TorrentFreak's Journal
 
[Most Recent Entries] [Calendar View]

Sunday, March 24th, 2019

    Time Event
    9:28a
    ISPs: We’re Definitely Not the Internet Police, Until We Decide We Should Be

    On several occasions over the years, TorrentFreak has reported on file-sharing platforms being blocked by ISPs, apparently for no reason at all.

    On later examination, however, we’ve discovered that organizations such as the UK’s Internet Watch Foundation charity have sometimes collaborated with ISPs to implement blocks, after child exploitation material was found on online platforms.

    Blocking whole platforms is unquestionably overkill, a point I raised with the IWF some years ago. However, when you begin to talk with these people – the people who have to view sickening content on a daily basis to prevent child abusers from sharing their filth online – sympathy is very, very easy to find.

    They look at this stuff so we don’t have to, and they deserve a medal for doing so. The Internet is undoubtedly a better place thanks to them.

    But that brings us to censorship, a topic that everyone has a view on, including whether a certain level of censorship is acceptable, and whether or not it’s good for society. Statistically, few people argue that kids being abused on film is unworthy of censorship, not least because in most regions it’s criminally illegal.

    But what about a video of innocent men, women and children being massacred in New Zealand? Should that be censored too? The Mirror newspaper in the UK didn’t think so, and actually put some of the footage on its front page. It was widely condemned for doing so.

    That said, the decision whether to censor was a question that Facebook, YouTube, Reddit and dozens of other platforms answered quickly. According to their Terms of Service, such content is disallowed and that conversation – like it or not – is now all but over; their platform, their rules.

    One of the big questions that has emerged, however, is whether the powers that be should prevent us from seeing such horrific acts for ourselves, perhaps in order to fully appreciate what we are up against in this so-called civilization of ours.

    Did most of us need to witness thousands of people die live on international TV to fully appreciate the horrors of 9/11? Did we really need to see those poor souls throwing themselves out of those burning buildings? Because if we didn’t, it’s now too late. That distressing footage remains on YouTube today.

    Never forget 9/11, we all agree, but you can’t forget something you didn’t see for yourself.

    So did we really need to witness a lone-gunman massacre innocents live on Facebook to appreciate just how deluded some people can become? Or should we be protected from ourselves, based on the notion that it will deprive extremists of publicity, by those in power who claim to know better?

    If those powers include ISPs, the answer is already with us. As widely reported, in the wake of the attack ISPs in both Australia and New Zealand took it upon themselves to begin blocking the terrorist’s video, wherever it could be found online but couldn’t be immediately taken down.

    That meant that Spark NZVodafone NZ, and Vocus NZ all implemented a voluntary blockade of entire sites including MEGA, Liveleak, and a list of other platforms, no court order required.

    “My cyber security team at Spark has done its best overnight to stay on top of the sites distributing the horrific material from the terrorists. Where they find it, they apply temporary blocks and notify the site, requesting they remove the material,” said Simon Moutter, Managing Director of Spark NZ.

    Moutter also took the time to apologize to “legitimate internet users inconvenienced” by the site blockades, an acknowledgment to obvious collateral damage but perhaps understandably pragmatic in the larger scheme of the crisis.

    It’s impossible to speak for all of those people negatively affected by the blocks but it’s likely there would’ve been quite a bit of understanding based on the good intentions of Spark, Vodafone, and Vocus, in the much the same way that IWF-ordered blockades are seen as necessary elsewhere, when they occur.

    The trouble is, New Zealand’s ISPs may now have backed themselves into a corner in life after the Christchurch massacre. In the blink of an eye they have effectively declared that if they want to become the Internet Police, they will deputize themselves to become the Internet Police.

    Vocus, in particular, now appears to have contradicted its former stance.

    “SKY’s call that sites be blacklisted on their say so is dinosaur behavior, something you would expect in North Korea, not in New Zealand,” said Vocus last year in response to a request to block The Pirate Bay.

    “It isn’t our job to police the Internet and it sure as hell isn’t SKY’s either, all sites should be equal and open,” the company’s uniquivocal statement read at the time.

    Of course, no one wishes to trivialize mass murder by comparing it to copyright infringement, it’s obvious to any fool what the priority is here when people are under attack. But important actions over access to information don’t exist in a bubble.

    Either ISPs are the Internet Police whenever they deem fit or they are not, and in the absence of legislation stating otherwise, all of these ISPs may have just opened up Pandora’s box.

    To be clear, the awful video at the center of this controversy was potentially illegal in New Zealand at the moment it was put online, but even the government there initially declined to definitively declare its status beyond it is “likely to be objectionable content under New Zealand law.”

    That position changed Monday when it fell to New Zealand Chief Censor David Shanks to announce that under the Films, Videos & Publications Classification Act 1993, the video is deemed “objectionable” and therefore illegal.

    In hindsight, it is not hard to see why the ISPs took the action they did. New Zealand is a peaceful country and the families of its lost citizens (and those from other nations that were also cruelly gunned down) deserve to have their dignities preserved, to the extent possible, in what must have been desperate times.

    To that end, the ISPs in question clearly felt that since they were in a position to contribute positively, that’s what they must do. After all, they are all serving the affected communities and, in times of crisis, everyone making a small contribution can make a huge difference. That kind of team effort in response to a disaster is arguably the best of human nature.

    However, the barrier to entry – to wider Internet censorship – has now been arguably lowered and there will be plenty of groups standing by with their own sets of demands. Insisting that ISPs aren’t the Internet Police won’t be a position the companies above will be able to hold so easily anymore.

    On a personal level, I would’ve been much happier if the two people in my Whatsapp contacts list who sent me the video had been prevented from doing so by owners Facebook. However, that would mean a company interfering with my communications, something that few people want, myself included. Clearly, we have tough choices.

    But, ultimately, it didn’t matter, because as an adult, I took control of my own destiny.

    I personally chose not to watch the video (explicit text descriptions online were harrowing enough) and I’m hoping that my response to the senders will mean I’ll never receive anything like it again. Not to say I can’t find the video online – anyone can inside 10 mins – but it’s the educated choice of the individual that counts here, not the power of ISPs.

    ISPs do not have the power to change human nature – only our life experiences, education, and values can. The monster who perpetrated the crimes last week clearly has severe problems in that area. That being said, seeing such horrors for oneself can sometimes have a positive effect.

    A video I viewed on Kazaa (if I recall correctly) in the early 2000s, of what was claimed to be a soldier getting his throat cut, was the best aversion therapy against senseless violence that I have ever experienced. The guy lost his life in the most awful way but if only one good thing came of that, it is the persistent belief that violence and brutality should be avoided at all costs.

    We can only hope that most of the people who viewed the video this week experienced a similar epiphany and positive effect – perhaps not fully today, but one that matures with time. But make no mistake, censorship – via blocking or other means – will not change the minds of the twisted, nor those reveling in obstruction while rubbing salt in the wounds.

    ISP blockades of any content will always be ineffective against the determined. In the case of pirated content, we already know the only thing that can provide serious momentum to long-term change in New Zealand. But when it comes to the horrors of what transpired last week, change has to come from within.

    It is the choice of the individual alone that can help us progress and it’s the only real way to produce any long-term meaningful change. While we dissect the motivations of the killer, we should also consider why no one – not a single person – reported the massacre to Facebook as it was live-streamed.

    Censorship will always prove controversial, no matter how well-meaning, but for the ISPs of New Zealand the battle to claim they aren’t the Internet Police may now prove more difficult.

    Plenty of groups are queuing up to have them censor content they find objectionable but there’s still a decent chance they won’t exploit that for their own ends. For now, we can only hope that a sense of perspective prevails and that education and compassion will prevent more of these atrocities happening in the future.

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    8:22p
    Which VPN Services Keep You Anonymous in 2019?

    When we first started this VPN anonymity series, almost a decade ago, the market was relatively small and easy to oversee.

    Today, the VPN industry is booming with hundreds of companies offering a wide variety of services, some more anonymous than others.

    The VPN review business is also booming. Just do a random search for “best VPN” or “VPN review” and you’ll see dozens of sites filled with recommendations and preferred picks.

    We don’t want to make any recommendations. When it comes to privacy and anonymity, an outsider can’t offer any guarantees. Vulnerabilities are always lurking around the corner and even with the most secure VPN, you still have to trust the VPN company with your data.

    Instead, we aim to provide an unranked overview of VPN providers, asking them questions we believe are important. Many of these questions relate to anonymity and security, and the various companies answer them in their own words.

    We hope that this helps users to make an informed choice. However, we stress that users themselves should always make sure that their setup is secure.

    This year’s questions and answers are listed below. We have included all VPNs that don’t keep extensive logs or block BitTorrent traffic on all of their servers. This list is not exhaustive.

    1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a current or former user of your service? If so, exactly what information do you hold and for how long?

    2. What is the name under which your company is incorporated, and under which jurisdiction does your company operate?

    3. What tools are used to monitor and mitigate abuse of your service, including limits on concurrent connections if these are enforced?

    4. Do you use any external email providers (e.g. Google Apps), analytics, or support tools ( e.g Live support, Zendesk) that hold information provided by users?

    5. In the event you receive a DMCA takedown notice or a non-US equivalent, how are these handled?

    6. What steps would be taken in the event a court orders your company to identify an active or former user of your service? How would your company respond to a court order that requires you to log activity for a user going forward? Have these scenarios ever played out in the past?

    7. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? Do you provide port forwarding services? Are any ports blocked?

    8. Which payment systems/providers do you use? Do you take any measures to ensure that payment details can’t be linked to account usage or IP-assignments?

    9. What is the most secure VPN connection and encryption algorithm you would recommend to your users?

    10. Do you provide tools such as “kill switches” if a connection drops and DNS/IPv6 leak protection? Do you support Dual Stack IPv4/IPv6 functionality?

    11. Are any of your VPN servers hosted by third parties? If so, what measures do you take to prevent those partners from snooping on any inbound and/or outbound traffic? Do you use your own DNS servers? 

    12. In which countries are your servers physically located? Do you offer virtual locations?

    Private Internet Access

    VPN review1. We do not store any logs relating to traffic, session, DNS or metadata. There are no logs for any person or entity to match an IP address and a timestamp to a user of our service. In other words, we do not log, period. Privacy is our policy.

    2. London Trust Media Incorporated, an Indiana corporation.

    3. We have an active, proprietary system in place to help mitigate abuse.

    4. At the moment we are using Google Apps Suite and Google Analytics with interest and demographics tracking disabled and anonymize IP addresses enabled.

    5. We do not monitor our users, and we keep no logs, period. That said, we have an active, proprietary system in place to help mitigate abuse.

    6. Every subpoena is scrutinized to the highest extent for compliance with both the “spirit” and “letter of the law.” While we have not received valid court orders, we periodically receive subpoenas from law enforcement agencies that we scrutinize for compliance and respond accordingly. This is all driven based upon our commitment to privacy.

    All this being said, we do not log and do not have any data on our customers other than their signup e-mail and account information.

    7. BitTorrent and file-sharing traffic are allowed and treated equally to all other traffic (although it’s routed through a second VPN in some cases). We do not censor our traffic, period.

    8. We utilize a variety of payment systems, including, but not limited to: PayPal, Credit Card (with Stripe), Amazon, Google, Bitcoin, Bitcoin Cash, Zcash, CashU, OKPay, PaymentWall, and any major store-bought gift card. Payment data is not linked nor linkable to user activity due to our no logs policy.

    9. At the moment, the most secure and practical VPN connection and encryption algorithm that we recommend to our users would be our cipher suite of AES-256 + RSA4096 + SHA256.

    10. Yes, our users gain access to a plethora of additional tools, including but not limited to:

    (a) Kill Switch: Ensures that traffic is routed through the VPN such that if the VPN connection is unexpectedly terminated, the traffic will not route.

    (b) IPv6 Leak Protection: Protects clients from websites which may include IPv6 embeds, which could lead to IPv6 IP information coming out.

    (c) DNS Leak Protection: This is built-in and ensures that DNS requests are made through the VPN on a safe, private, no-log DNS daemon.

    (d) Shared IP System: We mix clients’ traffic with many other clients’ traffic through the use of an anonymous shared-IP system ensuring that our users blend in with the crowd.

    (e) MACE™: Protects users from malware, trackers, and ads.

    11. We utilize our own bare metal servers in third-party data centers that are operated by trusted friends and, now, business partners whom we have met and on which we have completed serious due diligence. Our servers are located in facilities including 100TB, Choopa, Leaseweb, among others.

    We also operate our own DNS servers on our high throughput network. These servers are private and do not log.

    12.We currently operate 3,335 servers across 53 locations in 33 countries. For more information on what countries are available, please visit our network information page. All of our locations are physical and not virtualized.

    Private Internet Access website

    NordVPN

    1. We do not keep any logs nor timestamps that could allow our customers to be identified.

    2. Tefincom S.A., operated under the jurisdiction of Panama.

    3. We are only able to see the server load, which helps us optimize our service and provide the best possible Internet speed to our users. We also have developed and implemented an automated tool that limits the maximum number of concurrent connections to six. Apart from that, we do not use any other tools.

    4. NordVPN uses third-party data processors for emailing services and to collect basic website and app analytics. We use Iterable for correspondence, Zendesk to provide customer support, Google Analytics to monitor website and app data, as well as Crashlytics, Firebase Analytics and Appsflyer to monitor application data.

    All third-party services we use are bound by a contract with us to never use the information of our users for their own purposes and not to disclose the information to any third parties unrelated to the service.

    5. We operate under Panama’s jurisdiction, where DMCA and similar orders have no legal bearing. Therefore, they do not apply to us.

    6. If the order or subpoena is issued by a Panamanian court, we would have to provide the information if we had any. However, our zero-log policy means that we do not store any information about our users’ online activity – only their email address and basic payment info. So far, we haven’t had any such cases.

    7. We do not restrict any BitTorrent or other file-sharing applications on most of our servers. We have optimized a number of our servers specifically for file-sharing. At the moment, we do not offer port forwarding and block outgoing ports SMTP25 and NetBIOS.

    8. Our customers are able to pay via all major credit cards, regionally localized payment solutions (e.g. AliPay, Yandex, etc.) and cryptocurrencies. Our payment processing partners collect basic billing information for payment processing and refund requests, but it cannot be related to any Internet activity of a particular customer. Bitcoin is the most anonymous option, as it does not link the payment details to the user identity or other personal information.

    9. For OpenVPN connection, we use the AES 256 GCM algorithm. For IKEv2/IPSec, the ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys.

    10. Yes, we provide both an automatic kill switch and a feature for DNS leak protection. Dual Stack IPv4/IPv6 functionality is not yet supported with our service; however, all NordVPN apps offer an integrated IPv6 Leak Protection.

    11. We use a hybrid model, whereby we own some of our servers ourselves but also partner with premium data centers with strong security practices.

    Due to our special server configuration, no one is able to collect or retain any data, ensuring compliance with our no-logs policy. We also have specific requirements for network providers to ensure the highest service quality for our customers. We do have our own DNS servers, and all DNS requests go through those. Also, our customers can use any DNS server they like.

    12. All of our servers are physically located in the stated countries. We do not offer virtual locations. At the moment, NordVPN provides more than 5,000 servers in 61 countries, and the full location list can be found here.

    NordVPN website

    ExpressVPN

    expressvpnlogo1. No, ExpressVPN doesn’t keep any connection or activity logs, including never logging browsing history, data contents, DNS requests, timestamps, source IPs, outgoing IPs, or destination IPs. This ensures that we cannot ascertain whether a given user was connected to the VPN at a certain time, assumed a particular outgoing IP address, or generated any specific network activity.

    2. Express VPN International Ltd. is a BVI (British Virgin Islands) company.

    3. We do not monitor or log any user activity on our network. We reserve the right to block specific abusive traffic to protect the server network and other ExpressVPN customers.

    With regards to limits on the number of devices simultaneously connected, no timestamps or IP addresses are ever logged; our systems are merely able to identify how many active sessions a given license has at a given moment in time and use that counter to decide whether a license is allowed to create one additional session. This counter is temporary and is not tracked over time.

    4. We use Zendesk for support tickets and SnapEngage for live chat support; we have assessed the security profiles of both and consider them to be secure platforms. We use Google Analytics and cookies to collect marketing metrics for our website and several externals tools for collecting crash reports (only if a user opts into sharing these reports).

    5. As we do not keep any data or logs that could link specific activity to a given user, ExpressVPN does not identify or report users as a result of DMCA notices.

    6. Legally our company is only bound to respect subpoenas and court orders when they originate from the British Virgin Islands government or in conjunction with BVI authorities via a mutual legal assistance treaty.

    As a general rule, we reply to law enforcement inquiries by informing the investigator that we do not possess any data that could link activity or IP addresses to a specific user. Regarding a demand that we log activity going forward: were anyone ever to make such a request, we would refuse to re-engineer our systems in a way that infringes on the privacy protections that our customers trust us to uphold.

    7. ExpressVPN allows all traffic, including BitTorrent and other file-sharing traffic (without rerouting), from all of our VPN servers. At the moment, we do not support port forwarding.

    8. ExpressVPN accepts all major credit cards, PayPal, and a large number of local payment options. We also accept Bitcoin, which we recommend for those who seek maximum privacy in relation to their form of payment. As we do not log user activity, IP addresses, or timestamps, there is no way for ExpressVPN or any external party to link payment details entered on our website with a user’s VPN activities.

    9. ExpressVPN apps generally default to our recommended protocol for security and performance: OpenVPN UDP. Our apps use a 4096-bit CA, AES-256-CBC encryption, TLSv1.2, and SHA512 signatures to authenticate our servers.

    10. Yes, ExpressVPN protects users from data leaks in a number of ways; our leak protection and open-source leak testing tool suite are detailed on our Privacy Research Lab page.

    Our “Network Lock” feature, which is turned on by default, prevents all types of traffic including IPv4, IPv6, and DNS from leaking outside of the VPN, such as when your internet connection drops or in various additional scenarios where other VPNs might leak.

    We do not yet support IPv6 routing through the VPN tunnel, although we are considering adding this in the future in a subset of our server locations.

    11. Our VPN servers are hosted in trusted data centers with strong security practices, where the data center employees do not have server credentials.

    In the past year, we have developed technology to let our servers run in RAM only, booted from a read-only disk. That means we can apply server patches quickly and with certainty and prevent any possible intruder from persisting on our servers.

    We do not keep activity logs or connection logs, and because our VPN servers cannot write to hard drives, they are unable to log sensitive data even by accident. We run our own logless DNS on every server, meaning no personally identifiable data is ever stored. We do not use third-party DNS.

    12) ExpressVPN has over 3,000 servers covering 94 countries. For countries where it is difficult to find servers that meet ExpressVPN’s rigorous standards for server security, reliability, and speed, we use virtual locations to still make it possible for users to assume IP addresses registered to such countries.

    These locations represent less than 3% of ExpressVPN’s server count, and the specific countries are published on our website here.

    ExpressVPN website

    TorGuard

    1. No logs or timestamps are kept whatsoever. TorGuard does not store any traffic logs or user session data on our network. In addition to a strict no logging policy we run a default shared IP configuration across all servers. Because there are no logs or timestamps kept and multiple users sharing a single IP address, it is not possible to match any user to an IP address or username.

    2. TorGuard is owned by VPNetworks LLC and operates under US jurisdiction.

    3. We utilize customized software to monitor server health and network performance, we use global rule sets to try to catch and block attempts to abuse our service in real time. We also limit simultaneous connections through our backend authentication servers.

    4. We use anonymized Google Analytics data to optimize our website and Sendgrid for transactional email. TorGuard’s 24/7 live chat services are provided through Livechatinc’s platform. Customer support desk requests are maintained by TorGuard’s own private ticketing system.

    5. In the event a valid DMCA notice is received it is immediately processed by our abuse team. Due to our no log and no time stamp policy and shared IP network – we are unable to forward any requests to a single user.

    6. If a court order is received, it is first handled by our legal team and examined for validity in our jurisdiction. Should it be deemed valid, our legal representation would be forced to further explain the nature of our shared IP network configuration and the fact that we do not hold any identifying logs or time stamps.

    TorGuard’s network was designed to operate with minimum server resources and is not physically capable of retaining such logs. There is no on/off switch to log activity so it would be impossible to comply with such a request. No, this has never happened.

    7. Yes, BitTorrent and all P2P traffic is allowed on all servers, no restrictions are in place. Yes, we do provide port forwarding through OpenVPN (with port fail protection), we also offer the ability to whitelist IP’s that can access open ports externally, and all other IPs will be blocked. We allow all ports above 2048 to be opened by users through the control panel in the member’s area.

    8. We currently offer over 200 different payment options. This includes all forms of credit card, PayPal, Bitcoin, cryptocurrency (e.g. Litecoin, Ethereum, Monero + many more), Alipay, WeChat Pay, UnionPay, 100+ Gift Card brands, and many other worldwide local payment options.

    It is impossible to be linked back to account usage or IP assignments because we maintain zero logs across our network.

    9. For best security, we advise clients to use OpenVPN and select the cipher option AES-256-GCM, with 4096bit RSA and SHA512 HMAC. We use TLS 1.2 on all servers with perfect forward secrecy enabled. This can also be used in conjunction with Stunnel for a second SSL layer or it can be used in conjunction with shadowsocks stealth proxy that also uses AES-256-CBC on top of what you’re already using. OpenVPN port 53 also takes advantage of tls-crypt.

    TorGuard offers a wide range of VPN protocols, including OpenVPN, iKEV2, IPsec, SSTP, OpenConnect/AnyConnect, Stunnel, WireGuard, SSH Tunnels and Shadowsocks.

    10. TorGuard’s VPN software provides strict security features by automatically disabling IPv6 and blocking any potential DNS or WebRTC leaks.

    We offer a full connection kill-switch that safeguards your VPN traffic against accidental disconnects and will hard kill your interfaces if needed. There is also an application kill-switch that can terminate specific apps if the VPN connection is interrupted.

    TorGuard will begin offering IPv6 VPN connectivity in select Shared IP and Residential IP locations in the coming months.

    11. We retain full physical control over all hardware and only seek partnerships with data centers who can meet our strict security criteria. All servers are deployed and managed exclusively by TorGuard staff.

    By default, the TorGuard VPN app uses private no log DNS on each VPN endpoint. The TG android and desktop apps also allow clients to modify their connected DNS with a custom DNS entry of their choosing or to use TorGuard Endpoint DNS on 10.9.0.1.

    All traffic between the end user and the VPN server is encrypted making it impossible for any provider to decipher the tunnel or snoop on user activity.

    12. TorGuard currently maintains thousands of servers in over 55 countries around the world, and we continue to expand the network each month. All servers are physically located in the stated country of origin and we do not use any virtual locations on any location within the TorGuard network.

    TorGuard website

    Ipredator

    Image1. No logs are retained that would allow the correlation of the user’s IP address to a VPN address. The session database does not include the origin IP address of
    the user. Once a connection has been terminated the session information is deleted from the session database.

    2. The name of the company is PrivActually Ltd which operates out of Cyprus.

    3. Real abuse is mitigated by meatware [humans]. User traffic is not monitored or inspected in any way. TCP/IP sessions are not limited individually, but by server, to 10 million established connections. Packet floods are dealt with by using adaptive packet rate limiters at the switch port level and kick in at 90k pps. The number of concurrent connections is limited by the VPN backend software.

    4. There is no visitor tracking mechanism, not even passive ones analyzing the web server logs. IPredator runs its own mail infrastructure and does not use third party products like Gmail. Neither do we use data hogs like a ticket system to manage support requests. IPredator sticks to a simple mail system and deletes old data after three months from the mailboxes.

    5. Requests are evaluated according to the legal frameworks set forth in the jurisdictions the service operates in and we react accordingly. After receiving a request its validity is verified. DMCA takedown abuse using fake credentials seems to be all the rage these days.

    6. If the court order is not a gag order, notice would be given in the canary and other media channels. In the case that we would be forced to log user activity, we would shut down the service. Spontaneous bankruptcy … sometimes the only winning move is not to play.

    7. BitTorrent and other file-sharing traffic is allowed. On the public IP VPN pools, port forwarding is not required.

    8. PayPal, Bitcoins, and Payson are fully integrated. Other payment methods are available on request. An internal transaction ID is used to link payments to the payment processor.

    We do not store any other data about payments associated with the user’s account. The systems dealing with payments have no connection to the part of the infrastructure that handles VPN  connections.

    Frontend proxies are used to make sure user IP addresses do not show up in any of the backend systems. Payment processors cannot link a payment to a specific account or IP  address based on the data we have to provide.

    9. IPredator provides config files for various platforms and clients that enforce TLS1.2 on supported systems. Ideally, the client negotiates ECDHE-RSA-AES256-GCM as a suite for the control and AES256 for the data channel. For further protection, detailed setup instructions and howtos are provided to our users.

    10. Netsplice, IPredator’s cross-platform VPN client, has native support for various types of kill switches. You can kill a program, just put it to sleep, shutdown your machine or wipe your hard disk … it is up to you. Users can use this page to check for a number of leaks, not just DNS leaks.

    11. We own every server, switch, and cable we use to provide the VPN service up to our uplink network. The machines are located in Sweden due to the laws that allow us to run our service in a privacy-protecting manner.

    If the situation should change we are able to move operations to a different country. The core of any privacy service is trust in the integrity of the underlying infrastructure. Everything else has to build upon that, which includes the DNS servers.

    12. Sweden, no virtual locations at this time.

    Ipredator website

    ProtonVPN

    1. No. Each time a user connects to ProtonVPN, we only monitor the timestamp of their last successful login attempt. This gets overwritten upon each successful login. This timestamp does not contain any identifying information, just the time and date of the login.

    We do not collect any information regarding a user’s IP address, and we only retain the limited timestamp information to protect user accounts from password brute force attacks.

    2. Our registered name is Proton Technologies AG, and we operate under the jurisdiction of Switzerland.

    3. We use internal tools and systems to mitigate the abuse of our service and to ensure the best quality for our users.

    4. We currently use anonymized Google Analytics data to optimize our website, but we are migrating to a local installation of Matomo, an open source analytics tool. For customer support, we use ZenDesk.

    The information users provide when they contact our support team is processed for analytics purposes (like aggregating the number of questions regarding Secure Streaming), but they are not combined with any personal data.

    5. A DMCA takedown notice or its non-US equivalent would be handled according to our internal processes. Such a request would never be connected to a specific user, thanks to our strict no-logs policy.

    6. We can only disclose the limited user data we possess, but our strict no-logs policy means we don’t have any information about our users’ online activity.

    The limited data we have will only be disclosed when requested by a Swiss court for the purposes of the prevention, investigation, detection or prosecution of criminal offenses or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security.

    Court orders must be approved by either the Cantonal Courts of Geneva or the Swiss Federal Supreme Court. Under Swiss law, it is obligatory to notify the target of a data request, although such notification may come from the authorities and not from the Company. We have not had any requests of this kind.

    7. We allow P2P torrenting on all of our paid plans. Depending on the laws of the country hosting the server, we might have to tunnel the connection through a P2P-friendly country. Currently, we do not provide port forwarding services.

    8. We rely on third parties to process credit card and PayPal transactions, and we never save our users’ full credit card details. Our payment processing partners collect basic billing information to process payments and refunds, but it cannot be linked to a user’s online activity. We also accept anonymous cash or Bitcoin payments.

    9. We only use VPN protocols that are known to be secure — either IKEv2/IPSec or OpenVPN. We encrypt our users’ traffic with AES-256, key exchange is done with 4096-bit RSA, and HMAC with SHA384 is used for message authentication. This is available for all users, including the ones on our Free plan. Plus and Visionary plan users can also use our Secure Core feature for an extra layer of security.

    10. We currently support a Kill Switch on Windows, Android, and Mac. iOS users can use Always-on feature, as a true Kill Switch is prevented by Apple’s network-level restrictions on iOS. We operate our own DNS servers to ensure DNS leak prevention. Our servers currently support IPv4.

    11. We never compromise on security; we only use physical servers from reputable third parties that have gone through our vetting process. Our Secure Core servers provide an extra layer of protection against any potential interference with our end servers, including by our partners. We do use our own DNS servers, which handle all our users’ DNS requests.

    12. We currently have 380 servers in 31 countries, and we are continuously expanding our network. We only use physical servers that are located in their stated countries. We do not use any virtual servers or offer any virtual locations. A list of all our servers and their locations can be found here.

    ProtonVPN website

    HideIPVPN

    hideipvpn1. Currently, we store no logs related to any IP addresses. There is no way for any third-party to match a user IP to any specific activity on the internet.

    2. The registered name of the company is Server Management LLC and we operate under US jurisdiction.

    3. A single subscription can be used simultaneously for three connections. Abuses of service usually means using non-P2P servers for torrents or DMCA notices. We use iptables plugin to block P2P traffic on servers where P2P is not explicitly allowed. We block outgoing mail on port 25 to prevent spamming activity.

    4. We use live chat provided by tawk.to and Google Apps for incoming email. For outgoing email, we use our own SMTP server.

    5. Since no information is stored on any of our servers, there is nothing that we can take down. We reply to the data center or copyright holder that we do not log our users’ traffic and we use shared IP-addresses, which make it impossible to track who downloaded any data from the internet using our VPN.

    6. HideIPVPN may disclose information, including but not limited to, information concerning a client, in order to comply with a court order, subpoena, summons, discovery request, warrant, statute, regulation, or governmental request. But due to the fact that we have a no-logs policy and we use shared IPs, there won’t be anything to disclose, excepting billing details. This has never happened before.

    7. This type of traffic is welcomed on our German (DE VPN), Dutch (NL VPN), Luxembourg (LU VPN) and Lithuanian (LT VPN) servers. It is not allowed on US, UK, Canada, Poland, Singapore, Australia and French servers as stated in our TOS – the reason for this is our agreements with data centres. We do not allow port forwarding and we block ports 22 and 25 for security reasons.

    8. Currently, HideIPVPN accepts the following methods: PayPal, Bitcoin, Credit & Debit cards, JCB, American Express, Diners Club International, Discover. All our clients billing details are stored in the WHMCS billing system.

    9. SoftEther VPN protocol looks very promising and secure. Users can currently use our VPN applications on Windows and OSX systems. Both versions have a “kill switch” feature in case connection drops. Our apps are able to re-establish VPN connection and once active restart closed applications. Also, the app has the option to enable DNS leak protection.

    10. Yes, our free VPN apps have both features built in. We do not support Dual Stack IPv4/IPv6 functionality.

    11. We don’t have physical control on our VPN servers. Servers are outsourced in premium data-centre with high-quality tire1 networks. Our servers are self-managed, access is restricted to our personnel only. We use Google DNS for our VPN servers and ofcourse our DNS servers for Smart DNS.

    12. At the moment we have VPN servers located in 11 countries – US, UK, Netherlands, Germany, Luxembourg, Lithuania, Canada, Poland, France, Australia and Singapore. As you can see a number of available locations are steadily growing.

    HideIPVPN website

    Hide.me

    hideme1. No, we don’t keep any logs. We have developed our system with an eye on our customers’ privacy, so we created a distributed VPN cluster with independent public nodes that do not store any customer data or logs at all.

    2. Hide.me VPN is operated by eVenture Limited and based in Malaysia with no legal obligation to store any user logs at all.

    3. We do not limit or monitor individual connections. To mitigate abuse we deploy general firewall rules on some servers that apply to specific IP ranges. By design one username can only establish one simultaneous connection.

    4. Our landing pages which are solely used for advertising purposes include a limited amount of third-party tracking scripts, namely Google Analytics. However, no personal information that could be linked to the VPN usage is shared with these providers. We do not send information that could compromise someone’s security over email.

    5. Since we don’t store any logs and/or host copyright infringing material on our services, we’ll reply to these notices accordingly.

    6. It has never happened, but in such a scenario we won’t be able to entertain the court orders because our infrastructure is built in a way that it does not store any logs.

    There is no way we could link any particular cyber activity to any particular user. In case we are forced to store user logs, we would prefer to shut down rather than putting our users at stake who have put their trust in us.

    7. There is no effective way of blocking file-sharing traffic without monitoring our customers, which is against our principles and would even be illegal.

    8. We support a wide range of popular payment methods, including all major cryptocurrencies like Bitcoin, Litecoin, Ethereum, Dash, Monero, Paypal, Credit Cards and Bank transfer.

    All payments are handled by external payment providers and are linked to a temporary payment ID. This temporary payment ID cannot be connected to the user’s VPN account/activity. After the payment is completed, the temporary payment ID will be permanently removed from the database.

    9. All modern VPN protocols that we all support – like IKEv2, OpenVPN, SoftEtherVPN and SSTP, are considered secure even after the NSA leaks. We follow cryptographic standards and configure our VPN servers accordingly in order to support a secure key exchange with 8192-bit key size and strong symmetric encryption (AES-256) for the data transfer.

    10. Our users’ privacy is of utmost concern to us. Our Windows client has the features such as Kill Switch, Firewall to limit apps to VPN, Firewall to limit all connections to VPN, Split Tunnel, Auto Connect, Auto Reconnect etc which makes sure that the user is always encrypted and anonymous.

    We have put in some additional layers of security which include default protection against IP and DNS leaks. Our Desktop apps also block outgoing IPv6 connections automatically to prevent IP leaks. Dual Stack IPv4/IPv6 functionality will be rolled out in Q2 2019.

    11. We operate our own non-logging DNS-servers to protect our customers from DNS hijacking and similar attacks. However, we do not own physical hardware. There is intrusion detection and other various security measures in place to ensure the integrity and security of all our single servers.

    Furthermore, we choose all third party hosting providers very carefully, so we can assure that there are certain security standards in place (ISO 27001) and no unauthorized person could access our servers. Among our reputable partners are Leaseweb, NFOrce, M247 and Softlayer.

    12. Our servers are located in countries all over the world, among the most popular ones are Canada, Netherlands, Singapore, Germany, Brazil, Mexico and Australia. Below is the complete list of countries, alternatively you can view all available locations here.

    Hide.me website

    IVPN

    ivpn1. No. We believe that not logging VPN connection related data is fundamental to any privacy service regardless of the security or policies implemented to protect the log data.

    2. Privatus Limited, Gibraltar.

    3. We limit simultaneous connections by maintaining a temporary counter on a central server that is deleted when the user disconnects.

    4. No. We made a strategic decision from day one that no company or customer data would ever be stored on third-party systems. All our internal services run on our own dedicated servers that we setup, configure and manage. No third parties have access to our servers or data.

    We don’t host any external scripts on our website nor do we engage in advertising on Google or Facebook etc.

    5. Our legal department sends a reply stating that we do not store content on our servers and that our VPN servers act only as a conduit for data. In addition, we inform them that we never store the IP addresses of customers connected to our network nor are we legally required to do so.

    6. Firstly, this has never happened. However, if asked to identify a customer based on a timestamp and/or IP address then we would reply factually that we do not store this information. If legally compelled to log activity going forward we would do everything in our power to alert the relevant customers directly (or indirectly through our warrant canary).

    7. Yes, we treat all traffic equally on all servers. Yes, we provide a port forwarding service.

    8. We accept Bitcoin, Cash, PayPal and credit cards. When using cash there is no link to a user account within our system. When using Bitcoin, we store the Bitcoin transaction ID in our system.

    If you wish to remain anonymous to IVPN you should take the necessary precautions when purchasing Bitcoin. When paying with PayPal or a credit card a token is stored that is used to process recurring payments but this is not linked in anyway to VPN account usage or IP-assignments.

    9. We provide RSA-4096 / AES-256-GCM with OpenVPN, which we believe is secure enough for our customers’ requirements.

    10. Yes, the IVPN client offers an advanced VPN firewall that blocks every type of IP leak possible including IPv6, DNS, network failures, WebRTC STUN etc. Our VPN clients work on a dual-stack IPv4/IPv6 but we currently only support IPv4 on our VPN gateways.

    11. We use bare metal dedicated servers leased from third-party data centers in each country where we have a presence. We install each server using our own custom images and employ full disk encryption to ensure that if a server is ever seized the data is worthless.

    We also operate an exclusive multi-hop network allowing customers to choose an entry and exit server in different jurisdictions which would make the task of legally gaining access to servers at the same time significantly more difficult. We operate our own network of log free DNS servers that are only accessible to our customers through the VPN tunnel.

    12. Please see here. We do not offer virtual locations.

    IVPN website

    AzireVPN

    azire1. No, we do not record or store any logs related to our services. No traffic, user activity, timestamps, IP addresses, number of active and total sessions, DNS requests, or any other kind of logs are stored. System logs are disabled.

    2. The registered company name is Netbouncer AB and we operate under Swedish jurisdiction where there are no data retention laws that apply to VPN providers.

    3. We took extra security steps to harden our servers. They are running using Blind Operator mode, a software module which ensures that it’s extremely difficult to set up any kind of traffic monitoring. Abuses like incoming DDoS attacks are usually mitigated with UDP filtering on the source port used by an attacker.

    4. No, we do not rely on and refuse to use external third-party systems. We run our own email infrastructure and encourage people to use PGP encryption for reaching us. The ticketing support system, website analytics (Piwik, with anonymization settings) and other tools are hosted in-house on open-source software.

    5. We politely inform the sender that we do not keep any logs and
    are unable to identify a user.

    6. In the case that a valid court order is issued, we will inform the other party that we are unable to identify an active or former user of our service due to our particular infrastructure. In that case, they would probably force us to handover physical access to the server, which they would have to reboot to gain any kind of access due to the Blind Operator mode. Since we are running our custom system images directly into RAM, all data would be lost.

    So far, we have never received any court order and no personal information has ever been given out.

    7. Yes, BitTorrent, peer-to-peer and file-sharing traffic is allowed and treated equally to any other traffic on all of our servers. We do not provide port forwarding services, however, we do provide a public IPv4+IPv6 addresses mode which assigns IP addresses being used by only one user at a time the whole duration of the connection to the server.

    In this mode, all ports are opened, with the exception of unencrypted outgoing port 25 TCP, usually used by the SMTP protocol, which is blocked to prevent abuse by spammers.

    8. As of now, we propose a variety of payments options including anonymous methods such as Bitcoin, Bitcoin Cash, Litecoin, Monero, Ethereum and some other cryptocurrencies (through CoinPayments) and cash money via postal mail.

    We also offer PayPal, credit cards (VISA, MasterCard and American Express through Paymentwall) and Swish. We do not store sensitive payment information on our servers, we only retain an internal reference code for order confirmation.

    9. We recommend our users to use our WireGuard servers, using official
    clients and tools available on Linux, macOS, Android, iOS, OpenWRT
    (routers), and soon on Windows.

    – Data channel cipher: ChaCha20 with Poly1305 for authentication and
    data integrity
    – Authenticated key exchange: Noise Protocol Framework’s Noise_IKpsk2,
    using Curve25519, Blake2s, ChaCha20, and Poly1305. It uses a formally
    verified construction.

    10. We offer a custom open-source VPN application called azclient for all major desktop platforms (Windows, macOS and Linux) and currently support OpenVPN. Its source code is released on Github under a GPLv2 license. We plan to add a kill switch and DNS leak protection features to our client in the future.

    As we provide our users with a full dual stack IPv4/IPv6 functionality on all
    servers and VPN protocols, we do not need to provide any IPv6 leak protection. Our tunnels are natively supporting IPv6 even from IPv4 only lines, by tunneling IPv6 traffic into IPv4 transparently. Also, our WireGuard servers can be reached through both IPv4 and IPv6.

    11. We physically own all of our hardware in all locations, including bare metal dedicated servers and switches, brought and installed on our own, co-located in closed racks on different data centers around the world meeting our strict security criteria, using dedicated network links and carefully chosen network upstream providers for maximum privacy and network quality.

    We host our own non-logging DNS servers in different locations and provide DNSCrypt support for DNS requests encryption.

    12. As of now, we operate across five locations including Canada, Spain,
    Sweden, the United Kingdom, and the United States. New locations in Oslo,
    Norway and Amsterdam, the Netherlands are planned soon. There are no
    virtual locations.

    AzireVPN website

    Windscribe

    1. We do not store a historical record of VPN sessions, source IPs, or sites you visited. We store a byte count of data used in the last 30 days and number of parallel connections.

    2. Windscribe Limited, Ontario (Canada) Corporation.

    3. We use bespoke tools specifically made for the purpose. We use the bandwidth usage in 30 days + number of parallel connections to weed out extreme cases of abuse (100+ connections and hundreds of terabytes used).

    4. No, we self host everything. This includes email, analytics, support desk, and live chat. The only 3rd party services we use are Stripe, PayPal and CoinPayments.

    5. We notify the sender that the IP address is a VPN node and is shared by hundreds of people at any given moment, so there is no way to trace the activity to any single user.

    6. We have received multiple subpoenas and court orders requesting subscriber information. Our response was identical to what we send in case of a DMCA related request. We were never ordered to log users (although there were requests), but since we’re in Canada which has no mandatory data retention directives that apply to VPNs, we wouldn’t need to comply.

    7. BitTorrent is allowed in all locations as we don’t interfere with the traffic. We request that users don’t use it in India, Russia and South Africa due to more stringent providers in those regions, but it’s more of a guideline than a rule.

    8. Credit cards (Stripe), PayPal, all major cryptocurrencies and various gift cards. As we don’t store any logs of this type, there is nothing to link the payments to.

    9. We support OpenVPN and IKEv2. Both are equally secure as we use the strongest encryption possible (GCM-AES-256) with both. We recommend trying IKEv2 first, as it’s faster almost in all cases. If it’s blocked on your network, then you can use OpenVPN which operates on common ports and is a lot harder to block, especially when using Stealth (Stunnel) mode. Our application tries all the protocols automatically and uses the best one for your specific network.

    10. The Windscribe Firewall is built into our Windows and Mac applications. It blocks all connectivity outside of the tunnel to ensure that there is zero chance of any kind of leak, including but not limited to DNS leaks, IPv6 leaks, WebRTC leaks, etc. This is superior to a “kill switch”, which is a reactive measure, so there is no guarantee that nothing will leak.

    11. All our servers are bare metal machines which are leased from various reputable hosting providers worldwide. We request to remove all anti-DDoS mitigations when possible to help reduce the chance of network monitoring. Each VPN node we operate has a recursive DNS server running on it, which is only accessible over the tunnel.

    12. We have servers in 60 countries and over 110 cities. All our servers are physically where they are claimed to be, as we don’t have any fake/virtual locations.

    Windscribe website

    VPNArea

    vpnarea1. We do not keep or record any logs. We are therefore not able to match an IP-address and a time stamp to a user of our service.

    2. The registered name of our company is “Offshore Security EOOD” (spelled “ОФШОР СЕКЮРИТИ ЕООД” in Bulgarian). We’re a VAT registered business. We operate under the jurisdiction of Bulgaria.

    3. To prevent email spam abuse we block mail ports used for such activity, but we preemptively whitelist known and legit email servers so that genuine mail users can still receive and send their emails.

    To limit concurrent connections to 6, we use an in-house developed system that adds and subtracts +1 or -1 towards the user’s “global-live-connections-count” in a database of ours which the authentication API corresponds with anonymously each time the user disconnects or connects to a server. The process does not record any data about which servers the subtracting/detracting is coming from or any other data at any time, logging is completely disabled at the API.

    4. We host our own email servers. We host our own Ticket Support system on our servers. The only external tools we use are Google Analytics for our website and Live Chat software by Tawk.

    5. DMCA notices are not forwarded to our users as we’re unable to identify a responsible user due to not having any logs or data that can help us associate an individual with an account. We would reply to the DMCA notices explaining that we do not host or hold any copyrighted content ourselves and we’re not able to identify or penalize a user of our service.

    6. This has not happened yet. Should it happen our attorney will examine the validity of the court order in accordance with our jurisdiction, we will then inform the appropriate party that we’re not able to match a user to an IP or timestamp, because we’re not keeping any logs.

    7. BitTorrent is allowed on all our servers. We offer port forwarding only on the dedicated IP private VPN servers at the moment. We will work on providing port forwarding automatically on all servers soon. The only ports which are blocked are those widely related to abuse, such as spam.

    8. We accept PayPal, Credit/Debit cards, AliPay, Bitcoin, Bitcoin Cash, WebMoney, GiroPay, and bank transfers. In the case of PayPal/card payments, we link usernames to the transactions so we can process a refund. We do take active steps to make sure payment details can’t be linked to account usage or IP assignments. In the case of Bitcoin, we do not link usernames to transactions.

    9. We use AES-256-CBC + SHA256 cipher and RSA4096 keys on all our VPN servers without exception. We also have Double VPN servers, where for example the traffic goes through Russia and Israel before reaching the final destination.

    10. Yes, we provide both KillSwitch and DNS Leak protection. We actively block IPv6 traffic to prevent IP leaks, so connections are enforced via IPv4.

    11. We work with reliable and established data centers. Nobody but us has virtual access to our servers. The entire logs directories are wiped out and disabled, rendering possible physical brute force access to the servers useless in terms of identifying users. We use our own DNS servers.

    12. All our servers are physically located in the stated countries. A list of our servers in 60+ countries can be found here.

    VPNArea website

    VPNBaron

    vpnbaron1. We do not keep traffic logs that match an IP address to a user.

    2. Our registered legal name is Hexville SRL. We’re under Romanian jurisdiction, which is a member of the European Union.

    3. Our tools are developed in-house. To limit the concurrent connections we keep track of the active connections of users. Every user has a limited number of concurrent connections, depending on his subscription. When he connects, we subtract one. When he disconnects, we add one back. Reach zero and the service will not allow the user to connect until he disconnects one of his active instances.

    To limit the brute force types of abuses, we monitor the health of the servers and limit the network priority of the obvious DDOS that might be masked through our service. SMTP abuses will also result in temporary port blocking for that service.

    4. Emails and the support platform are hosted in-house. For our sales site analytics, we rely on Google Analytics. Live support is hosted by tawk.to, which has a great privacy policy.

    5. We designed our system in such a way that DMCA notices cannot be forwarded to our users. A diverse approach is needed to deal with this particular industry issue: from explaining that we don’t host any content to replacing IPs and servers that received multiple strikes.

    6. No subpoena has been received by our company. If that happens, we’ll be sure to assist as much as we’re legally obliged.

    7. We allow any kind of traffic, P2P included. Port forwarding is not active at this time.

    8. We use Bitcoins (and many other kinds of virtual currencies: ETH, XRP, DGB, LTC ), PayPal, PerfectMoney and credit cards. The sales & billing platform is stored separately from the actual VPN system, and VPN credentials are randomly generated, making it harder for them to be associated with an email address.

    9. For mobile, we recommend IKEV2 Protocol which supports VPN-ON-DEMAND, allowing users to stay connected even when changing wifi networks or switching from wifi to data. We also support OpenVPN, with AES-256-CBC cipher, TLSv1/SSLv3 DHE-RSA-AES512-SHA, 2048 bit RSA.

    On top of the OpenVPN, you can also choose one of the two anti DPI (Deep Package Inspection) protocols: “TOR’s OBFSPROXY Scamblesuit” and “SSL” that mask your VPN connection from your ISP. These protocols come handy in places that actively block VPN connections, like China, Egypt or university campuses.

    10. Yes, we have an incorporated kill switch in our client as well as DNS leak protection. At the moment, only IPv4 is supported, but we do provide assistance to any user that might experience leaks.

    11. We use our own DNS and Google DNS for some servers. Because of the nature of the industry, we consider that replacing servers and blacklisted IPs is fast as possible. The partners don’t have permission to access the servers and we’ll immediately stop the collaboration at any suspicion of snooping.

    12. We do not offer virtual locations. We offer more than 30 servers in 18 countries and we’re expanding fast. You can find the full list here.

    VPNBaron website

    Surfshark

    1. We do not keep any logs, and thus we have no data that could be retained and attributed to a current or former user. We do not collect any IP addresses, browsing history, session information, used bandwidth, connection timestamps, network traffic, or similar data.

    2. Surfshark provided by Surfshark Ltd., a company registered in the British Virgin Islands (BVI).

    3. We neither monitor nor log user activity on our network. Also, currently we do not limit the number of simultaneous connections. As a safeguard against abuse, such as unauthorized resellers or organizers of illicit activities which involve the use of a very large number of devices, we have implemented a Fair Usage Policy which manages inappropriate use of network and guarantees that our services can be used fairly by everyone.

    4. For our operations and day-to-day business, we use the secure email system Hushmail. We do not use any of Alphabet Inc. products, except for Google Analytics, which is used to improve our website performance for potential customers. For a live 24/7 customer support and ticketing service, we use industry-standard Zendesk.

    5. DMCA takedown notices do not apply to our service as we operate outside the jurisdiction of the United States. In case we received a non-US equivalent, we could not be of any help to authorities because of our strict no logs policy. It would simply not be possible to attribute any claims to a specific user as we have no information about any of our current or former users.

    6. We have never received a court order or any logging requirement from the British Virgin Islands (BVI) authorities. If we ever received a court order from the BVI authorities, we would truthfully respond that we are unable to identify any user as we keep no logs whatsoever. If data retention laws would be enacted in the BVI, we would look for another country to register our business in.

    For any information regarding received legal inquiries and orders we have a live Warrant canary.

    7. Surfshark is a torrent-friendly service. We not only allow all file-sharing activities and P2P traffic, including BitTorrent, but also protect P2P users from any possible threats, such us tracking, surveillance, and such. We do not provide port forwarding services, and we block port 25.

    8. Surfshark subscriptions can be purchased using various payment methods, including many which are only available in certain countries. As well as cryptocurrency we accept PayPal, Alipay and major credit cards. None of these payments can be linked to a specific user account.

    9. For our users, we recommend using advanced IKEv2/IPsec and OpenVPN security protocols with strong and fast AES-256-GCM encryption and SHA512 signatures. The AES-256-GCM is different from a widespread AES-256-CBC as it has an inbuilt authentication which makes encryption process much faster. All our apps are based on a fast, stable, and reliable IKEv2 security protocol, including Windows app, which is a very rare case in the industry. Our Linux app is based on OpenVPN.

    10. We provide ‘kill switches’ in most of our apps which also have built-in DNS leak protection. Also, Surfshark comes with a plethora of other security features, such as IP masking, IPV6 leak protection, WebRTC protection, a CleanWeb™ feature to block trackers, ads, and malware, MultiHop™ which works as double VPN, Whitelister™ for a split tunneling functionality, etc.

    Currently, we do not support Dual Stack IPv4/IPv6 functionality, but it is in the product development roadmap.

    11. We use our own DNS servers which do not keep any logs as per our Privacy Policy. All our servers are physically located in trusted third-party data centers. We always perform due diligence before choosing each of our providers to make sure they meet our security and trust requirements.

    Nevertheless, even in the case of unanticipated snooping attempts, nobody would be able to decrypt the traffic as we encrypt it with modern AES-256-GCM encryption which has not been cracked yet.

    12. As of March 2019, we maintain over 800 servers which are physically located in 69 locations, based in 50 different countries. We do not offer virtual locations.

    Surfshark website

    nVpn

    1. We don’t store any kind of IP logs in any shape or form, neither through the available payment methods during the order, nor on the VPN servers themselves.

    All VPN servers are set up in a way to completely avoid producing critical output in the first place, or in the very few rare cases where they do, we redirect it to “/dev/null” right away.

    2. Technically speaking, we don’t have a company which is incorporated with our VPN business infrastructure. We operate this entire service with a group of four individual persons, who mostly reside in the Eastern European region and we, therefore, don’t have, need or want a company headquarter address.

    There is no such thing as a main jurisdiction under which our service operates from. For tax reasons only, we have a company structure set up in Bosnia. It is not visible in the public eye and only used behind the curtains for certain actions.

    3. We take common counter-measures if deemed reasonable. For example, blocking certain ports like 25, 80. Or,  if we know certain ports are the default port of RATs then we disallow such few ports from being forwarded. But seeing how a user could simply use another non-default port instead, this isn’t really so effective either. Concurrent connections are not checked.

    If we receive an abuse complaint about an event which is literally happening right now, in realtime, then we do a quick simple check if the user is maybe assigned to a dedicated IP. If that’s the case, we go ahead and suspend this account to end the ongoing abuse.

    4. Yes, we use Kayako ticket software for support. Apart from that, we use self and custom coded solutions within our whole infrastructure wherever possible. On the website, we use only two third-party services, that being the CAPTCHA picture provider and the support ticket software.

    5. DMCA notices are internally treated as low ranked abuse cases which are mostly ignored where possible. For countries like the USA, we send an automated template reply to the hosting provider informing them the case has been solved. Only in very rare cases, we would even think about moving an entire shared IP group to another country where DMCA notices are ignored, like Sweden, Switzerland and the like.

    6. The steps are identical and always the same. We reply to the requester and explain that there are no IP logs kept and that no other useful information is available which could help during the event of an investigation.

    And yes, requests along the lines of somebody basically asking us to start logging in order to help solve a certain case, have actually happened in the past, but we did not and are not going to comply with those kinds of requests.

    7. File-sharing is allowed on all our server locations and it’s really no issue to us. We offer a port forwarding feature. We have only one port blocked in the Firewall: 25/tcp

    8. Non-disputable payment solutions like Bitcoin (Cryptocurrency in generally), PerfectMoney, WebMoney, Paysafecard, Amazon Giftcard, Yandex are NOT linked with the user account, because there is no reason to do this. Non-disputable payments are paid and forgotten. Contrary to that, disputable payment methods like PayPal, Skrill are linked to a user account in order to suspend the account in the case of a payment dispute.

    This has nothing to do with IP assignments or account usage, the linking for disputable payment methods is strictly limited to the event where a payment gets disputed, so that the related account can be closed.

    9. We would still recommend using our defau

    << Previous Day 2019/03/24
    [Calendar]
    Next Day >>

TorrentFreak   About LJ.Rossia.org