Külföldi torrent oldalak 2. Which Vpn Services Take Your Anonymity Seriously? 2015 Edition

A témát ebben részben 'Torrent oldalak hírei' Dred hozta létre. Ekkor: 2015. február 28..

  1. Dred

    Dred /

    Csatlakozott:
    2012. április 05.
    Hozzászólások:
    5,810
    Kapott lájkok:
    1,815
    Beküldött adatlapok:
    0
    Part 2



    1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?

    2. Under what jurisdiction(s) does your company operate?

    3. What tools are used to monitor and mitigate abuse of your service?

    4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users?

    5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled?

    6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened?

    7. Does your company have a warrant canary or a similar solution to alert customers to gag orders?

    8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?

    9. Which payment systems do you use and how are these linked to individual user accounts?

    10. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?

    11. Do you use your own DNS servers? (if not, which servers do you use?)

    12. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located?



    LIQUIDVPN
    liquid1. The VPN servers do not store user authentication logs. Once a user logs off of our VPN network we have no way of knowing which IP they were assigned or which server they were using let alone the time of day they logged in at.

    2. USA

    3. The main tools in place at the network level are SNMP and Mikrotik Layer 7 firewall rules. At the host level its Zabbix and OSSEC.

    4. LiquidVPN hosts everything on servers we control.

    5. As much as I would love to toss these in the trash it would be impossible to keep the servers online if I did so. Most USA data centers require action to be taken within 24 hours or they automatically null route the IP until corrective action has been taken. In the UK and Europe many data centers that require any action at all give us 48 hours before an automatic null route of the IP address. When we are required to take action we will rate limit the port in question down to 5Kb/s for 24 to 48 hours.

    Here is our exact process.
    1. Post the DMCA notice to the Transparency Reports section along with the intended course of action if there is one.
    2. Post a link on Twitter.
    3. If we are required to take action and update the data center we will rate limit transfers on the offending port to 5Kbs

    6. This has never happened. In the event that it does happen our attorney will post the court order and our intended action in the transparency reports section I linked above. If there is a gag order of some sort our Warrant Canary will stop being updated. We do abide by the law so in the end we would have to send over the information requested on a user.

    7. Yes we do.

    8. Yes it is.

    9. PayPal, Credit Card, Bitcoin and Cash are accepted. Our payment data and VPN user data are completely separate. We only require a first name, country and email address to sign up unless you are paying by credit card. Due to the obscene number of charge backs we were getting on credit card transactions we had to begin collecting addresses and phone numbers for credit card transactions. When an order is placed the webserver logs the IP and time of order. Other actions on the website will also trigger the same logging event. These logs are purged after 6 months.

    10. We have a very easy to use kill switch and also provide directions on setting up a full-fledged firewall to protect against leaks, drops and much more if the user is so inclined. Our client enables DNS leak protection by default. We provide private DNS servers, reverse proxies aka SMARTDNS (in beta) and of course IP Modulation. IP modulation shares a pool of IP addresses with dozens or even hundreds of other users and each connection has a random chance to modulate the IP. An average webpage makes 30+ connections for it to load completely. In theory on a modulating IP address your traffic could appear to be coming from 30 different IP addresses.

    Currently the best encryption OpenVPN supports without being modified is AES-256-CBC. So this is what I would recommend for most people. I would recommend 2048 to 4096 bit RSA keys. I would tell users to make sure a TLS key is used and some form of server certificate verification is enabled in the configuration file. I would tell them to MAKE SURE there is an auth SHA256/SHA512 line in their configuration file and that tls-cipher is defined.

    11. Of course and we are 90% finished converting them all to communicate on private subnets only.

    12. We do not own the equipment it is on short term leases and collocated around the world. We do not like to be married to a data center in case a privacy issue comes up and we have to pull out quickly. We choose our data centers very carefully but things change very quickly politically in a lot of these regions. We currently have servers in Canada, UK, USA, Netherlands, Switzerland, Germany and Romania.

    LiquidVPN website

    AIRVPN
    airvpn1. No, we don’t keep such logs.

    2. Italy.

    3. We use internally written tools to mitigate attacks against our VPN servers as well as DDoS attacks originating from clients behind our servers.

    4. No, we don’t.

    5. They are ignored, except when they refer to web sites running behind our VPN servers. Due to our service features, it is perfectly possible to run web sites from behind our servers: we also provide DDNS for free to our customers. For these specific cases, we can act similarly to a hosting provider and we verify that the web site is compliant to our Terms of Service. We have had web sites spreading viruses and other malware (verified without any doubt) and we intervened to quickly stop them when we were warned about the issue.

    6. Since we can’t provide information that we don’t have, an “ex-post” investigation is the only solution, if and when applicable. So far we have had no court orders of this kind.

    7. No, we don’t. While a warrant canary’s effectiveness is questionable, we recommend to use technical means to solve the problem at its roots. When a customer can’t afford to trust us for the sensitivity of his/her activities, he/she can simply use Tor over OpenVPN, or OpenVPN over Tor, to get an immediate protection which a warrant canary, not even if updated every day, will never be able to provide.

    8. Yes, it’s allowed on every and each server. We do not discriminate against any protocol or application and we do not monitor traffic or traffic type.

    9. We accept Bitcoin, a wide range of cryptocoins, PayPal and major credit cards. About PayPal and credit cards, the usual information pertaining to the transaction and account/credit card holder are retained by the financial institutions, and it is possible to correlate a payment to a user (which is good for refund purposes when required). When this is unacceptable for security reasons, then Bitcoin or some other cryptocoin should be used. Bitcoin can also be provided with a strong anonymity layer simply by running the Bitcoin client behind Tor.

    10. Our service setup, based on OpenVPN, is the following: 4096 bit RSA keys size, AES-256-CBC Data Channel, 4096 bit Diffie-Hellman keys size, HMAC SHA1 Control Channel, TLS additional authorization layer key: 2048 bit.

    Perfect Forward Secrecy through Diffie-Hellman key exchange DHE. After the initial key negotiation, re-keying is performed every 60 minutes (this value can be lowered unilaterally by the client). Due to the serious doubts about NIST standard Elliptic Curves parameters being manipulated by NSA, we feel to share Bruce Schneier’s considerations to not use ECC.

    Our free and open source client Eddie (under GPLv3) for Linux, Windows, OS X Mavericks and Yosemite, implements features which prevent the typical DNS leaks in Windows and any other leak (for example in case of unexpected VPN disconnection). Leaks prevention, called “Network Lock”, is not a trivial kill-switch, but it prevents various leaks that a classical kill switch can’t block: leaks caused by WebRTC, by programs binding to all interfaces on a misconfigured system and by malevolent software which tries to determine the “real” IP address. In the future, probably before the end of 2015, our client will be available, as usual free and open source according to our mission, for other VPN services too.

    We provide guides, based on firewalls and not, to prevent leaks on various systems for all those persons who can’t or don’t wish to use our client Eddie.

    11. Yes, we use our own DNS servers.

    12. Our servers are housed in datacenters which we have physical access to, provided that the access is arranged in advance for security reasons. Datacenters must comply to some technical and privacy requirements. With rare exceptions, a datacenter must have a PoP to at least one tier1 provider. Without exceptions, datacenter must be network neutral, must provide bandwidth redundancy, minimum uptime of 99.8% and our servers must have a dedicated port and a guaranteed bandwidth. We have servers located in Canada, France, Germany, Hong Kong, Latvia, Netherlands, Portugal, Romania, Singapore, Spain, Sweden, Switzerland, Ukraine, USA. We work or have been working with big and small providers, such as Amanah, IBM, Leaseweb, Voxility, HugeServers, Serveria, YesUp, Teknikbyran, just to name a few.

    AirVPN website

    VPN.S
    vpns1. We do not keep logs that could match time stamp of a user.

    2. Australia

    3. If there is a *serious* abuse that we have been alerted to, we may use string matching in the firewall to DROP packets containing the particular abuse, or block outbound traffic to a particular IP. We do not monitor for abuse, abuse alerts come from third parties such as fail2ban services.

    4. We host our own Mail server along with a support system on our own Colocated equipment. Live chat system is Zopim, unfortunately we have not been able to find adequate self hosted software solutions that meet our requirements for live chat however we do review this option once to twice a year incase something becomes available


    5. We do not track our users, therefore the notices cannot be acted upon, due to the fact the DMCA notices cannot be verified we respond to the notices in this manner.

    6. We have yet to encounter this. Our policy is to adhere to the court order, however due to our no logging policy it would be impossible to provide in-the-past information on any user. If the user is active and the court order contains specific end point IPs it is possible by firewall matching the user could be identified.

    7. yes.

    8. Yes.

    9. Bitcoin, Perfect Money, PayPal, Visa/MC,

    10. We provide OpenVPN which can be used across multiple devices with our 2048bit keys, our Windows, OSX, Linux application provides DNS Leak and protection if VPN is dropped within the application settings, we can also provide tutorials to users to set these safe-guards up manually

    11. Yes, each server pushes DNS settings which are within our own network, these servers are recursors so the source IP of all queries are that of our own servers.

    12. We have physical control over our infrastructure that contains any user data such as email address and passwords – these do not reside on end point VPN servers. Our VPN endpoints are configured so they do not contain any sensitive user information, the only information is the username which is required for our key based authentication for OpenVPN. We currently have servers in 41 countries.

    VPN.S website

    PERFECT PRIVACY
    pp1. We do not log or store any traffic, IP addresses or any other kind of data that would allow identification of our users or their activities. The anonymity and privacy of our users is our highest priority and the Perfect Privacy infrastructure was built with this in mind.

    2. Perfect Privacy is a community of interests with a postal address in New Zealand. However, our servers are operated in accordance with the law of the respective countries they are located in.

    3. Since it is impossible for us to determine which user causes specific traffic, we cannot identify individual customers responsible for abuse. If we receive abuse complaints we usually offer to block the destination IPs from our ranges so that no further abuse can take place. The only data we record is the total amount of traffic per server so we can check and publish our traffic capacities.

    4. No user input or data is processed by any third party tools (no Google Mail, no ZenDesk, no ticket system, etc.). Users can contact us by email and a https contact form, both running with our own mail server. We also encourage users to use PGP when communicating with us. We also offer TeamViewer support for customers but this is completely optional and up to the user.

    5. Because we do not host any data, DMCA notices do not directly affect us. However, we do receive copyright violation notices for filesharing in which case we reply that we have no data that would allow us to identify the party responsible.

    6. The only step on our side is to inform the contacting party that we do not have any data that would allow the identification of a user. There had been incidents in the past where Perfect Privacy servers have been seized but never was any user information compromised that way. Since no logs are stored in the first place and additionally all our services are running within ramdisks, a server seizure will never compromise our customers.

    7. Since we are not bound by U.S. law, gag orders like National Security Letters do not apply to us. We would outright disclose any information of a possible problem to our users. As a last resort we would shut down our service before allowing our users to be compromised (e.g. like LavaBit).

    8. Yes, Bittorrent and other file sharing is generally allowed. However, at certain locations that are known to treat copyright violations rather harshly (very quick termination of servers) we block the most popular torrent trackers to reduce the impact of this problem. Currently this is the case for servers located in the United States and France.

    9. We offer a variety of payment options ranging from anonymous methods such as sending cash, Bitcoin or PaySafeCard. However, we also offer payment with PayPal for users who prefer that option. We keep no data about the payment except for when the payment was received which is linked only to an anonymous account number.

    10. While we offer a range of connection possibilities we would recommend using OpenVPN with 256 bit AES encryption. Additional security can be established by using a cascaded connection: The Perfect Privacy VPN Manager allows to cascade your OpenVPN connection over up to four freely choosable servers.

    The client software also comes with an integrated firewall and DNS leak protection which are enabled by default: This prevents any traffic bypassing the VPN connection and the exposure of the user’s IP address by a DNS leak. This protects against attacks like the WebRTC IP leak vulnerability.

    11. Yes. All Perfect Privacy servers run a Domain Name Server for the exclusive use of our customers. Users can choose to either use a randomly assigned DNS from our pool or choose a specific one. We are currently evaluating additional security features like DNSSec.

    12. All management tools and internal systems are running in-house and are completely under our own control. Our VPN servers (and other user-reachable services like Proxies, DNS, etc.) run on servers hosted in different datacenters all around the world (currently in 25 countries). These servers do not log any kind of user data and are all running within ramdisks on dedicated servers.

    Perfect Privacy website

    UNSPYABLE
    unspyable 1. We keep no logs whatsoever.

    2. USA and UK VPN services are provided via our USA offices which also includes our billing system. Our offshore VPN network (Cyprus, Czech Republic, Denmark, Egypt, Hong Kong, Iceland, Netherlands, Panama, Russia, Sweden and Switzerland) is physically isolated from our USA operations and shares no connection to it.

    3. We don’t monitor anything. If we receive notice of criminal activities we will use non invasive techniques (without logging) to try and determine who the user is and terminate their access.

    None of the previous paragraph applies to P2P activities which are allowed on all servers except in the USA and UK where packet filtering is used.

    4. No.

    5. Our offshore servers where P2P is allowed are in countries and data centers that do not forward such notices. If we were to receive such a notice we would reply to it appropriately. Since we don’t log anything our reply would not include any information on the user.

    6. If we were to receive a request from an authority having jurisdiction we would cooperate with them. However since we keep no logs of anything we have very little to provide them. Anything we have to provide them such as customer names can be gotten from the customers credit card company or the payment processor much more efficiently and without us even knowing about it. Bitcoin is one of our payment options and can help minimize access to such information. This has never happened.

    7. We believe announcing such a thing in advance would cause the effectiveness of such a plan to go to zero should the need arise.

    8. It is allowed on what we define as our offshore servers (see question 2). It is not allowed on USA and UK servers due to the issues involved. There is no benefit to the user to use USA or UK servers over the offshore servers for P2P. Therefore we do not believe this to be any limitation to our users.

    9. Bitcoin, Amazon Payments and PayPal. Our online VPN authentication servers contain no customer personal information. We keep customer email addresses offline in case we need to contact the customer for some reason. We do not keep any other personal information regarding the transactions. Obviously the payment providers have a record of the transaction as well that is beyond our control.

    10. We use OpenVPN with 256 AES encryption, SHA512, 4096 bit RSA and TLS 256 AES which provides perfect forward secrecy. For maximum privacy we recommend our multi hop servers. However, due to the multiple hops they will not be the fastest for P2P or streaming applications.

    We don’t recommend software kill switches as they are subject to failure. We recommend that users block all ports on their router except for 1194 OpenVPN and then use the VPN to provide access to the Internet. This creates the perfect “kill switch”. ISP DNS leaks are most easily eliminated by changing all DNS servers on the users devices to ones not associated with their ISP.

    11. We pass DNS traffic through intermediate servers to Google DNS. We believe using our own DNS servers is less private than farming out the DNS requests via intermediate servers to Google and mixing them with the billions of other DNS requests Google handles daily. All requests to Google DNS appear to originate form one of our offshore servers and don’t correlate to the user.

    12. No, we use trusted ISP’s in all the countries we prove service in. (Cyprus, Czech Republic, Denmark, Egypt, Hong Kong, Iceland, Netherlands, Panama, Russia, Sweden and Switzerland) Plus US and UK. In addition, server hard drives are encrypted to prevent tampering or any data recovery should the physical server be accessed.

    Unspyable website

    HIDE.ME
    hideme1. No, we don’t keep any logs. We have developed our system with an eye on our customer’s privacy, so we created a distributed VPN cluster with independent public nodes that do not store any customer data or logs at all.

    2. We are a Company based in Malaysia with no legal obligation to store any user logs at all.

    3. We believe that it is not our responsibility to monitor user activities, consequently, we don’t throttle or block any kind of traffic.

    4. Yes we use Zendesk and LivechatInc in which we do not store any customer data that could be mapped to our customer database. Furthermore this information cannot be linked to your VPN usage and online activities.

    5. Since we don’t store any logs and/or host copyright infringing material on our services, we’ll reply to these notices accordingly.

    6. Although it has never happened,in such a scenario we won’t be able to entertain the court orders because our infrastructure is built in a way that it does not store any logs and there is no way we could link any particular cyber activities to any particular user. In case we are forced to do so, we would prefer to close down rather than putting our users at stake who have put their trust in us.

    7. Since we are not operating under US law, in Malaysia there is no such thing as the Patriot Act. So far we haven’t been served with a court order or any governmental request and if it was the case we would be transparent with our customers that might have been affected by such court order.

    8. There is no effective way of blocking file-sharing traffic without monitoring our customers which is against our principles and would even be illegal. Usually we only recommend our customers to avoid the US & UK locations for filesharing but it is on a self-regulatory basis since these countries have strong anti-copyright laws in place.

    9. We support over 200+ international payment methods, including Bitcoin, Paypal, Credit Cards, Bank transfer and UKash. All payments are handled by external payment providers and are linked to a temporary payment ID. This temporary payment ID can not be connected to the users VPN account/activity. After the payment is completed, the temporary payment ID will be permanently removed from the database.

    10. Our users’ privacy is of utmost concern to us. Our windows client has the features such as kill switch, Auto Connect, Auto Reconnect etc which makes sure that the user is always encrypted and anonymous. Even though if one of our customer decides not to use the client, in our community there is a big variety of tutorials to help our customers to protect themselves against any sort of leaks.

    After all, modern VPN protocols that we all support – like IKEv2, OpenVPN and SSTP, are considered secure even after the NSA leaks. We follow cryptographic standards and configured our VPN servers accordingly in order to support a secure key exchange with 4096-bit keys and a strong symmetric encryption (AES-256) for the data transfer.

    11. We do not operate own DNS servers since all outgoing connections are already encrypted and free DNS servers like OpenDNS or Google Public DNS are not censored in any way, so we can ensure that our customers are still anonymous using these services and enjoy a censorship free browsing. Operating own DNS servers would put our infrastructure at risk since an attack could affect all our customers that are currently connected to our VPN servers.

    12. We operate 27 server locations in 19 different countries. However we do not own physical hardware, there is an intrusion detection and other various security measures in place to ensure the integrity and security of all our single servers. Furthermore we choose all third party hosting providers very carefully, so we can assure that there are certain security standards in place (ISO 27001) and no authorized person could access our servers. Among our reputable partners are Leaseweb, NFOrce, Equinix and Softlayer.

    Hide.me website

    SHADEYOU VPN
    shadeyou1. ShadeYou VPN does not keep any logs. The highest level of privacy is a main mission of ShadeYou VPN. Everybody can read our Privacy Policy. To use our service only a username and e-mail are required. No personal or real data is required.

    2. ShadeYou VPN company operates under the jurisdiction of the Netherlands.

    3. We absolutely do not monitor any traffic or user activity. Even if we receive a serious abuse notification we can’t start monitoring our users because it will violate the main mission of ShadeYou VPN.

    4. Yes, we are using Google Apps as our email service provider. But we do not send or request any private or personal information via mail. Also the option of Live Support is available and works based on SiteHeart service where personal information isn’t required.

    5. The abuse team of ShadeYou VPN answers as follows: a) we do not store any illegal content on our servers; b) all of our users agrees with our privacy policy while registering, so we warned that illegal actions are prohibited and at this time we are not responsible. c) we have no any personal data of our users or any logs of their activities that can be shared with third-parties because we simple do not store it.

    6. Sharing any personal data of our users is absolutely impossible since we do not store it and do not keep any logs. Yes such kind of situation has happened but there is not even one existing case when we have shared any information about our users with any 3rd parties.

    7. Warrant canaries are new to us. We have not used one before since we are sure that all our users are safe. But we can start using it as an additional option to make our users sure that they are totally secure while using our service.

    8. BitTorrent and any other file-sharing traffic is allowed on all our servers. There’s only one exception, and that’s for users who use a trial version.

    9. ShadeYou VPN uses payment systems including PayPal, Perfect Money, Webmoney, Qiwi, Yandex Money, Easy Pay, Ligpay, UnionPay, AliPay, MINT, CashU, Ukash also accept payments via Visa, Master Card, Maestro and Discover. Ofcourse Bitcoin is available.

    10. We strongly recommend to use OpenVPN since it is the most safe and uses the strongest encryption (TLS Protocol with 1024-bit key length and AES-256-CBC crypto-algorithm). We do not support “Kill switch” at the moment but we will propose alternative solution when our new DNS servers will be launched.

    11. At the moment we use Public DNS 8.8.8.8 and 8.8.4.4 and currently we are working hard on implementing our own DNS servers with a secured channel.

    12. All our servers are collocated around the world in DC’s of different leading hosting companies. Our VPN network covers: USA, United Kingdom, Sweden, Ukraine, Netherlands, Russia, Spain, Hong Kong, Germany, France and Canada. Romania will be added soon.

    ShadeYou VPN website

    SECUREVPN.TO
    SecureVPNto1. We don’t log any individually identifying information.

    2. Each server is handled with the jurisdiction at the servers’ locations.

    3. There are no tools which monitor our customers. We have techniques which don’t require any logging to prevent the abuse our service.

    4. Our website has been completely developed by ourselves and we don’t use any external services.

    5. We will reply to DMCA takedowns but we cannot be forced to hand out information, because we don’t log anything.

    6. This hasn’t happened yet but if we were forced to identify one of our customers at a specific server location, we would drop this location immediately. Under no circumstances are we are going to log, montior or share any information about our customers.

    7. No, we don’t offer something like that.

    8. Yes, it is allowed on all servers.

    9. We offer a wide range of anonymous payment methods like Paysafecard, Bitcoin, Litecoin, Dogecoin, Worldcoin, EgoPay and Perfect Money. All payments are processed by our own payment interface and therefore no third party payment processor receives any information.

    10. We would recommend OpenVPN, available in UDP and TCP mode. We are using AES-256-CBC for traffic encryption, 4096 bit RSA keys for the key exchange and SHA-512 as HMAC. These settings offer you the highest grade of security available. We offer a tool called “VPN Helper” which provides security features like a DNS Leak Protection, IP Leak Protection and IPv6 Leak Protection. Some weeks ago the development of our own VPN client, which will also include those security features, started.

    11. At the moment we are using the nameservers of OpenDNS. We will offer our own DNS servers soon.

    12. We rent 24 servers in 19 different countries and are continuously expanding our server park. The server locations are France, Netherlands, Switzerland, United Kingdom, Canada, USA, Bulgaria, Costa Rica, Germany, Kosovo, Latvia, Lithuania, Moldova, Romania, Russia, Spain, Sweden, Taiwan and Ukraine. For us it is impossible to have physical control over all widespread servers.

    SecureVPN.to website

    HOTSPOT SHIELD
    hotspot

    1. AnchorFree and Hotspot Shield’s top priority is to provide privacy to our customers. We do not store any logs that can be used to associate a connection to a user.

    2. Anchorfree operates in the US under US jurisdiction and outside the US under Swiss.

    3. We have a security team dedicated to monitoring abuse, specific details are confidential, but we can assure our users that we do not use logs to monitor and mitigate abuse.

    4. Yes, we do work with an external email service and support tool however, none of the user’s information can be tied back to their activities while using Hotspot Shield.

    5. We do not host content and are unable to remove any of said content. Additionally, our top priority is the privacy of our users and therefore we do not log or monitor our users and are unable to identify any users of our service.

    6. It is not technically possible to effectively identity or single out one active user from a single IP address. We have received a valid court order.

    7. Since we don’t have the information to provide to the agencies we do not require to have it.

    8. We believe in an open and uncensored internet, we do not discriminate against any kind of traffic.

    10. We’re biased here, but for a good reason, we think the most secure VPN connection is Hotspot Shield VPN which uses proprietary VPN protocols. Our encryption algorithm favors AES-128 more than other standards for its cryptography properties, performance and hardware support which is available for consumer devices and server platforms. We have a patent pending solution for kill switches for Android clients and we are working to improve it and include into all of our applications. Our users never risks of DNS leak because all traffic (including DNS requests) are protected by the VPN tunnel.

    9. In the US we accept Credit Cards and PayPal. Internationally we accept the most popular local payment methods like Mobile Payments, Prepaid cards, eWallets, Bank Transfers etc. Our users’ payment information cannot be linked to their individual user accounts.

    11. Yes, we have hundreds of dedicated servers around the world.

    12. We own all of our infrastructure. We do not outsource anything. We have virtual locations in the US, UK, Canada, Australia, Japan, Germany, India, Hong Kong and China.

    Hotspot Shield website

    RAMVPN
    ramvpn1. We log absolutely nothing. Even without logs there can be small amounts of meta-data leftover in RAM memory of the TCP/IP stack on the server’s operating system. After seeing the rising trend of server seizures in 2014, it can no longer be assumed that simply not logging can protect the users. To mitigate this, we run the VPN service itself on a virtual machine within an encrypted RAM container, and combine this with physical tamper resistance just to be sure.

    2. The business itself is under USA jurisdiction and as such we are not subject to any mandatory data retention laws whatsoever.

    3. None. We have no way of monitoring traffic. If abuse is reported to our abuse department through the proper channels and is discovered to be a valid complaint, we may temporarily block outbound network traffic to the target being abused (usually the source of the abuse complaint) using basic firewall configurations. We would be completely unable to find the origin of such abuse in relation to one of our users. We can’t even revoke a user account if we want to.

    4. We do not engage any third parties for email or support-related hosting at this time.

    5. We do not host content there would be nothing for us to remove, plain and simple.

    6. We are unable to identify an active user of our service to begin with. The service was inherently built from the ground up to make identification of a user impossible from a technical perspective, even for us. Due to consumer protection laws, we must abide by our advertised inability to track users. A request such as this has not ever happened.

    7. We currently have no warrant canary.

    8. We don’t block any traffic at all other than attack traffic (related to abuse complaints), and even those blocks are temporary.

    9. PayPal, credit card, or Bitcoin. These are barely linked to an “account”, because the only thing we keep on file is an email address. The payment information itself is NEVER linked directly to any VPN authentication credentials. Users even have the option to use a non-billing email address to have their keys signed with and credentials delivered to. For those who are extra paranoid, we recommend using an anonymous email service and anonymous payment method (such as bitcoin) to ensure we have absolutely no details about you.

    10. RSA2048 and blowfish encryption. No, we do not currently provide kill switches or DNS leak protection.

    11 Our DNS servers run on the local VPN network and proxy to our host node. Our host node will then respond from its cache, or if it does not have the record, look the information up using Level3, OpenDNS, or OVH Canada.

    12. We have firmware control over our physical servers, however we outsource our data-center usage through OVH hosting. While we currently only have servers based in Canada and US, our expansion plans include Germany, China, France, Italy, and more. We are adding new nodes frequently.

    RAMVPN website

    FROOTVPN
    frootvpn1. FrootVPN takes the privacy of all of its users serioulsy and therefore we do not store any logs and we do not monitor any traffic in our network.

    2. We operate in Sweden.

    3. As we do not monitor any traffic and our system is built to protect the identity of our users. However if we do receive any legit abuse if it’s necessary we can block IP and port.

    4. We have setup our own mail servers which we manage our self. Only our staff has remote and physical access to these servers. We use opensource helpdesk OTRS which is hosted on our own servers.

    5. We do not host any content on our servers, therefore sending DMCA notices to us is kind of pointless as we cannot identify any customers. If we do receive such a request we just send back our privacy policy.

    6. As we do not keep any logs or monitor any traffic, we are unable to identify any customer.

    7. No.

    8. We only block SMTP as we do not like spam and our providers do not like it either. All other traffic is allowed such as file sharing.

    9. We use multiple payment system, such as PayPal, paysafecard, ukash and more. Each invidual payment system may require you to enter personal information to be able make a purchase from them. However we do not store any personal information or transaction number in our database.

    10. We offer both PPTP, L2TP and OpenVPN. We recommend to use OpenVPN as it offer the highest encryption and is by today the most secure VPN. With OpenVPN you can use AES256 cipher and 2048 bit DH key.

    11. We use our data center DNS servers, which is 80.67.0.2. We however do plan migrate to use our own DNS servers during this year.

    12. We own all our hardware ourselves and they have all be installed and configured by our staff. We only lease rack unit and bandwidth from our Internet provider. Only our staff has physical access to our servers. All our servers are located in Sweden.

    FrootVPN website

    LOKUN
    lokun1. We keep as little information as possible, both legally and technically. We do not store information that can map you to one of our IP addresses. In our database, we keep: usernames, hashed passwords and the corresponding salt, account status and email (if given). We keep a record of when a user connects and total number of connected users.

    2. Icelandic jurisdiction.

    3. No special tools have been needed to handle abuse so far, these issues will be dealt with on a case-by-case basis. We use email to handle abuse notifications.

    4. Third parties storing plaintext emails isn’t a problem we can solve by picking email hosting providers. Instead, we prefer that users use encrypted emails to communicate with us. We use Zendesk and Google Apps because of technical merit.

    5. We have never received such a notice.

    6. We do not store the information required to do this and would be unable to comply. We would simply cease operations if placed under gag order or similar.

    7. Yes.

    8. Yes.

    9. We currently accept: Credit cards, Icelandic bank transfers and Bitcoin. Other methods of payment can be requested. A payment is not linked to a user account. Payment processors do not know the username being paid for. We are legally required to store all sales receipts, in the case of a random tax audit. Sales receipts contain the date of purchase and the amount. We do not store what username the payment was made on behalf of.

    10. We only use OpenVPN and we do not have our own client.

    11. Yes.

    12. All our servers are hosted in Iceland and we host with trusted parties; DataCell and GreenQloud. We have a mix of own hardware and virtual servers. Data is never saved to disk.

    Lokun website

    ASTRILL
    astrill1. Our mission is to protect users privacy online, therefore we don’t keep logs.

    2. Our company is registered in Seychelles so it’s virtually impossible or very complicated to get any data about our customers through legal system.

    3. …

    4. All the tools we use are proprietary. We use our own email servers and helpdesk software for communication with customers.

    5. P2P applications are allowed on our network, on designated servers, where DMCA complaints from copyright trolls are trashed.

    6. We have not received any properly filed legal request to date about disclosing information about our customers. The exact procedure is determined by our attorneys.

    7. …

    8. We provide servers with P2P applications support and on these servers P2P complaints are, as legally invalid, trashed.

    9. We accept many payment methods, all credit cards, paypal, alipay, perfect money and bitcoin are just some of popular methods we support.

    10. For best security we recommend OpenVPN protocol with AES-256 bit, Camellia 256-bit, Cast 512-bit and BlowFish 512-bit. We also offer StealthVPN as additional layer of security on top of Open VPN which makes it virtually impossible for ISPs to recognize OpenVPN protocol, throttle it or block. StealthVPN allows connections to any port of user choice (1-65535), both UDP and TCP. We support DNS leak protection and kill switches.

    11. …

    12. We run our own network of VPN servers in 54 countries which we have full control over.

    Astrill website

    NEXTGENVPN
    nextgen1. No such logs are ever kept.

    2. Rep. of Seychelles

    3. In house custom tools that we will not disclose for obvious reasons.

    4. None.

    5. They are ignored.

    6. Never happened.

    7. Irrelevant in our case.

    8. Yes. On selected destinations only.

    9. Payments are handled by a different company without any direct links to users accounts.

    10. OpenVPN – AES256. DNS leak protection and automatic reconnect are provided.

    11. Yes, we maintain our own DNS services.

    12. We have direct control of all infrastructure servers and most of VPN remote gateways. Some VPN gateways are third party hosted.
    Gateways : US,NL,UK,BE,FR,ES,PT,UA,CH

    NexTGenVPN website

    STEGANOS
    steg1. We do not store any user data, neither regarding IP-addresses nor time stamps.

    2. We operate under German jurisdiction, where no data retention law is in force. Therefore, currently there is no legal basis in Germany that forces Steganos to store user data. This means that we do not have any information to share with third parties or court.

    3. In order to protect our users from abuse we keep our servers safeguarded against malware and abuse-software, for example by constantly providing security updates and blocking unnecessary ports. We do not monitor any activities of our users, but retain the possibility to block ports which are reported to be used exceptionally often for abuse (e.g. spamming).

    4. We use Google Apps within our company. Our support service additionally uses Zendesk, which logs some user information. As these are stored on different servers, they cannot be used for user identification though.

    5. After receiving such a notification, Steganos takes seizure according to its own measures that we consider appropriate. In general, this would be the restriction of access to the copyright protected work, but not the blocking of a user.

    6. Steganos has taken a strong stance for data security and protection for years and defended customer information against any disclosure. This means that we try to prevent the identification of our users and even go to court, if necessary, like in 2009. Back then the data retention law imposed by EU was in force in Germany. Nevertheless, Steganos refused to release the IP-address of a user to the lower regional court of Bamberg and successfully proceeded against this court order.

    7. As our company is not based in the US, we do not need any warrant canary.

    8. BitTorrent is not actively blocked as of now.

    9. Our customers can pay easily and securely via Paypal, Credit Card (Mastercard, Visa), bank transfer, check or Giropay. All billing information is stored on different servers and cannot be linked to users by any means.

    10. We recommend OpenVPN with 256-bit AES encryption and therefore work with it in our product “Steganos Online Shield VPN“. As we believe it to be the most secure option, we are also currently planning on implementing it in our VPN tool “OkayFreedom” (which uses 128-bit blowfish as encryption algorithm so far). We neither offer tools regarding kill switches nor DNS leak protection as of now.

    11. We use Google Public DNS server, which we consider unproblematic. It is not only the biggest public server with over 130 billion requests per day and works fast, but also does not store personally identifiable information nor IP-addresses permanently and all temporary logs are deleted after 48 hours at the latest.

    12. We offer servers located in 12 different countries, which are: Egypt, France, Germany, Great Britain, Japan, Mexico, Romania, Singapore, Spain, Switzerland, Turkey and the USA.

    Therefore we collaborate with several third party providers that reside in these countries, for example 1&1 Internet AG in Germany, hosttech GmbH in Switzerland and SAKURA Internet Inc. in Japan. Despite we do not have physical control over the VPN servers there, we always take security measures like installing our operating system directly on these servers. It is to mention, that all login servers are placed in Germany where we have full control over them.



    Source torrentfreak.com
     
    Dred, 2015. február 28.
    #1