers were seized, with decoders, computers and accounting documents.”

TorrentFreak was previously able to establish that Megabyte-Internet Ltd, an ISP located in the small Bulgarian town Petrich, was targeted by police. The provider went down on Tuesday but returned towards the end of the week. Responding to our earlier inquiries, the company told us more about the situation.

“We are an ISP provider located in Petrich, Bulgaria. We are selling services to around 1,500 end-clients in the Petrich area and surrounding villages,” a spokesperson explained.

“Another part of our business is internet services like dedicated unmanaged servers, hosting, email servers, storage services, and VPNs etc.”

The spokesperson added that some of Megabyte’s equipment is located at Telepoint, Bulgaria’s biggest datacenter, with connectivity to Petrich. During the raid the police seized the company’s hardware to check for evidence of illegal activity.

“We were informed by the police that some of our clients in Petrich and Sofia were using our service for illegal streaming and actions,” the company said.

“Of course, we were not able to know this because our services are unmanaged and root access [to servers] is given to our clients. For this reason any client and anyone that uses our services are responsible for their own actions.”

TorrentFreak asked many more questions, including how many police attended, what type and volume of hardware was seized, and whether anyone was arrested or taken for questioning. But, apart from noting that the police were friendly, the company declined to give us any additional information, revealing that it was not permitted to do so at this stage.

What is clear, however, is that Megabyte-Internet is offering its full cooperation to the authorities. The company says that it cannot be held responsible for the actions of its clients so their details will be handed over as part of the investigation.

“So now we will give to the police any details about these clients because we hold their full details by law. [The police] will find [out about] all the illegal actions from them,” the company concludes, adding that it’s fully operational once more and working with clients.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

This Was 2017 in ‘Pirate’ Searches

2017-12-30 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/this-was-2017-in-pirate-searches-171229/

Lists, list, lists, it’s that time of the year again. In December many prominent search engines publish their overviews of most used search terms.

On Google, Hurricane Irma was the most searched for term of the year, globally. With “It” and “Stranger Things” ending up as the most sought after movie and TV show respectively.

But what’s happening on torrent search engines? With billions of searches every year, it’s worth taking a look at the most-entered keywords on the dominant file-sharing network.

With data from one of the most visited torrent indexes, we compiled a list of 50 popular terms, to give an indication.

2017’s number one query is “Game of Thrones,” which was entered in several variations, often paired with the episode number. While it’s no surprise, considering the show’s popularity, as a TV-show it’s somewhat of an outlier.

The top 50 is mostly made up of movie titles. “Spider Man: Homecoming” ended up in the second spot, followed by “Baby Driver” and “War for the Planet of the Apes.”

The only non-title entry in the top ten is “Telugu 2017,” which shows how popular BitTorrent is in India. On most torrent sites nowadays, a large chunk of all visitors come from the Asian country.

Torrent sites are predominantly used to download video, which is evident from the list. There are no references to music at all, and “CracksNow” appears to be the only software related search.

Below is the full list of the Top 50 most-entered search queries based on a data sample provided by one of the most popular torrent sites on the Internet. Searches pointing to the same title have been combined.

—-

Note that searches are not the same as download activity. The former are, in theory, easier to manipulate by outsiders.

**What Pirates Searched for in 2017**
rank	search
torrentfreak.com
1.	Game of Thrones
2.	Spider Man Homecoming
3.	Baby Driver
4.	War for the Planet of the Apes
5.	Star Trek Discovery
6.	Telugu 2017
7.	Transformers the last knight
8.	Pirates of the Caribbean Dead Men Tell No Tales
9.	Thor Ragnarok
10	Alien Covenant
11.	Wonder Woman
12.	The Mummy
13.	Atomic Blonde
14.	Malayalam 2017
15.	Riverdale
16.	Kingsman The Golden Circle
17.	Designated Survivor
18.	2017 Movies
19.	Half Girlfriend
20.	Dunkirk
21.	The Fate of the Furious
22.	The Orville
23.	Baywatch
24.	Blade Runner 2049
25.	Tigole
26.	Golmaal again
27.	Valerian and the City of a Thousand Planets
28.	Midnight Texas
29.	King Arthur Legend of the Sword
30.	Tamil 2017
31.	Justice League
32.	Tubelight
33.	Annabelle Creation
34.	Geostorm
35.	The Handmaids Tale
36.	Young Sheldon
37.	Toilet Ek Prem Katha
38.	Logan lucky
39.	13 reasons why
40.	Baadshaho
41.	Jagga Jasoos
42.	CracksNow
43.	Dangal
44.	The Lost City of Z
45.	Suits
46.	Power Rangers
47.	The Big Bang Theory
48.	The Hitman’s Bodyguard
49	Secret Superstar
50.	Jab Harry Met Sejal

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

FilePursuit Finds Amazing Files All Year Round, Not Just at Christmas

2017-12-25 Andy

Post Syndicated from Andy original https://torrentfreak.com/filepursuit-finds-amazing-files-all-year-round-not-just-at-christmas-171225/

Ask someone to name a search engine and it’s likely that 95 out of 100 will say ‘Google’. There are plenty of others, of course, but its sheer dominance means that even giants like Bing have to wait around for a mention.

However, if people are looking for something special, such as video and music files, for example, there’s an interesting search engine that’s largely flying under the radar. FilePursuit, accessible via the web or directly from its dedicated Android apps, is somewhat of a revelation.

What FilePursuit does is trawl the Internet looking for web servers that are not only packed with content but are readily accessible to the outside world. This means that a search on the site invariably turns up treasure troves of material, all of it for immediate and direct HTTP download.

TorrentFreak caught up with the operator of the site who himself is a very interesting character.

“I’m a 21-year-old undergrad student from New Delhi, India, currently studying engineering. I started this file search engine project all by myself to learn web development and this is my first project,” he informs TF.

“I picked this project because I was surprised to find that there are lots of ‘open directory’ websites and no one is maintaining any type of record or database on them. There are thousands of ‘open directory’ websites containing a lot of amazing stuff not discovered yet, so I made them discoverable.”

Plenty of files from almost any search

FilePursuit began its life around September 2016 and since then has been receiving website submission requests (sites to be indexed by FilePursuit) from people all over the world. As such the platform is somewhat of a community effort but in respect of running the operation, it’s all done by one man.

“FilePursuit saves time in two ways: by eliminating the need to find file manually, and by performing searches at high speeds efficiently. Without this, you would have to look at sites one by one and pore over the contents of each carefully – a tedious prospect,” he explains.

“FilePursuit automatically compares your criteria to billions of webpages and gives you results in a fraction of a second. You can perform hundreds of searches in the course of a few minutes, altering the criteria as you narrow down results.”

So if Google dominates the search space, why doesn’t it do a better job of finding files than the relatively low-key FilePursuit? Its operator says it’s all about functionality.

“FilePursuit is a file search engine, it generates file links as results while other search engines give out webpages as results. However, it’s possible to search for file links directly from Google too but it’s limited to documents only. On FilePursuit you can search for almost any filetype just by selecting ‘custom’ and typing filetype in search results.”

Of course, it would be impossible for FilePursuit to find any files if webmasters and server operators didn’t leave them open to the public. Considering it’s simplicity itself to find all the latest movies and TV shows widely accessible, is this a question of stupidity, kindness, carelessness, or something else?

“In my opinion, most people are unaware that they have created an open directory and on the other hand some people want to share interesting files from their servers, which is very generous of them,” FilePursuit’s creator says.

When carrying out searches it really is amazing what FilePursuit can turn up. Files lead to directory results and some can contain many thousands of files, from every music artist one can think of through to otherwise private text files that people really should take more care over. Other things are really quite odd.

“When I look for ‘open directory’ websites, sometimes I find really amazing stuff and sometimes even bizarre stuff too. This one time, I found a collection of funeral recordings,” FilePursuit’s owner says.

While even funeral recordings can have a copyright owner somewhere, it’s the more regular mainstream content that’s most easily found with the service. The site doesn’t carry any copyrighted content at all but that doesn’t mean it’s unresponsive to takedown demands.

“I have more than three million file links indexed in my database so it can be a bit hard for me to check for copyrighted content. Although whenever I receive a mail from copyright holders or someone representing copyright holders, I always uphold their request of deleting the file link from my database and also explain to them that the file link they requested me to delete, that particular file may still exist.”

In recent months, FilePursuit has enjoyed a significant upsurge in traffic but it’s still a relatively small player in the search engine space with around 7,000 to 10,000 hits per day. However, this clever site is able to deal with five times that traffic and upgrading servers to cope with surges can be carried out in two to three minutes, “at most.”

So the big question remains – What will you find under the tree today?

FilePursuit website here, Android apps (free, pro)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Might Google Class “Torrent” a Dirty Word? France is About to Find Out

2017-12-23 Andy

Post Syndicated from Andy original https://torrentfreak.com/might-google-class-torrent-a-dirty-word-france-is-about-to-find-out-171223/

Like most countries, France is struggling to find ways to stop online piracy running rampant. A number of options have been tested thus far, with varying results.

One of the more interesting cases has been running since 2015, when music industry group SNEP took Google and Microsoft to court demanding automated filtering of ‘pirate’ search results featuring three local artists.

Before the High Court of Paris, SNEP argued that searches for the artists’ names plus the word “torrent” returned mainly infringing results on Google and Bing. Filtering out results with both sets of terms would reduce the impact of people finding pirate content through search, they said.

While SNEP claimed that its request was in line with Article L336-2 of France’s intellectual property code, which allows for “all appropriate measures” to prevent infringement, both Google and Microsoft fought back, arguing that such filtering would be disproportionate and could restrict freedom of expression.

The Court eventually sided with the search engines, noting that torrent is a common noun that refers to a neutral communication protocol.

“The requested measures are thus tantamount to general monitoring and may block access to lawful websites,” the High Court said.

Despite being told that its demands were too broad, SNEP decided to appeal. The case was heard in November where concerns were expressed over potential false positives.

Since SNEP even wants sites with “torrent” in their URL filtered out via a “fully automated procedures that do not require human intervention”, this very site – TorrentFreak.com – could be sucked in. To counter that eventuality, SNEP proposed some kind of whitelist, NextInpact reports.

With no real consensus on how to move forward, the parties were advised to enter discussions on how to get closer to the aim of reducing piracy but without causing collateral damage. Last week the parties agreed to enter negotiations so the details will now have to be hammered out between their respective law firms. Failing that, they will face a ruling from the court.

If this last scenario plays out, the situation appears to favor the search engines, who have a High Court ruling in their favor and already offer comprehensive takedown tools for copyright holders to combat the exploitation of their content online.

Meanwhile, other elements of the French recording industry have booked a notable success against several pirate sites.

SCPP, which represents Warner, Universal, Sony and thousands of others, went to court in February this year demanding that local ISPs Bouygues, Free, Orange, SFR and Numéricable prevent their subscribers from accessing ExtraTorrent, isoHunt, Torrent9 and Cpasbien.

Like SNEP in the filtering case, SCPP also cited Article L336-2 of France’s intellectual property code, demanding that the sites plus their variants, mirrors and proxies should be blocked by the ISPs so that their subscribers can no longer gain access.

This week the Paris Court of First Instance sided with the industry group, ordering the ISPs to block the sites. The service providers were also told to pick up the bill for costs.

These latest cases are yet more examples of France’s determination to crack down on piracy.

Early December it was revealed that since its inception, nine million piracy warnings have been sent to citizens via the Hadopi anti-piracy agency. Since the launch of its graduated response regime in 2010, more than 2,000 cases have been referred to prosecutors, resulting in 189 criminal convictions.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

net-creds – Sniff Passwords From Interface or PCAP File

2017-12-14 Darknet

Post Syndicated from Darknet original https://www.darknet.org.uk/2017/12/net-creds-sniff-passwords-from-interface-or-pcap-file/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

net-creds is a Python-based tool for sniffing plaintext passwords and hashes from a network interface or PCAP file – it doesn’t rely on port numbers for service identification and can concatenate fragmented packets.

Features of net-creds for Sniffing Passwords

It can sniff the following directly from a network interface or from a PCAP file:

URLs visited
POST loads sent
HTTP form logins/passwords
HTTP basic auth logins/passwords
HTTP searches
FTP logins/passwords
IRC logins/passwords
POP logins/passwords
IMAP logins/passwords
Telnet logins/passwords
SMTP logins/passwords
SNMP community string
NTLMv1/v2 all supported protocols: HTTP, SMB, LDAP, etc.

Read the rest of net-creds – Sniff Passwords From Interface or PCAP File now! Only available at Darknet.

Warrant Protections against Police Searches of Our Data

2017-11-29 Bruce Schneier

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/11/warrant_protect.html

The cell phones we carry with us constantly are the most perfect surveillance device ever invented, and our laws haven’t caught up to that reality. That might change soon.

This week, the Supreme Court will hear a case with profound implications on your security and privacy in the coming years. The Fourth Amendment’s prohibition of unlawful search and seizure is a vital right that protects us all from police overreach, and the way the courts interpret it is increasingly nonsensical in our computerized and networked world. The Supreme Court can either update current law to reflect the world, or it can further solidify an unnecessary and dangerous police power.

The case centers on cell phone location data and whether the police need a warrant to get it, or if they can use a simple subpoena, which is easier to obtain. Current Fourth Amendment doctrine holds that you lose all privacy protections over any data you willingly share with a third party. Your cellular provider, under this interpretation, is a third party with whom you’ve willingly shared your movements, 24 hours a day, going back months — even though you don’t really have any choice about whether to share with them. So police can request records of where you’ve been from cell carriers without any judicial oversight. The case before the court, Carpenter v. United States, could change that.

Traditionally, information that was most precious to us was physically close to us. It was on our bodies, in our homes and offices, in our cars. Because of that, the courts gave that information extra protections. Information that we stored far away from us, or gave to other people, afforded fewer protections. Police searches have been governed by the “third-party doctrine,” which explicitly says that information we share with others is not considered private.

The Internet has turned that thinking upside-down. Our cell phones know who we talk to and, if we’re talking via text or e-mail, what we say. They track our location constantly, so they know where we live and work. Because they’re the first and last thing we check every day, they know when we go to sleep and when we wake up. Because everyone has one, they know whom we sleep with. And because of how those phones work, all that information is naturally shared with third parties.

More generally, all our data is literally stored on computers belonging to other people. It’s our e-mail, text messages, photos, Google docs, and more all in the cloud. We store it there not because it’s unimportant, but precisely because it is important. And as the Internet of Things computerizes the rest our lives, even more data will be collected by other people: data from our health trackers and medical devices, data from our home sensors and appliances, data from Internet-connected “listeners” like Alexa, Siri, and your voice-activated television.

All this data will be collected and saved by third parties, sometimes for years. The result is a detailed dossier of your activities more complete than any private investigator – or police officer – could possibly collect by following you around.

The issue here is not whether the police should be allowed to use that data to help solve crimes. Of course they should. The issue is whether that information should be protected by the warrant process that requires the police to have probable cause to investigate you and get approval by a court.

Warrants are a security mechanism. They prevent the police from abusing their authority to investigate someone they have no reason to suspect of a crime. They prevent the police from going on “fishing expeditions.” They protect our rights and liberties, even as we willingly give up our privacy to the legitimate needs of law enforcement.

The third-party doctrine never made a lot of sense. Just because I share an intimate secret with my spouse, friend, or doctor doesn’t mean that I no longer consider it private. It makes even less sense in today’s hyper-connected world. It’s long past time the Supreme Court recognized that a months’-long history of my movements is private, and my e-mails and other personal data deserve the same protections, whether they’re on my laptop or on Google’s servers.

This essay previously appeared in the Washington Post.

Details on the case. Two opinion pieces.

I signed on to two amicus briefs on the case.

EDITED TO ADD (12/1): Good commentary on the Supreme Court oral arguments.

The Pirate Bay Has Trouble Keeping Afloat

2017-11-28 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/the-pirate-bay-suffers-downtime-tor-domain-is-up-171128/

The crew of The Pirate Bay has had a hard time keeping the ship afloat over the past few days, something which has caused considerable downtime.

For a lot of people, the site still displays a Cloudflare error message across the entire site, and many proxies are affected by the downtime as well.

Not everyone is affected equally though. In some regions, the site loads just fine. That said, there are reports that, even then, uploads are broken and searches turn up blank.

TorrentFreak reached out to the TPB team but we have yet to hear more about the issue. Judging from past experience, however, it’s likely down to a small technical issue with part of the infrastructure that needs fixing.

Pirate Bay down

The Pirate Bay has had quite a few stints of downtime in recent months. The popular torrent site usually returns after several hours, although it can take longer on occasion.

But there’s some good news for those who desperately need to access the notorious torrent site.

TPB is still accessible through some proxies and its .onion address on the Tor network, via the popular Tor Browser, for example. The Tor traffic goes through a separate connection and works just fine.

New uploads are coming through as well, although these appear to be mostly from upload bots.

As always, the site’s admins and moderators are asking people to refrain from panicking while waiting patiently for the storm to subside, but seasoned TPB users will probably know the drill by now…

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Google: Netflix Searches Outweigh Those For Pirate Alternatives

2017-11-12 Andy

Post Syndicated from Andy original https://torrentfreak.com/google-netflix-searches-outweigh-those-for-pirate-alternatives-171112/

When large-scale access to online pirated content began to flourish at the turn of the decade, entertainment industry groups claimed that if left to run riot, it could mean the end of their businesses.

More than seventeen years later that doomsday scenario hasn’t come to pass, not because piracy has been defeated – far from it – but because the music, movie and related industries have come to the market with their own offers.

The music industry were the quickest to respond, with services like iTunes and later Spotify making serious progress against pirate alternatives. It took the video industry far longer to attack the market but today, with platforms such as Netflix and Amazon Video, they have a real chance at scooping up what might otherwise be pirate consumption.

While there’s still a long way to go, it’s interesting to hear the progress that’s being made not only in the West but also piracy hotspots further afield. This week, Brazil’s Exame reported on a new study published by Google.

Focused on movies, one of its key findings is that local consumer interest in Netflix is now greater than pirate alternatives including torrents, streaming, and apps. As illustrated in the image below, the tipping point took place early November 2016, when searches for Netflix overtook those for unauthorized platforms.

Netflix vs Pirates (via Exame)

While the stats above don’t necessarily point to a reduction in piracy of movies and TV shows in Brazil, they show that Netflix’s library and ease of use is rewarded by widespread awareness among those seeking such content locally.

“We’re not lowering piracy but this does show how relevant the [Netflix] brand is when it comes to offering content online,” Google Brazil’s market intelligence chief Sérgio Tejido told Exame.

For Debora Bona, a director specializing in media and entertainment at Google Brazil, the success of Netflix is comparable to the rise of Spotify. In part thanks to The Pirate Bay, Sweden had a serious piracy problem in the middle of the last decade but by providing a viable alternative, the streaming service has become part of the solution.

“The event is interesting,” Bona says. “Since the launch of streaming solutions such as Netflix and Spotify, they have become alternatives to piracy. Sweden had many problems with music piracy and the arrival of Spotify reversed this curve.”

Netflix launched in Brazil back in 2011, but Exame notes that the largest increase in searches for the platform took place between 2013 and 2016, demonstrating a boost of 284%. Even more evidence of Netflix’s popularity was revealed in recent surveys which indicate that 77% of surveyed Brazilians had watched Netflix, up from 71% in 2016.

Importantly, nine out of ten users in Brazil said they were “extremely satisfied” or “very satisfied” with the service, up from 79% in the previous year. An impressive 66% of subscribers said that they were “not at all likely to cancel”, a welcome statistics for a company pumping billions into making its own content and increasingly protecting it (1,2), in the face of persistent pirate competition.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Spanish Police Arrest Seven in Pirate Sports Streaming Crackdown

2017-11-11 Andy

Post Syndicated from Andy original https://torrentfreak.com/spanish-police-arrest-seven-in-pirate-sports-streaming-crackdown-171111/

While most large broadcasters around the world now offer comprehensive sports packages to their customers, subscriptions are often quite expensive.

This has led to the proliferation of pirate services, each dedicated to bringing live sports to the masses at massively reduced prices or even completely free.

As a result, it’s now possible to watch almost any sport from a pirate source, whether that’s via a website, an augmented Kodi setup, or a premium IPTV provider. Today, however, there’s one less pirate service available after a series of raids in Spain.

According to the National Police, raids took place in Madrid, Alicante, Albacete, Gandía, and the Valencian cities of Xátiva and Antequera this week. In total, seven people were arrested for illegally broadcasting football matches.

Unusually in such cases, the suspects are alleged to have offered matches via a number of mechanisms, including direct download, streaming, subscription streaming, and peer-to-peer distribution. This, the police say, allowed them to have the broadest possible access to the market.

The group’s servers were scattered around the world; some located in Spain, others in France, with the remainder in the United States and Canada.

The investigation began in 2016 following a complaint from La Liga, the top professional association in Spanish football. The group alleged that a total of 13 websites were illegally offering lists of links which enabled visitors to access content to which it holds the exclusive rights.

Police say the operation was well organized, with matches presented to Internet users with schedules ordered by championships. Revenue was generated via advertising which appeared on the various pages viewed by visitors.

It’s claimed that the sites’ operators also attempted to make their scattered servers harder to find by utilizing intermediary companies, including those that offer server location anonymization services.

Across the country, eight house searches reportedly yielded a trove of evidence, both digital and physical, detailing the pirate operation and the profit obtained from it.

At this early stage, police estimate the “economic benefit” to the defendants from subscriptions and advertising to be in the region of 1.4 million euros, although it’s unclear whether those are actual historic or projected gains.

Following the raids, seven websites were ordered to be blocked and three bank accounts, said to be linked to the pirate operation, were frozen. Police say that the investigation continues so further arrests and website blockades can’t be ruled out.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Create a realistic data sample set in S3

Create your amazon-macie-activity-generator CloudFormation stack

Add the new sample data to Macie

Classifying objects with Macie

Analyzing accesses to your test data

Macie alerts

What are the costs?

VPN providers With Some Logs

The collective thoughts of the interwebz