View Single Post
  #61  
Old 19 June 2013, 10:29
Polypro's Avatar
Polypro Polypro is offline
BTDT
 
Join Date: Oct 1999
Location: A Noisy Bar In Avalon
Posts: 13,083
Quote:
Originally Posted by Sharky View Post
Another one that rated high was "Hide My Ass" and it is slightly cheaper.
This is where hanging out in this "area" of the internet helps. HMA, despite what they say, will roll over.

https://www.informationweek.com/secu...scom/231602248

Now, let me first say this: I don't like criminals either. I fully understand that a business has to follow the laws of their jurisdiction. BUT, that doesn't mean they have to do one iota more, to make it easier. HMA, despite "no logs" in their marketing material, obviously logged. There is no requirement to log that I have seen, anywhere...even in the US (which is sadly funny to even have to say...wherefore art thou Thomas Jefferson?).

Technically, the only time your IP address should be visible to the VPN operator, is when you are actually connected to it. After that, it should disappear. HMA obviously decided to keep records, despite the marketing spiel.

HushMail is the same way - great rep, but they stated that they will infect you with malware, to get your pass, if asked by a court.

You need to use systems that are designed to make that stuff technically impossible.

Now, is there still trust involved? Of course. Unless you run the service yourself, trust is needed. Mullvad said they don't log, and I believe them. But am I *sure*? Nope, because I don't work there. You have to go on reputation and past performance.

The 3 VPN providers that always rise to the top from actual customers, are: Mullvad, Air, and Boleh. Are there others? Probably. Read the terms of service as far as logging, and look at where the HQ is located as far as internet privacy laws go, and what it would require from a court, to roll over.

Mullvad takes cash - cool. Air takes Bitcoin, and allows connections via Tor - cool. I think Boleh takes Bitcoin too.

Also, if you *are* a crook, and can be presented with proof of that, by a court, it *is* possible for a VPN to re-configure your account *to log*, and provide real-time connection data to LE. They may not be able to read your traffic, but they can tell when you are on. No business is going to go to bat for a crook. But other than actual proof, a good VPN will should be able to say "we have nothing to give you" during fishing expeditions.

P
__________________
What, you want to be part of a choir in an echo chamber? Provocate!

Last edited by Polypro; 19 June 2013 at 10:35.
Reply With Quote