Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
VPN Security. How secure is really?
30 views
Skip to first unread message
Ferrous Cranus
Jan 14, 2013, 10:45:09 AM1/14/13
to
VPN services state:
Exactly, we provide our customers with a private, secure VPN tunnel, and we do not monitor nor retain logs pertaining to their connectivity, traffic, or activities. It's what keeps us in business.
--------------------------------------
a) If one individual harrases on purpose another one? And for the sake of example lets say:
I use an anonymous mail service to KEEP sending mails to someone (for some reason) WHILE connected to their VPN.
That person gets irritated and contacts the anonymous mail service about the annoying mails derived from their service and ask them to investigate further.
The latter checks it's logging database and see clear that one of THEIR VPN gateways was used upon connecting to them.
Then they ask them to detect that customer based on his usage and disclose personal information about him.
What WILL they do? (please answer sincerely)
b) Prior of their TAP driver execution, REAL ip address exist.
How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=> VPN_ip_address ) at the very moment we connect to their VPN service?
Also, as for the randonly_assigned_username, which cannot be modified, isn't that "username" what uniquely identifies each and every customer of theirs?
p.s. I need some sincere answers to decide if i'am to be a regular customer. Please be sincere.
Thanks in advance.
Exactly, we provide our customers with a private, secure VPN tunnel, and we do not monitor nor retain logs pertaining to their connectivity, traffic, or activities. It's what keeps us in business.
--------------------------------------
a) If one individual harrases on purpose another one? And for the sake of example lets say:
I use an anonymous mail service to KEEP sending mails to someone (for some reason) WHILE connected to their VPN.
That person gets irritated and contacts the anonymous mail service about the annoying mails derived from their service and ask them to investigate further.
The latter checks it's logging database and see clear that one of THEIR VPN gateways was used upon connecting to them.
Then they ask them to detect that customer based on his usage and disclose personal information about him.
What WILL they do? (please answer sincerely)
b) Prior of their TAP driver execution, REAL ip address exist.
How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=> VPN_ip_address ) at the very moment we connect to their VPN service?
Also, as for the randonly_assigned_username, which cannot be modified, isn't that "username" what uniquely identifies each and every customer of theirs?
p.s. I need some sincere answers to decide if i'am to be a regular customer. Please be sincere.
Thanks in advance.
unruh
Jan 14, 2013, 12:42:47 PM1/14/13
to
On 2013-01-14, Ferrous Cranus <nikos...@gmail.com> wrote:
> VPN services state:
> Exactly, we provide our customers with a private, secure VPN tunnel, and we do not monitor nor retain logs pertaining to their connectivity, traffic, or activities. It's what keeps us in business.
> --------------------------------------
>
> a) If one individual harrases on purpose another one? And for the sake of example lets say:
>
> I use an anonymous mail service to KEEP sending mails to someone (for some reason) WHILE connected to their VPN.
> That person gets irritated and contacts the anonymous mail service about the annoying mails derived from their service and ask them to investigate further.
> The latter checks it's logging database and see clear that one of THEIR VPN gateways was used upon connecting to them.
> Then they ask them to detect that customer based on his usage and disclose personal information about him.
> What WILL they do? (please answer sincerely)
The various US laws may well force them to keep some data for
> VPN services state:
> Exactly, we provide our customers with a private, secure VPN tunnel, and we do not monitor nor retain logs pertaining to their connectivity, traffic, or activities. It's what keeps us in business.
> --------------------------------------
>
> a) If one individual harrases on purpose another one? And for the sake of example lets say:
>
> I use an anonymous mail service to KEEP sending mails to someone (for some reason) WHILE connected to their VPN.
> That person gets irritated and contacts the anonymous mail service about the annoying mails derived from their service and ask them to investigate further.
> The latter checks it's logging database and see clear that one of THEIR VPN gateways was used upon connecting to them.
> Then they ask them to detect that customer based on his usage and disclose personal information about him.
> What WILL they do? (please answer sincerely)
investigatory purposes. They will not have a choice.
>
>
> b) Prior of their TAP driver execution, REAL ip address exist.
> How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=> VPN_ip_address ) at the very moment we connect to their VPN service?
other.
>
> Also, as for the randonly_assigned_username, which cannot be modified, isn't that "username" what uniquely identifies each and every customer of theirs?
username that identifies as far as the system is concerned)
Lusotec
Jan 14, 2013, 1:39:23 PM1/14/13
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Ferrous Cranus wrote:
> VPN services state:
> Exactly, we provide our customers with a private, secure VPN tunnel, and
> we do not monitor nor retain logs pertaining to their connectivity,
> traffic, or activities. It's what keeps us in business.
Even if your VPN provider does not keep logs, someone just has to seat and
wait for you to connect to the VPN provider again. And who that someone may
be? Someone with a warrant and/or gun and/or hacking tools that knock at the
door/network of your VPN provider.
> --------------------------------------
>
> a) If one individual harrases on purpose another one? And for the sake of
> example lets say:
>
> I use an anonymous mail service to KEEP sending mails to someone (for some
> reason) WHILE connected to their VPN. That person gets irritated and
> contacts the anonymous mail service about the annoying mails derived from
> their service and ask them to investigate further. The latter checks it's
> logging database and see clear that one of THEIR VPN gateways was used
> upon connecting to them. Then they ask them to detect that customer based
> on his usage and disclose personal information about him. What WILL they
> do? (please answer sincerely)
Uh, hope that is just an example!!!
> b) Prior of their TAP driver execution, REAL ip address exist.
> How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=>
> VPN_ip_address ) at the very moment we connect to their VPN service?
>
> Also, as for the randonly_assigned_username, which cannot be modified,
> isn't that "username" what uniquely identifies each and every customer of
> theirs?
>
> p.s. I need some sincere answers to decide if i'am to be a regular
> customer. Please be sincere.
>
> Thanks in advance.
My advice is to *not* blindly trust a VPN provider.
Regards.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iF4EAREIAAYFAlD0UNsACgkQGQjO2ccW76p5IwD+OdHLMmixxrKxC+mIrdblCG/u
t6iqaMxw7QUfykv6ufgA/1MGSg2Z9V/sS3uTmHAjgkQzjcGhXsaSNN2UQNaDFIk7
=H+Aa
-----END PGP SIGNATURE-----
Hash: SHA256
Ferrous Cranus wrote:
> VPN services state:
> Exactly, we provide our customers with a private, secure VPN tunnel, and
> we do not monitor nor retain logs pertaining to their connectivity,
> traffic, or activities. It's what keeps us in business.
wait for you to connect to the VPN provider again. And who that someone may
be? Someone with a warrant and/or gun and/or hacking tools that knock at the
door/network of your VPN provider.
> --------------------------------------
>
> a) If one individual harrases on purpose another one? And for the sake of
> example lets say:
>
> I use an anonymous mail service to KEEP sending mails to someone (for some
> reason) WHILE connected to their VPN. That person gets irritated and
> contacts the anonymous mail service about the annoying mails derived from
> their service and ask them to investigate further. The latter checks it's
> logging database and see clear that one of THEIR VPN gateways was used
> upon connecting to them. Then they ask them to detect that customer based
> on his usage and disclose personal information about him. What WILL they
> do? (please answer sincerely)
> b) Prior of their TAP driver execution, REAL ip address exist.
> How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=>
> VPN_ip_address ) at the very moment we connect to their VPN service?
>
> Also, as for the randonly_assigned_username, which cannot be modified,
> isn't that "username" what uniquely identifies each and every customer of
> theirs?
>
> p.s. I need some sincere answers to decide if i'am to be a regular
> customer. Please be sincere.
>
> Thanks in advance.
Regards.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iF4EAREIAAYFAlD0UNsACgkQGQjO2ccW76p5IwD+OdHLMmixxrKxC+mIrdblCG/u
t6iqaMxw7QUfykv6ufgA/1MGSg2Z9V/sS3uTmHAjgkQzjcGhXsaSNN2UQNaDFIk7
=H+Aa
-----END PGP SIGNATURE-----
Ferrous Cranus
Jan 14, 2013, 3:02:18 PM1/14/13
to
Τη Δευτέρα, 14 Ιανουαρίου 2013 7:42:47 μ.μ. UTC+2, ο χρήστης unruh έγραψε:
> The various US laws may well force them to keep some data for
>
> investigatory purposes. They will not have a choice.
So, they are ALL lying about how secure and private their customers really are?
> The various US laws may well force them to keep some data for
>
> investigatory purposes. They will not have a choice.
> > How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=> VPN_ip_address ) at the very moment we connect to their VPN service?
> Of course they do, otherwise they could not send packets from one to the other.
> They may have lots of other information. (Note it is the uid, not the
> username that identifies as far as the system is concerned)
Do you guys use VPN Services for security and anonymity?
Is there any VPN available that doesn't do logging?
And IF they are log-less, HOW hackers get cought then? :-)
unruh
Jan 14, 2013, 3:10:45 PM1/14/13
to
On 2013-01-14, Ferrous Cranus <nikos...@gmail.com> wrote:
> ???? ??????????????, 14 ???????????????????? 2013 7:42:47 ??.??. UTC+2, ?? ?????????????? unruh ????????????:
>
>> The various US laws may well force them to keep some data for
>>
>> investigatory purposes. They will not have a choice.
>
> So, they are ALL lying about how secure and private their customers really are?
>
>
>> > How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=> VPN_ip_address ) at the very moment we connect to their VPN service?
>> Of course they do, otherwise they could not send packets from one to the other.
>
> Then, we can only HOPE that they do not perform logging. But if they are forced by the law then THEY ARE.
>
>
>> They may have lots of other information. (Note it is the uid, not the
>> username that identifies as far as the system is concerned)
>
> and 'uid' being ? What are they using it for? To distingush customares?
On a Unix system, the uid is the unique user id number. a uid can have
>> The various US laws may well force them to keep some data for
>>
>> investigatory purposes. They will not have a choice.
>
> So, they are ALL lying about how secure and private their customers really are?
>
>
>> > How can we know for sure that they DO NOT ASSOCIATE ( ISP_ip_address <=> VPN_ip_address ) at the very moment we connect to their VPN service?
>> Of course they do, otherwise they could not send packets from one to the other.
>
> Then, we can only HOPE that they do not perform logging. But if they are forced by the law then THEY ARE.
>
>
>> They may have lots of other information. (Note it is the uid, not the
>> username that identifies as far as the system is concerned)
>
> and 'uid' being ? What are they using it for? To distingush customares?
various names associated with it (it does not usually, but it can).
>
>
> Do you guys use VPN Services for security and anonymity?
> Is there any VPN available that doesn't do logging?
additionally are legally ( with penalties of many years in jail)
required not to tell the person being logged. Non Us providers are not
(well, the US seems to feel that its laws apply worldwide, so if they
really want to they can arrest that provider if they ever come to the
US, or, in really severe circumstances, they can send out teams to
capture or otherwise deal with people even if they are in foreign
countries, but that tends to be rare) required to follow those laws (
although they may have equivalent laws in their own countries).
>
> And IF they are log-less, HOW hackers get cought then? :-)
>
always, the crook just needs to make one mistake, the people looking for
them can make and correct many mistakes.
Ferrous Cranus
Jan 15, 2013, 1:58:26 AM1/15/13
to
Understood! Thanks!
Now to the technical part:
[ local_ip:local_port <=> external_ip:external:port ] <=> ISP_gateway:port <=> VPN_server:port
What part of the above is being encrypted?
Now to the technical part:
[ local_ip:local_port <=> external_ip:external:port ] <=> ISP_gateway:port <=> VPN_server:port
What part of the above is being encrypted?
Lew Pitcher
Jan 23, 2013, 10:06:41 AM1/23/13
to
Assuming that this diagram represents the "provider" end of a commercial
enterprise that uses VPN, then even the path from "local" to "VPN" may be
encrypted, possibly by a pair of commercial, hardwired encryption devices,
one at each end.
But, then again, you might have that diagram wrong, for commercial
enterprises. It probably should be drawn as:
local_ip: <=> VPN_server: <=> external_ip: <=> ISP_gateway:
That's the way I've seen it done in high-security commercial enterprises
(like banks).
OTOH, assuming that your diagram represents the "provider" end of an
*amateur* setup, then the path from local to VPN may not even have minimal
encryption.
The part that's most likely to be encrypted is the part that you /didn't/
draw: the VPN_server:port <=> VPN_client:port, which is the "public" part of
the process, living in the Internet "cloud". But, in a poorly set up VPN,
even /that/ part might not be encrypted, or may be protected with minimal,
breakable encryption.
HTH
--
Lew Pitcher
Jared Twyler
Dec 28, 2014, 4:46:53 PM12/28/14
to
Argentina (Residential ISP: Gigared, S.A.)
Brazil (Residential ISP: CTBC / Algar Telecom)
Canada (Residential ISP: Bell Canada)
Chile (Residential ISP: GTD Internet, S.A.)
China (Residential ISP: China Telecom)
Costa Rica (Residential ISP: Radiografica Costarricense)
Hungary (Residential ISP: Invitel Tavkozlesi Zrt.)
India (Residential ISP: Tata Communications)
Israel (Residential ISP: Bezeq International)
Italy (Residential ISP: Telecom Italia)
Italy (Residential ISP: Tiscali)
Italy (Residential ISP: KPNQ West Italia)
Mexico (Residential ISP: Iusacell)
New Zealand (Residential ISP: Voyager Internet, Ltd.)
Norway (Residential ISP: Altibox)
Panama (Residential ISP: Cable Onda)
Romania (Residential ISP: RCS & RDS)
Singapore (Residential ISP: Tata Communications)
Slovenia (Residential ISP: Tusmobil, D.O.O.)
South Africa (Residential ISP: Mweb)
Taiwan (Residential ISP: Chunghwa Telecom Co., Ltd.)
United Arab Emirates (Residential ISP: Emirates Integrated Telecommunications Co.)
Residential VPN Services: https://www.intl-alliance.com/store/cart.php?gid=15
Residential Remote Desktops: https://www.intl-alliance.com/store/cart.php?gid=17
Residential SSHv2 Tunnels: https://www.intl-alliance.com/store/cart.php?gid=18
0 new messages