DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

A VPN Service that is safe to use

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Leowu
    replied
    I often had to change vpn. I made a selection of services, their worth and disadvantages in my opinion. Here link is someone need: www.bestadvisor.com/vpn-services
    I hope it'll be useful :)

    Leave a comment:


  • IamGenZod
    replied
    I have used ProtonVPN for some time now and have been happy with the service. They claim not to keep logs but as Dark Tangent mentioned above, unless you know someone who works for them or work for them yourself its almost a crap shoot.

    Leave a comment:


  • number6
    replied
    An on-topic article:
    URL1=https://www.buzzfeednews.com/article...s-sensor-tower

    Originally posted by URL1

    Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data
    Sensor Tower has owned at least 20 apps that track data passing through people’s phones.

    Craig Silverman
    BuzzFeed News Reporter
    Posted on March 9, 2020, at 4:05 p.m. ET

    Sensor Tower, a popular analytics platform for tech developers and investors, has been secretly collecting data from millions of people who have installed popular VPN and ad-blocking apps for Android and iOS, a BuzzFeed News investigation has found. These apps, which don’t disclose their connection to the company or reveal that they feed user data to Sensor Tower’s products, have more than 35 million downloads.

    Since 2015, Sensor Tower has owned at least 20 Android and iOS apps. Four of these — Free and Unlimited VPN, Luna VPN, Mobile Data, and Adblock Focus — were recently available in the Google Play store. Adblock Focus and Luna VPN were in Apple's App Store. Apple removed Adblock Focus and Google removed Mobile Data after being contacted by BuzzFeed News. The companies said they continue to investigate.

    Once installed, Sensor Tower's apps prompt users to install a root certificate, a small file that lets its issuer access all traffic and data passing through a phone. The company told BuzzFeed News it only collects anonymized usage and analytics data, which is integrated into its products. Sensor Tower’s app intelligence platform is used by developers, venture capitalists, publishers, and others to track the popularity, usage trends, and revenue of apps.

    Armando Orozco, an Android analyst for Malwarebytes, said giving root privileges to an app exposes a user to significant risk.

    “Your typical user is going to go through this and think, Oh, I‘m blocking ads, and not really be aware of how invasive this could be,” he said.

    Randy Nelson, Sensor Tower’s head of mobile insights, said the company did not disclose ownership of the apps for competitive reasons.

    “When you consider the relationship between these types of apps and an analytics company, it makes a lot of sense — especially considering our history as a startup,” he said, adding that the company originally started with the goal of building an ad blocker. (He was unable to provide media coverage or other evidence of this early focus.)

    Nelson said the company’s apps do not collect sensitive data or personally identifiable information and that “the vast majority of these apps listed are now defunct (inactive) and a few are in the process of sunsetting.”

    In most cases, the apps are no longer available because they were removed due to policy violations. A dozen of the Sensor Tower apps were previously removed from the iOS App Store due to violations, according to an Apple spokesperson. After being contacted by BuzzFeed News, Apple removed Adblock Focus and said it is continuing to investigate Luna VPN.

    Google is investigating the apps but did not comment by deadline.

    “We take the app stores’ guidelines very seriously and make a concerted effort to comply with them, along with any changes to these rules that occur from time to time,” Nelson said.

    Apple and Google restrict root certificate privileges due to the security risk to users. Sensor Tower’s apps bypass the restrictions by prompting users to install a certificate through an external website after an app is downloaded.

    Luna VPN, for example, shows a notification that offers the ability to block ads on YouTube if a user adds the Adblock extension, another SensorTower product. This kick-starts a process that results in a root certificate installation.

    “Our apps do not track, request, or store any sensitive user data such as passwords, usernames, etc., from users or other apps on a user’s device, including web browsers,” Nelson said.

    BuzzFeed News connected the apps to Sensor Tower by discovering they contain code authored by developers who work for the company. The online résumé of one Sensor Tower developer, whose GitHub username is in the code of multiple apps, said he built "Android apps to power the Sensor Tower analytics platform." The personal website of another Sensor Tower developer said he’s “Working on awesome top secret iOS Projects.”
    "Once installed, Sensor Tower's apps prompt users to install a root certificate, a small file that lets its issuer access all traffic and data passing through a phone." : Yikes!

    "Apple and Google restrict root certificate privileges due to the security risk to users. Sensor Tower’s apps bypass the restrictions by prompting users to install a certificate through an external website after an app is downloaded." : Double Yikes!

    Leave a comment:


  • matthew01
    replied
    Originally posted by Goshtopaza View Post
    Folks,

    I need solid assistance.

    I am in need of a VPN Provider which do not log anything and is approved safe to use.
    I used NordVPN, but I am not satisfied, since its commercial and have subsidiaries in the USA (surveillance).
    Vypr VPN is not trustfully, since they don't answer my questions properly and with phrases, based on swiss rights (They didn't answer my questions about privacy law etc.)
    Plus the "reviews" on the site are - I don't know - a solid provider don't need this.
    Anyone with experience here, who can say what VPN is the best for several activities?

    Regards,
    Maybe you got a correct answer for the reason that the thread was old however, You find a VPN for several activities or log authentication, I recommend you to go with fastestVPN

    Leave a comment:


  • UnshakeableSalt
    replied
    It all comes down to what you are wanting to do that you are worried about someone tracking/logging/auditting your activities.

    As correctly pointed out above, the normal use case is to just secure your point of connection to a known safe place or to by-pass a control. For example, untrusted network connections such as Public Wifi in a bar - or to get around ISP filtering to allow access to content that a known network provider prohibits.

    For this, I personally use ProtonVPN - as I'm a ProtonMail user anyway and it's the usual Swiss privacy. Alternatively I also have the ability to VPN back to my home firewall - so for all intensive purposes I'm still connecting via home. Handy when you also lock down cloud environment to only connect from a known good IP address.

    Now for the nefarious use - when you don't want ANYONE knowing what you are doing.

    Lets face it - it doesnt exist as a service. If there is someone offering it as a service, then it can be compromised as there is 'someone' 'somewhere' involved that you have to trust to protect your activity. That Someone somewhere will always be able or capable of tracking / logging what you do. The network providers globally have laws they have to comply with and government agencies / nation states are always going to be capable of tracking. The only way to get around this is 'not be you' when you connect e.g. changing the digital fingerprint of what you look like when you connect.



    Leave a comment:


  • JC318
    replied
    ProtonMail offers a VPN service, I think. PROTONVPN.

    Leave a comment:


  • Blind
    replied
    Originally posted by Dark Tangent
    I think the only way you would know if they don't keep logs is if you know someone who works at the provider and can tell you honestly.

    The other issue you may have is that they don't keep logs.. until they get asked by law enforcement (In whatever country) to start logging your account, at which point they can't legally tell you what they are doing.

    So basically VPN is good for getting away from your ISP watching you, or tricking the BBC into letting you watch TV shows even if you don't live in the UK, but beyond that I wouldn't trust them. It all depends on your threat model.
    I honestly wish this wasn't as true as it is. I really don't think there is a true log free provider anymore.

    Leave a comment:


  • 4D4M
    replied
    I like TorGuard for cross platform. Tor stands for torrent not tor project.

    Leave a comment:


  • Dark Tangent
    replied
    I think the only way you would know if they don't keep logs is if you know someone who works at the provider and can tell you honestly.

    The other issue you may have is that they don't keep logs.. until they get asked by law enforcement (In whatever country) to start logging your account, at which point they can't legally tell you what they are doing.

    So basically VPN is good for getting away from your ISP watching you, or tricking the BBC into letting you watch TV shows even if you don't live in the UK, but beyond that I wouldn't trust them. It all depends on your threat model.

    Leave a comment:


  • Goshtopaza
    started a topic A VPN Service that is safe to use

    A VPN Service that is safe to use

    Folks,

    I need solid assistance.

    I am in need of a VPN Provider which do not log anything and is approved safe to use.
    I used NordVPN, but I am not satisfied, since its commercial and have subsidiaries in the USA (surveillance).
    Vypr VPN is not trustfully, since they don't answer my questions properly and with phrases, based on swiss rights (They didn't answer my questions about privacy law etc.)
    Plus the "reviews" on the site are - I don't know - a solid provider don't need this.
    Anyone with experience here, who can say what VPN is the best for several activities?

    Regards,
Working...
X