VPN

[Vid]

Once again I wonder if this is a law being passed for political reasons while masquerading under other ostensible justifications.

 

VPNs are a powerful tool to fight totalitarianism. With a VPN, it becomes very difficult to trace a dissenting post. With chained VPNs and proxies using virtual machines and other misdirections, it becomes well-nigh impossible to trace a highly competently hidden post.

 

The fact that other supposedly Western democratic regimes are considering this does not argue against this, in my view. I feel the whole world has been taking a slide toward the totalitarian police state for the last decade and a half. It's like 1984 arrived 30 years late.

 

Anyway, if it is really the copyright MAFIAA (not a typo, google it) pushing for this crap, I'll say orbi goot. Because it's just gonna drive more people into pirating. At least with VPNs, people are sometimes buying content legally. They're killing their own golden goose with measures like this and DRM.

 

... cheem ...

 

[laugh]

 

Anyway, the law is not passed yet. Just a thought they have to squeeze more money out of people. This is also something that would be nearly impossible to enforce.

[SIM37]

Now I use VPN even when I'm at work. I can dload torrents safely using split tunneling. as in, my torrent go through VPN, but other normal traffic don't

[Neutrino]

anyone use nordVPN.

Are they good?

 

I see they have server in Singapore.

[Mustank]

I only know vpl

[zipping]

anyone use nordVPN.

Are they good?

 

I see they have server in Singapore.

 

 

They should hav a trial period...

 

Remember to read their Privacy Policy and Terms of Service.

 

Also other than singapore, in which other country u need their servers. Make sure they hav servers in all e country u need.

 

Also how many devices can concurrently log into e vpn service.

 

 

https://torrentfreak.com/vpn-services-anonymous-review-2017-170304/

 

My 2¢

[Neutrino]

I just want to watch BBC iPlayer and ITV HUb from UK as I like some of their shows.

 

I used to use Hola or cybergost which were free but no longer.

 

Because I only need low level VPN a free one would be OK for me but I can't find anymore that are free.

Are there any??

[zipping]

I just want to watch BBC iPlayer and ITV HUb from UK as I like some of their shows.

 

I used to use Hola or cybergost which were free but no longer.

 

Because I only need low level VPN a free one would be OK for me but I can't find anymore that are free.

Are there any??

 

 

There are still some free vpn out there....just need to google n do some research on which to use.

 

Do remember...these free vpn does comes with some limitations, mainly bandwidth restrictions / ad supported / limited servers...etc

 

But then again.....vpn are so cheap nowadays....less than S$10/mth

 

 

My 2¢...

[Neutrino]

There are still some free vpn out there....just need to google n do some research on which to use.

 

Do remember...these free vpn does comes with some limitations, mainly bandwidth restrictions / ad supported / limited servers...etc

 

But then again.....vpn are so cheap nowadays....less than S$10/mth

 

 

My 2¢...

 

Thanks.

Stupid MCF rooole means I can't give you praise until I praise 10 others.

By then I will have forgotten.

[zipping]

https://torrentfreak.com/purevpn-logs-helped-fbi-net-alleged-cyberstalker-171009/

 

 

PureVPN Logs Helped FBI Net Alleged Cyberstalker

• By Andy
• on October 9, 2017
• C: 30

Breaking

 

A Massachusetts man was arrested late last week on suspicion of conducting a cyberstalking campaign against a female former roommate, her friends, and family. Court documents reveal that logs, obtained by the FBI from privacy service PureVPN, helped the prosecution. Until now, PureVPN had always maintained it carried no logs - almost.

Last Thursday, Ryan S. Lin, 24, of Newton, Massachusetts, was arrested on suspicion of conducting “an extensive cyberstalking campaign” against his former roommate, a 24-year-old Massachusetts woman, as well as her family members and friends.

According to the Department of Justice, Lin’s “multi-faceted campaign of computer hacking and cyberstalking” began in April 2016 when he began hacking into the victim’s online accounts, obtaining personal photographs, sensitive information about her medical and sexual histories, and other private details.

It’s alleged that after obtaining the above material, Lin distributed it to hundreds of others. It’s claimed he created fake online profiles showing the victim’s home address while soliciting sexual activity. This caused men to show up at her home.

“Mr. Lin allegedly carried out a relentless cyber stalking campaign against a young woman in a chilling effort to violate her privacy and threaten those around her,” said Acting United States Attorney William D. Weinreb.

“While using anonymizing services and other online tools to avoid attribution, Mr. Lin harassed the victim, her family, friends, co-workers and roommates, and then targeted local schools and institutions in her community. Mr. Lin will now face the consequences of his crimes.”

While Lin awaits his ultimate fate (he appeared in U.S. District Court in Boston Friday), the allegation he used anonymization tools to hide himself online but still managed to get caught raises a number of questions. An affidavit submitted by Special Agent Jeffrey Williams in support of the criminal complaint against Lin provides most of the answers.

Describing Lin’s actions against the victim as “doxing”, Williams begins by noting that while Lin was the initial aggressor, the fact he made the information so widely available raises the possibility that other people got involved with malicious acts later on. Nevertheless, Lin remains the investigation’s prime suspect.

According to the affidavit, Lin is computer savvy having majored in computer science. He allegedly utilized a number of methods to hide his identity and IP address, including TOR, Virtual Private Network (VPN) services and email providers that “do not maintain logs or other records.”

But if that genuinely is the case, how was Lin caught?

First up, it’s worth noting that plenty of Lin’s aggressive and stalking behaviors towards the victim were demonstrated in a physical sense, offline. In that respect, it appears the authorities already had him as the prime suspect and worked back from there.

In one instance, the FBI examined a computer that had been used by Lin at a former workplace. Although Windows had been reinstalled, the FBI managed to find Google Chrome data which indicated Lin had viewed articles about bomb threats he allegedly made. They were also able to determine he’d accessed the victim’s Gmail account and additional data suggested that he’d used a VPN service.

“Artifacts indicated that PureVPN, a VPN service that was used repeatedly in the cyberstalking scheme, was installed on the computer,” the affidavit reads.

From here the Special Agent’s report reveals that the FBI received cooperation from Hong Kong-based PureVPN.

“Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home Lin was living in at the time, and the software company where Lin was employed at the time,” the agent’s affidavit reads.

Needless to say, while this information will prove useful to the FBI’s prosecution of Lin, it’s also likely to turn into a huge headache for the VPN provider. The company claims zero-logging, which clearly isn’t the case.

“PureVPN operates a self-managed VPN network that currently stands at 750+ Servers in 141 Countries. But is this enough to ensure complete security?” the company’s marketing statement reads.

“That’s why PureVPN has launched advanced features to add proactive, preventive and complete security. There are no third-parties involved and NO logs of your activities.”

 

PureVPN privacy graphic

 

However, if one drills down into the PureVPN privacy policy proper, one sees the following:

Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a ‘connection’ and the total bandwidth used during this connection is called ‘bandwidth’. Connection and bandwidth are kept in record to maintain the quality of our service. This helps us understand the flow of traffic to specific servers so we could optimize them better.

This seems to match what the FBI says – almost. While it says it doesn’t log, PureVPN admits to keeping records of when a user connects to the service and for how long. The FBI clearly states that the service also captures the user’s IP address too. In fact, it appears that PureVPN also logged the IP address belonging to another VPN service (WANSecurity) that was allegedly used by Lin to connect to PureVPN.

That record also helped to complete another circle of evidence. IP addresses used by
Kansas-based WANSecurity and Secure Internet LLC (servers operated by PureVPN) were allegedly used to access Gmail accounts known to be under Lin’s control.

Somewhat ironically, this summer Lin took to Twitter to criticize VPN provider IPVanish (which is not involved in the case) over its no-logging claims.

“There is no such thing as a VPN that doesn’t keep logs,” Lin said. “If they can limit your connections or track bandwidth usage, they keep logs.”

Or, in the case of PureVPN, if they log a connection time and a source IP address, that could be enough to raise the suspicions of the FBI and boost what already appears to be a pretty strong case.

If convicted, Lin faces up to five years in prison and three years of supervised release.

Tagged in: logging, PureVPN

 

[cmdsea]

I just want to watch BBC iPlayer and ITV HUb from UK as I like some of their shows.

 

I used to use Hola or cybergost which were free but no longer.

 

Because I only need low level VPN a free one would be OK for me but I can't find anymore that are free.

Are there any??

Thats exactly what I use it for too.. well ITV, Crackle & Demand 5 too... :-)

 

Anyway, no need for a full VPN just check out Smart DNS Proxy. Sign up for their free one trial and after 2 or 3 weeks you should get a 2 year special offer at US$25;;; cheap and good.!

[ins1dious]

I just want to watch BBC iPlayer and ITV HUb from UK as I like some of their shows.

 

I used to use Hola or cybergost which were free but no longer.

 

Because I only need low level VPN a free one would be OK for me but I can't find anymore that are free.

Are there any??

 

SmartDNS is a pretty good. I stopped using it cos I had trouble with my office DNS.

 

I snagged HotSpot Shield (HSS) lifetime for US$30/- a few years back from

[zipping]

https://torrentfreak.com/purevpn-explains-how-it-helped-the-fbi-catch-a-cyberstalker-171016/

 

 

PureVPN Explains How it Helped the FBI Catch a Cyberstalker

• By Andy
• on October 16, 2017
• C: 87

Breaking

 

After several days of radio silence, VPN provider PureVPN has responded to criticism that it provided information which helped the FBI catch a cyberstalker. In a fairly lengthy post, the company reiterates that it never logs user activity. What it does do, however, is log the IP addresses of users accessing its service.

Early October, Ryan S. Lin, 24, of Newton, Massachusetts, was arrested on suspicion of conducting “an extensive cyberstalking campaign” against a 24-year-old Massachusetts woman, as well as her family members and friends.

The Department of Justice described Lin’s offenses as a “multi-faceted” computer hacking and cyberstalking campaign. Launched in April 2016 when he began hacking into the victim’s online accounts, Lin allegedly obtained personal photographs and sensitive information about her medical and sexual histories and distributed that information to hundreds of other people.

Details of what information the FBI compiled on Lin can be found in our earlier report but aside from his alleged crimes (which are both significant and repugnant), it was PureVPN’s involvement in the case that caused the most controversy.

In a report compiled by an FBI special agent, it was revealed that the Hong Kong-based company’s logs helped the authorities net the alleged criminal.

“Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home Lin was living in at the time, and the software company where Lin was employed at the time,” the agent’s affidavit reads.

Among many in the privacy community, this revelation was met with disappointment. On the PureVPN website the company claims to carry no logs and on a general basis, it’s expected that so-called “no-logging” VPN providers should provide people with some anonymity, at least as far as their service goes. Now, several days after the furor, the company has responded to its critics.

In a fairly lengthy statement, the company begins by confirming that it definitely doesn’t log what websites a user views or what content he or she downloads.

“PureVPN did not breach its Privacy Policy and certainly did not breach your trust. NO browsing logs, browsing habits or anything else was, or ever will be shared,” the company writes.

However, that’s only half the problem. While it doesn’t log user activity (what sites people visit or content they download), it does log the IP addresses that customers use to access the PureVPN service. These, given the right circumstances, can be matched to external activities thanks to logs carried by other web companies.

PureVPN talks about logs held by Google’s Gmail service to illustrate its point.

“A network log is automatically generated every time a user visits a website. For the sake of this example, let’s say a user logged into their Gmail account. Every time they accessed Gmail, the email provider created a network log,” the company explains.

“If you are using a VPN, Gmail’s network log would contain the IP provided by PureVPN. This is one half of the picture. Now, if someone asks Google who accessed the user’s account, Google would state that whoever was using this IP, accessed the account.

“If the user was connected to PureVPN, it would be a PureVPN IP. The inquirer [in the Lin case, the FBI] would then share timestamps and network logs acquired from Google and ask them to be compared with the network logs maintained by the VPN provider.”

Now, if PureVPN carried no logs – literally no logs – it would not be able to help with this kind of inquiry. That was the case last year when the FBI approached Private Internet Access for information and the company was unable to assist.

However, as is made pretty clear by PureVPN’s explanation, the company does log user IP addresses and timestamps which reveal when a user was logged on to the service. It doesn’t matter that PureVPN doesn’t log what the user allegedly did online, since the third-party service already knows that information to the precise second.

Following the example, GMail knows that a user sent an email at 10:22am on Monday October 16 from a PureVPN IP address. So, if PureVPN is approached by the FBI, the company can confirm that User X was using the same IP address at exactly the same time, and his home IP address was XXX.XX.XXX.XX. Effectively, the combined logs link one IP address to the other and the user is revealed. It’s that simple.

It is for this reason that in TorrentFreak’s annual summary of no-logging VPN providers, the very first question we ask every single company reads as follows:

Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user/users of your service? If so, what information do you hold and for how long?

Clearly, if a company says “yes we log incoming IP addresses and associated timestamps”, any claim to total user anonymity is ended right there and then.

While not completely useless (a logging service will still stop the prying eyes of ISPs and similar surveillance, while also defeating throttling and site-blocking), if you’re a whistle-blower with a job or even your life to protect, this level of protection is entirely inadequate.

The take-home points from this controversy are numerous, but perhaps the most important is for people to read and understand VPN provider logging policies.

Secondly, and just as importantly, VPN providers need to be extremely clear about the information they log. Not tracking browsing or downloading activities is all well and good, but if home IP addresses and timestamps are stored, this needs to be made clear to the customer.

Finally, VPN users should not be evil. There are plenty of good reasons to stay anonymous online but cyberstalking, death threats and ruining people’s lives are not included. Fortunately, the FBI have offline methods for catching this type of offender, and long may that continue.

PureVPN’s blog post is available here.

Tagged in: no-logging, PureVPN

 

[zipping]

https://torrentfreak.com/vpn-server-seized-to-investigate-russian-ambassadors-assassination-1171219/

 

 

 

VPN Server Seized to Investigate Russian Ambassador’s Assassination

• By Ernesto
• on December 19, 2017
• C: 40

News

 

A VPN server operated by ExpressVPN was seized by Turkish authorities to investigate the assassination of Andrei Karlov, the Russian Ambassador to Turkey. Authorities hoped to find more information on people who removed digital traces of the assassin, but the server in question held no logs.

VPNs are valuable tools for people who want to use the Internet securely and maintain their anonymity. They are vital for whistleblowers and people who rebel against Government oppression.

As with any online service, they can also be used for criminal purposes. According to Turkish news sources, this is also what happened following the assassination of Andrei Karlov, the Russian Ambassador to Turkey, exactly one year ago.

Karlov was shot dead in Ankara by Mevlüt Mert Altıntaş, an off-duty Turkish police officer. While that much is clear, the investigation into the assassination is not closed yet.

When the authorities tried to find links to other people that may have been involved, they found out that the policeman’s Gmail and Facebook had been deleted. This happened remotely over a VPN connection, operated by ExpressVPN.

To find out more, the authorities raided the datacenter and seized the server through which the connection went. This all happened last January, but the information just came out today.

Like many other VPN services nowadays, ExpressVPN doesn’t store any logs, and this is what the investigators soon found out as well. An inspection of the server in question yielded no useful information.

Following the seizure, an investigator also reached out to ExpressVPN directly, asking for logs. The VPN provider is incorporated in the British Virgin Islands and only responds to local court orders, but the investigator was informed that they don’t store connection or activity logs.

“As we stated to Turkish authorities in January 2017, ExpressVPN does not and has never possessed any customer connection logs that would enable us to know which customer was using the specific IPs cited by the investigators,” ExpressVPN writes in a statement.

“Furthermore, we were unable to see which customers accessed Gmail or Facebook during the time in question, as we do not keep activity logs. We believe that the investigators’ seizure and inspection of the VPN server in question confirmed these points.”

Speaking with TorrentFreak, the VPN provider mentions that they’ve had physical server seizures in the past, but generally not more than a few times per year.

These seizures are not announced in public, but the company stresses that user anonymity is their highest priority.

“While we don’t have a policy of announcing such incidents, we’ve designed our technology to ensure that VPN servers do not possess logs which would enable a third party to determine sensitive information about our users, such as their VPN activity or connections.

“A physical server seizure is therefore highly unlikely to provide relevant information to someone trying to determine data about specific usage,” ExpressVPN tells us.

Incidents like these show that decent VPNs do what they’re set out to. They safeguard the privacy of users which, like the Internet in general, can be used for good and bad.

It also highlights the importance of the server location. When servers are operated by third-party companies in foreign jurisdictions, they can be easily targeted, or perhaps even worse, monitored.

ExpressVPN told TorrentFreak that after the seizure incident in Turkey, the company decided to no longer use physical servers in Turkey. Instead, they provide a virtual location with Turkey-registered IP addresses pointing to VPN servers hosted in the Netherlands.

The VPN provider regrets that its services were used for unlawful purposes but says that its policies will remain the same.

“While it’s unfortunate that security tools like VPNs can be abused for illicit purposes, they are critical for our safety and the preservation of our right to privacy online. ExpressVPN is fundamentally opposed to any efforts to install ‘backdoors’ or attempts by governments to otherwise undermine such technologies,” the company concludes.

—

Disclosure: ExpressVPN is a TorrentFreak sponsor

 

[Neutrino]

SmartDNS is a pretty good. I stopped using it cos I had trouble with my office DNS.

 

I snagged HotSpot Shield (HSS) lifetime for US$30/- a few years back from

[ins1dious]

Still can't find a VPN which works for UK TV (BBC iPlayer and ITV Hub).

It seems that once the provider finds that you are using a VPN then it won't let you view programmes any longer.

 

This was the situation even when I was in UK and tried to watch BBC using a VPN.

 

 

 

Don't know about ITV Hub... but HSS still works for iPlayer for me

[Titanium]

I used openvpn. Free de.

[Neutrino]

I used openvpn. Free de.

 

Thanks.

 

I think I've looked at that before but it appears too complicated for a non techie.

 

I can't even see a download key to click on, never mind the configuration stuff.

[Titanium]

Thanks.

 

I think I've looked at that before but it appears too complicated for a non techie.

 

I can't even see a download key to click on, never mind the configuration stuff.

 

Just download the config files from http://www.vpngate.net/ and place them into the configuration folder, then right click on the icon to choose which location you want.