1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?
2. Under what jurisdiction(s) does your company operate?
3. What tools are used to monitor and mitigate abuse of your service?
4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users?
5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled?
6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened?
7. Does your company have a warrant canary or a similar solution to alert customers to gag orders?
8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?
9. Which payment systems do you use and how are these linked to individual user accounts?
10. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?
11. Do you use your own DNS servers? (if not, which servers do you use?)
12. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located?
1. The VPN servers do not store user authentication logs. Once a user logs off of our VPN network we have no way of knowing which IP they were assigned or which server they were using let alone the time of day they logged in at.
3. The main tools in place at the network level are SNMP and Mikrotik Layer 7 firewall rules. At the host level its Zabbix and OSSEC.
4. LiquidVPN hosts everything on servers we control.
5. As much as I would love to toss these in the trash it would be impossible to keep the servers online if I did so. Most USA data centers require action to be taken within 24 hours or they automatically null route the IP until corrective action has been taken. In the UK and Europe many data centers that require any action at all give us 48 hours before an automatic null route of the IP address. When we are required to take action we will rate limit the port in question down to 5Kb/s for 24 to 48 hours.
Here is our exact process.
1. Post the DMCA notice to the Transparency Reports section along with the intended course of action if there is one.
2. Post a link on Twitter.
3. If we are required to take action and update the data center we will rate limit transfers on the offending port to 5Kbs
6. This has never happened. In the event that it does happen our attorney will post the court order and our intended action in the transparency reports section I linked above. If there is a gag order of some sort our Warrant Canary will stop being updated. We do abide by the law so in the end we would have to send over the information requested on a user.
7. Yes we do.
8. Yes it is.
9. PayPal, Credit Card, Bitcoin and Cash are accepted. Our payment data and VPN user data are completely separate. We only require a first name, country and email address to sign up unless you are paying by credit card. Due to the obscene number of charge backs we were getting on credit card transactions we had to begin collecting addresses and phone numbers for credit card transactions. When an order is placed the webserver logs the IP and time of order. Other actions on the website will also trigger the same logging event. These logs are purged after 6 months.
10. We have a very easy to use kill switch and also provide directions on setting up a full-fledged firewall to protect against leaks, drops and much more if the user is so inclined. Our client enables DNS leak protection by default. We provide private DNS servers, reverse proxies aka SMARTDNS (in beta) and of course IP Modulation. IP modulation shares a pool of IP addresses with dozens or even hundreds of other users and each connection has a random chance to modulate the IP. An average webpage makes 30+ connections for it to load completely. In theory on a modulating IP address your traffic could appear to be coming from 30 different IP addresses.
Currently the best encryption OpenVPN supports without being modified is AES-256-CBC. So this is what I would recommend for most people. I would recommend 2048 to 4096 bit RSA keys. I would tell users to make sure a TLS key is used and some form of server certificate verification is enabled in the configuration file. I would tell them to MAKE SURE there is an auth SHA256/SHA512 line in their configuration file and that tls-cipher is defined.
11. Of course and we are 90% finished converting them all to communicate on private subnets only.
12. We do not own the equipment it is on short term leases and collocated around the world. We do not like to be married to a data center in case a privacy issue comes up and we have to pull out quickly. We choose our data centers very carefully but things change very quickly politically in a lot of these regions. We currently have servers in Canada, UK, USA, Netherlands, Switzerland, Germany and Romania.
1. We do not keep any such logs. If ever required by law under a jurisdiction, we would implement such a system, but only where applicable and keeping storage time to the minimum required by law of that respective jurisdiction. Note also that no registration is required to use our service, so any log information would generally map to an anonymous, random user ID (UUID) and the user’s public IP address.
2. Freedome is a service provided from Finland by a Finnish company, and manufactured and provided in compliance with applicable Finnish laws.
3. We have proprietary tools for fully automated traffic pattern analysis, including some DPI for the purpose of limiting peer-to-peer traffic on some gateway sites. Should we detect something that is not in line with our acceptable use policy, we can rate limit traffic from a device, or block a device from accessing the VPN service. All of this is automated and happens locally on the VPN gateway.
4. We do not use any external email providers, but our users can, for example, sign up for beta programs with their email address and send us feedback by email. The email addresses are used only to communicate things like product availability.
In the future, paying customers can also use our support services and tools such as chat. In those cases, we do hold information that customers provide us voluntarily. This information is incident based (connected to the support request) and is not connected to any other data (e.g. customer information, marketing, licensing, purchase or any Freedome data). This data is purely used for managing and solving support cases.
5. There is no content in the service to be taken down. Freedome is a data pipeline and does not obtain direct financial benefit from user content accessed while using the service. While some of the other liability exclusions of DMCA (/ its European equivalent) apply, the takedown process itself is not really applicable to (this) VPN service.
6. The law enforcement data requests can effectively be done directly only to F-Secure Corporation in Finland. If a non-Finnish authority wants to request such data from F-Secure, the request will be done by foreign authorities directly to Finnish police or via Interpol in accordance to procedures set out in international conventions. To date, this has never happened for the Freedome Service.
7. We do not have a warrant canary system in place. Instead, Freedome is built to store as little data as possible. Since a warrant canary would be typically triggered by a law enforcement request on individual user, they are more reflective on the size of the customer base and how interesting the data in the service is from a law enforcement perspective. They are a good, inventive barometer but do not really measure the risk re: specific user’s data.
8. BitTorrent and other peer-to-peer file sharing is rate limited / blocked on some gateway servers due to acceptable use policies of our network providers. Some providers are not pleased with a high volume of DMCA takedown requests. We use multiple providers (see Question #12) and these blocks are not in place on all the servers.
9. There are multiple options. The most anonymous way to purchase is by buying a voucher code in a retail store. If you pay in cash, the store will not know who you are. You then enter the anonymous voucher code in the Freedome application, and we will then confirm from our database that it is a valid voucher which we have given for sale to one of our retail channels. The retail store does not pass any information to us besides the aggregate number of sold vouchers, so even if you paid by a credit card, we do not get any information about the individual payment.
For in-app (e.g., Apple App Store, Google play) purchases you in most cases do need to provide your details but we actually never receive those, we get just an anonymous receipt. The major app stores do not give any contact information about end users to any application vendors.
When a purchase is made through our own e-store, the payment and order processing is handled by our online reseller, cleverbridge AG, in Germany. Our partner collects payment information together with name, email, address, etc. and does store these, but in a separate system from Freedome. In this case we have a record who have bought Freedome licenses but pointing a person to any usage of Freedome is intentionally difficult and against our policies. We also don’t have any actual usage log and therefore could not point to one anyway.
10. Our application does not provide user selectable encryption algorithms. Servers and clients are authenticated using X.509 certificates with 2048-bit RSA keys and SHA-256 signatures. iOS clients use IPSEC with AES-128 encryption. Other clients (Android, Windows, OS X) use OpenVPN with AES-128 encryption. Perfect Forward Secrecy is enabled (Diffie-Hellman key exchange).
We provide DNS leak protection by default, and we also provide IPv6 over the VPN so that IPv6 traffic will not bypass the VPN. Kill switches are not available. The iOS IPSEC client does not allow traffic to flow unless the VPN is connected, or if the VPN is explicitly turned off by the user. The Android app, in “Protection ON” state keeps capturing internet traffic even if network or VPN connection drops, thus there is no traffic or DNS leaks during connection drops. If the Freedome application process gets restarted by the Android system, there is a moment where traffic could theoretically leak outside the VPN. Device startup Android 4.x requires user’s consent before it allows a VPN app to start capturing traffic; until that traffic may theoretically leak. (Android 5 changes this, as it does not forget user’s consent at device reboot.)
11. We do have our own DNS servers.
12. In most locations we utilize shared hardware operated by specialized hosting vendors, but we also have our own dedicated hardware at some locations. Providers vary from country to country and over time. In some countries we also use multiple providers at the same time for improved redundancy. An example provider would be Softlayer, an IBM company whom we use in multiple locations.
3. We use internally written tools to mitigate attacks against our VPN servers as well as DDoS attacks originating from clients behind our servers.
4. No, we don’t.
5. They are ignored, except when they refer to web sites running behind our VPN servers. Due to our service features, it is perfectly possible to run web sites from behind our servers: we also provide DDNS for free to our customers. For these specific cases, we can act similarly to a hosting provider and we verify that the web site is compliant to our Terms of Service. We have had web sites spreading viruses and other malware (verified without any doubt) and we intervened to quickly stop them when we were warned about the issue.
6. Since we can’t provide information that we don’t have, an “ex-post” investigation is the only solution, if and when applicable. So far we have had no court orders of this kind.
7. No, we don’t. While a warrant canary’s effectiveness is questionable, we recommend to use technical means to solve the problem at its roots. When a customer can’t afford to trust us for the sensitivity of his/her activities, he/she can simply use Tor over OpenVPN, or OpenVPN over Tor, to get an immediate protection which a warrant canary, not even if updated every day, will never be able to provide.
8. Yes, it’s allowed on every and each server. We do not discriminate against any protocol or application and we do not monitor traffic or traffic type.
9. We accept Bitcoin, a wide range of cryptocoins, PayPal and major credit cards. About PayPal and credit cards, the usual information pertaining to the transaction and account/credit card holder are retained by the financial institutions, and it is possible to correlate a payment to a user (which is good for refund purposes when required). When this is unacceptable for security reasons, then Bitcoin or some other cryptocoin should be used. Bitcoin can also be provided with a strong anonymity layer simply by running the Bitcoin client behind Tor.
10. Our service setup, based on OpenVPN, is the following: 4096 bit RSA keys size, AES-256-CBC Data Channel, 4096 bit Diffie-Hellman keys size, HMAC SHA1 Control Channel, TLS additional authorization layer key: 2048 bit.
Perfect Forward Secrecy through Diffie-Hellman key exchange DHE. After the initial key negotiation, re-keying is performed every 60 minutes (this value can be lowered unilaterally by the client). Due to the serious doubts about NIST standard Elliptic Curves parameters being manipulated by NSA, we feel to share Bruce Schneier’s considerations to not use ECC.
Our free and open source client Eddie (under GPLv3) for Linux, Windows, OS X Mavericks and Yosemite, implements features which prevent the typical DNS leaks in Windows and any other leak (for example in case of unexpected VPN disconnection). Leaks prevention, called “Network Lock”, is not a trivial kill-switch, but it prevents various leaks that a classical kill switch can’t block: leaks caused by WebRTC, by programs binding to all interfaces on a misconfigured system and by malevolent software which tries to determine the “real” IP address. In the future, probably before the end of 2015, our client will be available, as usual free and open source according to our mission, for other VPN services too.
We provide guides, based on firewalls and not, to prevent leaks on various systems for all those persons who can’t or don’t wish to use our client Eddie.
11. Yes, we use our own DNS servers.
12. Our servers are housed in datacenters which we have physical access to, provided that the access is arranged in advance for security reasons. Datacenters must comply to some technical and privacy requirements. With rare exceptions, a datacenter must have a PoP to at least one tier1 provider. Without exceptions, datacenter must be network neutral, must provide bandwidth redundancy, minimum uptime of 99.8% and our servers must have a dedicated port and a guaranteed bandwidth. We have servers located in Canada, France, Germany, Hong Kong, Latvia, Netherlands, Portugal, Romania, Singapore, Spain, Sweden, Switzerland, Ukraine, USA. We work or have been working with big and small providers, such as Amanah, IBM, Leaseweb, Voxility, HugeServers, Serveria, YesUp, Teknikbyran, just to name a few.
3. If there is a *serious* abuse that we have been alerted to, we may use string matching in the firewall to DROP packets containing the particular abuse, or block outbound traffic to a particular IP. We do not monitor for abuse, abuse alerts come from third parties such as fail2ban services.
4. We host our own Mail server along with a support system on our own Colocated equipment. Live chat system is Zopim, unfortunately we have not been able to find adequate self hosted software solutions that meet our requirements for live chat however we do review this option once to twice a year incase something becomes available
5. We do not track our users, therefore the notices cannot be acted upon, due to the fact the DMCA notices cannot be verified we respond to the notices in this manner.
6. We have yet to encounter this. Our policy is to adhere to the court order, however due to our no logging policy it would be impossible to provide in-the-past information on any user. If the user is active and the court order contains specific end point IPs it is possible by firewall matching the user could be identified.
9. Bitcoin, Perfect Money, PayPal, Visa/MC,
10. We provide OpenVPN which can be used across multiple devices with our 2048bit keys, our Windows, OSX, Linux application provides DNS Leak and protection if VPN is dropped within the application settings, we can also provide tutorials to users to set these safe-guards up manually
11. Yes, each server pushes DNS settings which are within our own network, these servers are recursors so the source IP of all queries are that of our own servers.
12. We have physical control over our infrastructure that contains any user data such as email address and passwords – these do not reside on end point VPN servers. Our VPN endpoints are configured so they do not contain any sensitive user information, the only information is the username which is required for our key based authentication for OpenVPN. We currently have servers in 41 countries.
1. We do not log or store any traffic, IP addresses or any other kind of data that would allow identification of our users or their activities. The anonymity and privacy of our users is our highest priority and the Perfect Privacy infrastructure was built with this in mind.
2. Perfect Privacy is a community of interests with a postal address in New Zealand. However, our servers are operated in accordance with the law of the respective countries they are located in.
3. Since it is impossible for us to determine which user causes specific traffic, we cannot identify individual customers responsible for abuse. If we receive abuse complaints we usually offer to block the destination IPs from our ranges so that no further abuse can take place. The only data we record is the total amount of traffic per server so we can check and publish our traffic capacities.
4. No user input or data is processed by any third party tools (no Google Mail, no ZenDesk, no ticket system, etc.). Users can contact us by email and a https contact form, both running with our own mail server. We also encourage users to use PGP when communicating with us. We also offer TeamViewer support for customers but this is completely optional and up to the user.
5. Because we do not host any data, DMCA notices do not directly affect us. However, we do receive copyright violation notices for filesharing in which case we reply that we have no data that would allow us to identify the party responsible.
6. The only step on our side is to inform the contacting party that we do not have any data that would allow the identification of a user. There had been incidents in the past where Perfect Privacy servers have been seized but never was any user information compromised that way. Since no logs are stored in the first place and additionally all our services are running within ramdisks, a server seizure will never compromise our customers.
7. Since we are not bound by U.S. law, gag orders like National Security Letters do not apply to us. We would outright disclose any information of a possible problem to our users. As a last resort we would shut down our service before allowing our users to be compromised (e.g. like LavaBit).
8. Yes, Bittorrent and other file sharing is generally allowed. However, at certain locations that are known to treat copyright violations rather harshly (very quick termination of servers) we block the most popular torrent trackers to reduce the impact of this problem. Currently this is the case for servers located in the United States and France.
9. We offer a variety of payment options ranging from anonymous methods such as sending cash, Bitcoin or PaySafeCard. However, we also offer payment with PayPal for users who prefer that option. We keep no data about the payment except for when the payment was received which is linked only to an anonymous account number.
10. While we offer a range of connection possibilities we would recommend using OpenVPN with 256 bit AES encryption. Additional security can be established by using a cascaded connection: The Perfect Privacy VPN Manager allows to cascade your OpenVPN connection over up to four freely choosable servers.
The client software also comes with an integrated firewall and DNS leak protection which are enabled by default: This prevents any traffic bypassing the VPN connection and the exposure of the user’s IP address by a DNS leak. This protects against attacks like the WebRTC IP leak vulnerability.
11. Yes. All Perfect Privacy servers run a Domain Name Server for the exclusive use of our customers. Users can choose to either use a randomly assigned DNS from our pool or choose a specific one. We are currently evaluating additional security features like DNSSec.
12. All management tools and internal systems are running in-house and are completely under our own control. Our VPN servers (and other user-reachable services like Proxies, DNS, etc.) run on servers hosted in different datacenters all around the world (currently in 25 countries). These servers do not log any kind of user data and are all running within ramdisks on dedicated servers.
2. USA and UK VPN services are provided via our USA offices which also includes our billing system. Our offshore VPN network (Cyprus, Czech Republic, Denmark, Egypt, Hong Kong, Iceland, Netherlands, Panama, Russia, Sweden and Switzerland) is physically isolated from our USA operations and shares no connection to it.
3. We don’t monitor anything. If we receive notice of criminal activities we will use non invasive techniques (without logging) to try and determine who the user is and terminate their access.
None of the previous paragraph applies to P2P activities which are allowed on all servers except in the USA and UK where packet filtering is used.
5. Our offshore servers where P2P is allowed are in countries and data centers that do not forward such notices. If we were to receive such a notice we would reply to it appropriately. Since we don’t log anything our reply would not include any information on the user.
6. If we were to receive a request from an authority having jurisdiction we would cooperate with them. However since we keep no logs of anything we have very little to provide them. Anything we have to provide them such as customer names can be gotten from the customers credit card company or the payment processor much more efficiently and without us even knowing about it. Bitcoin is one of our payment options and can help minimize access to such information. This has never happened.
7. We believe announcing such a thing in advance would cause the effectiveness of such a plan to go to zero should the need arise.
8. It is allowed on what we define as our offshore servers (see question 2). It is not allowed on USA and UK servers due to the issues involved. There is no benefit to the user to use USA or UK servers over the offshore servers for P2P. Therefore we do not believe this to be any limitation to our users.
9. Bitcoin, Amazon Payments and PayPal. Our online VPN authentication servers contain no customer personal information. We keep customer email addresses offline in case we need to contact the customer for some reason. We do not keep any other personal information regarding the transactions. Obviously the payment providers have a record of the transaction as well that is beyond our control.
10. We use OpenVPN with 256 AES encryption, SHA512, 4096 bit RSA and TLS 256 AES which provides perfect forward secrecy. For maximum privacy we recommend our multi hop servers. However, due to the multiple hops they will not be the fastest for P2P or streaming applications.
We don’t recommend software kill switches as they are subject to failure. We recommend that users block all ports on their router except for 1194 OpenVPN and then use the VPN to provide access to the Internet. This creates the perfect “kill switch”. ISP DNS leaks are most easily eliminated by changing all DNS servers on the users devices to ones not associated with their ISP.
11. We pass DNS traffic through intermediate servers to Google DNS. We believe using our own DNS servers is less private than farming out the DNS requests via intermediate servers to Google and mixing them with the billions of other DNS requests Google handles daily. All requests to Google DNS appear to originate form one of our offshore servers and don’t correlate to the user.
12. No, we use trusted ISP’s in all the countries we prove service in. (Cyprus, Czech Republic, Denmark, Egypt, Hong Kong, Iceland, Netherlands, Panama, Russia, Sweden and Switzerland) Plus US and UK. In addition, server hard drives are encrypted to prevent tampering or any data recovery should the physical server be accessed.
1. No, we don’t keep any logs. We have developed our system with an eye on our customer’s privacy, so we created a distributed VPN cluster with independent public nodes that do not store any customer data or logs at all.
2. We are a Company based in Malaysia with no legal obligation to store any user logs at all.
3. We believe that it is not our responsibility to monitor user activities, consequently, we don’t throttle or block any kind of traffic.
4. Yes we use Zendesk and LivechatInc in which we do not store any customer data that could be mapped to our customer database. Furthermore this information cannot be linked to your VPN usage and online activities.
5. Since we don’t store any logs and/or host copyright infringing material on our services, we’ll reply to these notices accordingly.
6. Although it has never happened,in such a scenario we won’t be able to entertain the court orders because our infrastructure is built in a way that it does not store any logs and there is no way we could link any particular cyber activities to any particular user. In case we are forced to do so, we would prefer to close down rather than putting our users at stake who have put their trust in us.
7. Since we are not operating under US law, in Malaysia there is no such thing as the Patriot Act. So far we haven’t been served with a court order or any governmental request and if it was the case we would be transparent with our customers that might have been affected by such court order.
8. There is no effective way of blocking file-sharing traffic without monitoring our customers which is against our principles and would even be illegal. Usually we only recommend our customers to avoid the US & UK locations for filesharing but it is on a self-regulatory basis since these countries have strong anti-copyright laws in place.
9. We support over 200+ international payment methods, including Bitcoin, Paypal, Credit Cards, Bank transfer and UKash. All payments are handled by external payment providers and are linked to a temporary payment ID. This temporary payment ID can not be connected to the users VPN account/activity. After the payment is completed, the temporary payment ID will be permanently removed from the database.
10. Our users’ privacy is of utmost concern to us. Our windows client has the features such as kill switch, Auto Connect, Auto Reconnect etc which makes sure that the user is always encrypted and anonymous. Even though if one of our customer decides not to use the client, in our community there is a big variety of tutorials to help our customers to protect themselves against any sort of leaks.
After all, modern VPN protocols that we all support – like IKEv2, OpenVPN and SSTP, are considered secure even after the NSA leaks. We follow cryptographic standards and configured our VPN servers accordingly in order to support a secure key exchange with 4096-bit keys and a strong symmetric encryption (AES-256) for the data transfer.
11. We do not operate own DNS servers since all outgoing connections are already encrypted and free DNS servers like OpenDNS or Google Public DNS are not censored in any way, so we can ensure that our customers are still anonymous using these services and enjoy a censorship free browsing. Operating own DNS servers would put our infrastructure at risk since an attack could affect all our customers that are currently connected to our VPN servers.
12. We operate 27 server locations in 19 different countries. However we do not own physical hardware, there is an intrusion detection and other various security measures in place to ensure the integrity and security of all our single servers. Furthermore we choose all third party hosting providers very carefully, so we can assure that there are certain security standards in place (ISO 27001) and no authorized person could access our servers. Among our reputable partners are Leaseweb, NFOrce, Equinix and Softlayer.
2. ShadeYou VPN company operates under the jurisdiction of the Netherlands.
3. We absolutely do not monitor any traffic or user activity. Even if we receive a serious abuse notification we can’t start monitoring our users because it will violate the main mission of ShadeYou VPN.
4. Yes, we are using Google Apps as our email service provider. But we do not send or request any private or personal information via mail. Also the option of Live Support is available and works based on SiteHeart service where personal information isn’t required.
6. Sharing any personal data of our users is absolutely impossible since we do not store it and do not keep any logs. Yes such kind of situation has happened but there is not even one existing case when we have shared any information about our users with any 3rd parties.
7. Warrant canaries are new to us. We have not used one before since we are sure that all our users are safe. But we can start using it as an additional option to make our users sure that they are totally secure while using our service.
8. BitTorrent and any other file-sharing traffic is allowed on all our servers. There’s only one exception, and that’s for users who use a trial version.
9. ShadeYou VPN uses payment systems including PayPal, Perfect Money, Webmoney, Qiwi, Yandex Money, Easy Pay, Ligpay, UnionPay, AliPay, MINT, CashU, Ukash also accept payments via Visa, Master Card, Maestro and Discover. Ofcourse Bitcoin is available.
10. We strongly recommend to use OpenVPN since it is the most safe and uses the strongest encryption (TLS Protocol with 1024-bit key length and AES-256-CBC crypto-algorithm). We do not support “Kill switch” at the moment but we will propose alternative solution when our new DNS servers will be launched.
11. At the moment we use Public DNS 220.127.116.11 and 18.104.22.168 and currently we are working hard on implementing our own DNS servers with a secured channel.
12. All our servers are collocated around the world in DC’s of different leading hosting companies. Our VPN network covers: USA, United Kingdom, Sweden, Ukraine, Netherlands, Russia, Spain, Hong Kong, Germany, France and Canada. Romania will be added soon.
1. We don’t log any individually identifying information.
2. Each server is handled with the jurisdiction at the servers’ locations.
3. There are no tools which monitor our customers. We have techniques which don’t require any logging to prevent the abuse our service.
4. Our website has been completely developed by ourselves and we don’t use any external services.
5. We will reply to DMCA takedowns but we cannot be forced to hand out information, because we don’t log anything.
6. This hasn’t happened yet but if we were forced to identify one of our customers at a specific server location, we would drop this location immediately. Under no circumstances are we are going to log, montior or share any information about our customers.
7. No, we don’t offer something like that.
8. Yes, it is allowed on all servers.
9. We offer a wide range of anonymous payment methods like Paysafecard, Bitcoin, Litecoin, Dogecoin, Worldcoin, EgoPay and Perfect Money. All payments are processed by our own payment interface and therefore no third party payment processor receives any information.
10. We would recommend OpenVPN, available in UDP and TCP mode. We are using AES-256-CBC for traffic encryption, 4096 bit RSA keys for the key exchange and SHA-512 as HMAC. These settings offer you the highest grade of security available. We offer a tool called “VPN Helper” which provides security features like a DNS Leak Protection, IP Leak Protection and IPv6 Leak Protection. Some weeks ago the development of our own VPN client, which will also include those security features, started.
11. At the moment we are using the nameservers of OpenDNS. We will offer our own DNS servers soon.
12. We rent 24 servers in 19 different countries and are continuously expanding our server park. The server locations are France, Netherlands, Switzerland, United Kingdom, Canada, USA, Bulgaria, Costa Rica, Germany, Kosovo, Latvia, Lithuania, Moldova, Romania, Russia, Spain, Sweden, Taiwan and Ukraine. For us it is impossible to have physical control over all widespread servers.
1. We log absolutely nothing. Even without logs there can be small amounts of meta-data leftover in RAM memory of the TCP/IP stack on the server’s operating system. After seeing the rising trend of server seizures in 2014, it can no longer be assumed that simply not logging can protect the users. To mitigate this, we run the VPN service itself on a virtual machine within an encrypted RAM container, and combine this with physical tamper resistance just to be sure.
2. The business itself is under USA jurisdiction and as such we are not subject to any mandatory data retention laws whatsoever.
3. None. We have no way of monitoring traffic. If abuse is reported to our abuse department through the proper channels and is discovered to be a valid complaint, we may temporarily block outbound network traffic to the target being abused (usually the source of the abuse complaint) using basic firewall configurations. We would be completely unable to find the origin of such abuse in relation to one of our users. We can’t even revoke a user account if we want to.
4. We do not engage any third parties for email or support-related hosting at this time.
5. We do not host content there would be nothing for us to remove, plain and simple.
6. We are unable to identify an active user of our service to begin with. The service was inherently built from the ground up to make identification of a user impossible from a technical perspective, even for us. Due to consumer protection laws, we must abide by our advertised inability to track users. A request such as this has not ever happened.
7. We currently have no warrant canary.
8. We don’t block any traffic at all other than attack traffic (related to abuse complaints), and even those blocks are temporary.
9. PayPal, credit card, or Bitcoin. These are barely linked to an “account”, because the only thing we keep on file is an email address. The payment information itself is NEVER linked directly to any VPN authentication credentials. Users even have the option to use a non-billing email address to have their keys signed with and credentials delivered to. For those who are extra paranoid, we recommend using an anonymous email service and anonymous payment method (such as bitcoin) to ensure we have absolutely no details about you.
10. RSA2048 and blowfish encryption. No, we do not currently provide kill switches or DNS leak protection.
11 Our DNS servers run on the local VPN network and proxy to our host node. Our host node will then respond from its cache, or if it does not have the record, look the information up using Level3, OpenDNS, or OVH Canada.
12. We have firmware control over our physical servers, however we outsource our data-center usage through OVH hosting. While we currently only have servers based in Canada and US, our expansion plans include Germany, China, France, Italy, and more. We are adding new nodes frequently.
2. We operate in Sweden.
3. As we do not monitor any traffic and our system is built to protect the identity of our users. However if we do receive any legit abuse if it’s necessary we can block IP and port.
4. We have setup our own mail servers which we manage our self. Only our staff has remote and physical access to these servers. We use opensource helpdesk OTRS which is hosted on our own servers.
6. As we do not keep any logs or monitor any traffic, we are unable to identify any customer.
8. We only block SMTP as we do not like spam and our providers do not like it either. All other traffic is allowed such as file sharing.
9. We use multiple payment system, such as PayPal, paysafecard, ukash and more. Each invidual payment system may require you to enter personal information to be able make a purchase from them. However we do not store any personal information or transaction number in our database.
10. We offer both PPTP, L2TP and OpenVPN. We recommend to use OpenVPN as it offer the highest encryption and is by today the most secure VPN. With OpenVPN you can use AES256 cipher and 2048 bit DH key.
11. We use our data center DNS servers, which is 22.214.171.124. We however do plan migrate to use our own DNS servers during this year.
12. We own all our hardware ourselves and they have all be installed and configured by our staff. We only lease rack unit and bandwidth from our Internet provider. Only our staff has physical access to our servers. All our servers are located in Sweden.
1. We keep as little information as possible, both legally and technically. We do not store information that can map you to one of our IP addresses. In our database, we keep: usernames, hashed passwords and the corresponding salt, account status and email (if given). We keep a record of when a user connects and total number of connected users.
2. Icelandic jurisdiction.
3. No special tools have been needed to handle abuse so far, these issues will be dealt with on a case-by-case basis. We use email to handle abuse notifications.
4. Third parties storing plaintext emails isn’t a problem we can solve by picking email hosting providers. Instead, we prefer that users use encrypted emails to communicate with us. We use Zendesk and Google Apps because of technical merit.
5. We have never received such a notice.
6. We do not store the information required to do this and would be unable to comply. We would simply cease operations if placed under gag order or similar.
9. We currently accept: Credit cards, Icelandic bank transfers and Bitcoin. Other methods of payment can be requested. A payment is not linked to a user account. Payment processors do not know the username being paid for. We are legally required to store all sales receipts, in the case of a random tax audit. Sales receipts contain the date of purchase and the amount. We do not store what username the payment was made on behalf of.
10. We only use OpenVPN and we do not have our own client.
12. All our servers are hosted in Iceland and we host with trusted parties; DataCell and GreenQloud. We have a mix of own hardware and virtual servers. Data is never saved to disk.
2. Our company is registered in Seychelles so it’s virtually impossible or very complicated to get any data about our customers through legal system.
4. All the tools we use are proprietary. We use our own email servers and helpdesk software for communication with customers.
5. P2P applications are allowed on our network, on designated servers, where DMCA complaints from copyright trolls are trashed.
6. We have not received any properly filed legal request to date about disclosing information about our customers. The exact procedure is determined by our attorneys.
8. We provide servers with P2P applications support and on these servers P2P complaints are, as legally invalid, trashed.
9. We accept many payment methods, all credit cards, paypal, alipay, perfect money and bitcoin are just some of popular methods we support.
10. For best security we recommend OpenVPN protocol with AES-256 bit, Camellia 256-bit, Cast 512-bit and BlowFish 512-bit. We also offer StealthVPN as additional layer of security on top of Open VPN which makes it virtually impossible for ISPs to recognize OpenVPN protocol, throttle it or block. StealthVPN allows connections to any port of user choice (1-65535), both UDP and TCP. We support DNS leak protection and kill switches.
12. We run our own network of VPN servers in 54 countries which we have full control over.
2. Rep. of Seychelles
3. In house custom tools that we will not disclose for obvious reasons.
5. They are ignored.
6. Never happened.
7. Irrelevant in our case.
8. Yes. On selected destinations only.
9. Payments are handled by a different company without any direct links to users accounts.
10. OpenVPN – AES256. DNS leak protection and automatic reconnect are provided.
11. Yes, we maintain our own DNS services.
12. We have direct control of all infrastructure servers and most of VPN remote gateways. Some VPN gateways are third party hosted.
Gateways : US,NL,UK,BE,FR,ES,PT,UA,CH
1. We do not store any user data, neither regarding IP-addresses nor time stamps.
2. We operate under German jurisdiction, where no data retention law is in force. Therefore, currently there is no legal basis in Germany that forces Steganos to store user data. This means that we do not have any information to share with third parties or court.
3. In order to protect our users from abuse we keep our servers safeguarded against malware and abuse-software, for example by constantly providing security updates and blocking unnecessary ports. We do not monitor any activities of our users, but retain the possibility to block ports which are reported to be used exceptionally often for abuse (e.g. spamming).
4. We use Google Apps within our company. Our support service additionally uses Zendesk, which logs some user information. As these are stored on different servers, they cannot be used for user identification though.
5. After receiving such a notification, Steganos takes seizure according to its own measures that we consider appropriate. In general, this would be the restriction of access to the copyright protected work, but not the blocking of a user.
6. Steganos has taken a strong stance for data security and protection for years and defended customer information against any disclosure. This means that we try to prevent the identification of our users and even go to court, if necessary, like in 2009. Back then the data retention law imposed by EU was in force in Germany. Nevertheless, Steganos refused to release the IP-address of a user to the lower regional court of Bamberg and successfully proceeded against this court order.
7. As our company is not based in the US, we do not need any warrant canary.
8. BitTorrent is not actively blocked as of now.
9. Our customers can pay easily and securely via Paypal, Credit Card (Mastercard, Visa), bank transfer, check or Giropay. All billing information is stored on different servers and cannot be linked to users by any means.
10. We recommend OpenVPN with 256-bit AES encryption and therefore work with it in our product “Steganos Online Shield VPN“. As we believe it to be the most secure option, we are also currently planning on implementing it in our VPN tool “OkayFreedom” (which uses 128-bit blowfish as encryption algorithm so far). We neither offer tools regarding kill switches nor DNS leak protection as of now.
11. We use Google Public DNS server, which we consider unproblematic. It is not only the biggest public server with over 130 billion requests per day and works fast, but also does not store personally identifiable information nor IP-addresses permanently and all temporary logs are deleted after 48 hours at the latest.
12. We offer servers located in 12 different countries, which are: Egypt, France, Germany, Great Britain, Japan, Mexico, Romania, Singapore, Spain, Switzerland, Turkey and the USA.
Therefore we collaborate with several third party providers that reside in these countries, for example 1&1 Internet AG in Germany, hosttech GmbH in Switzerland and SAKURA Internet Inc. in Japan. Despite we do not have physical control over the VPN servers there, we always take security measures like installing our operating system directly on these servers. It is to mention, that all login servers are placed in Germany where we have full control over them.
2. We currently have servers operating in the United States, Netherlands, and Romania. We chose these locations as sites that would honor our zero data retention policies for VPN services. The company was incorporated in the United States.
3. We don’t use tools to monitor and mitigate abuse. However, if credit card fraud is reported, we will immediately terminate the offending account.
4. We use Google Apps for email. We do not consider any email service to be secure at this time, and we advise privacy minded users to use PGP encryption with us, as that is currently considered the best method of email communication by the privacy community. Our PGP key is available on request.
5. We haven’t received a VALID DMCA notice yet. Anyone sending us a notice gets a fully copy-paste of our DMCA policy, reminding them of the conditions for a VALID DMCA notice.
6. It hasn’t happened. If it were to happen, we would be unable to comply because our infrastructure doesn’t allow us to collect that kind of information. If a court ordered us to modify our infrastructure in order to allow it to collect that kind of information, our warrant canary would activate.
7. Yes. We have a dead man’s switch warrant canary that is managed by two admins. If the canary is tripped, the front page of the site changes dramatically to warn users of a possible compromise.
8. Yes. We don’t block any ports.
9. Our payment gateway is TSYS for all credit card transactions. We also accept Bitcoin and Darkcoin. For the Credit Card transactions, we only retain the necessary data for the transaction. For Bitcoin and Darkcoin transactions, we only use an email address, which is for support purposes only.
10. We recommend only using Open Source VPN clients, as any closed source client could have backdoors or unknown security vulnerabilities.
For our users, the maximum security encryption is the default encryption, and users can’t change it. Most people can’t be expected to know which encryption schemes are going to keep them safe 30 years into the future, nor should they be expected to know that.
At VikingVPN we use RSA4096 for the handshake, AES-256-CBC for symmetric encryption, SHA1 for data integrity checks, and a 2048-bit HMAC cipher for hardening against man-in-the-middle attacks. For the session/control channel, we use 4096-bit DHE which renegotiates hourly with new keys, creating perfect forward secrecy.
11. We use OpenDNS in the US and FreeDNS in the EU. Utilizing a local DNS would not assist with privacy as all DNS requests are tunneled through our VPN and out to the public DNS servers, additionally, using a local DNS gives us a single point of failure for a DDOS attack, and would make the network vulnerable.
12. Our servers are leased by thoroughly vetted partners. We have tight control over the hardware, and we only allow our servers to be hosted in high quality datacenters with multiple layers of physical security such as 24 hour security staff, biometric scanners, and cabinet-level security. Most importantly, we do not use virtual servers or cloud services for hosting our VPN network. We operate with bare-metal servers only using our custom configuration.
1. We have strict non-logging policy. All services and servers are running without any client identifying logfiles. You need a valid email for account registration, in order to restore your password. We encrypt your email with itself, so we can not restore it without knowing it.
2. oVPN is not a company, more like a community which exists since 2010. If we are forced to create any logfiles due to any jurisdiction, we will close this server/location instantly.
3. Our reaction depends on abuse. We will block traffic if our servers are used to flood or disturb any target/host and anybody complains about. Remote-Portforwards could be traced back to your account. We will send notice to your account for incoming DMCA and close your Remote-Portforward! We can not reveal your mail address, it is stored encrypted. So there exists no data to hand-out to any 3rd party.
4. We do not use any external services and we do not use any external scripts on our page, except for payment providers, more below on 9. We provide own Mailboxes, IRC-Chats and Jabber-Server. Those storages are encrypted and ddos protected through our own front/middle-nodes.
5. We will see if any Remote-Portforward is added, close the port and send notify to clients account. We did not receive any European equivalent, but DMCA is daily business.
6. Did not happen yet. We got some requests from german police years ago, but we can not trace a single user and we can not hand-out any data which we do not posses.
7. As we are not a company and none of our team is located within US, we do not feel responsible to US law in any way, even while we hold an US-server, we cancel contract immediatelly.
8. Use of BitTorrent and other file-sharing is generally allowed, but you should keep in mind, sharing of copyrighted materials is illegal in many country and we could loose servers dued to illegal sharing.
9. We offer quick and anonymous payments with Bitcoins, always with a nice discount rate and we accept other AltCoins via coinpayments too. Your id is removed from coins address after your transaction is confirmed. Payments with perfectmoney.is and webmoney.ru are possible, but we don’t use their api for automatic processing. We accept bank-transfers and (pre-paid) cards with an external provider. External payment provider may keep all information you enter. For automatic bank/card processing, mail-adress from account and order should match. But do not worry, if paying a VPN is not a crime in your country, nobody knows who’s behind your account. For payment with pre-paid cards/voucher, send us your voucher and user-ID and we load it within 24h without any more needed information. Using paysafecard is another anonymous option for Europeans, but we need many days to process paysafecard payments! Anyhow, we advice to use *Coins! Some say, bitcoin is not anonymous. For us, it is.
10. Our most secure VPN connection is openVPN based AES-256-CBC with HMAC-SHA512. Additionally we support TLSv1.2 for openVPN clients with 2.3.x branch (DHE-RSA-AES256-GCM-SHA384).
We distribute 4096 bit certificates from our CAs to clients, which are mostly updated to SHA512 signing as well, instead of basic SHA1. Most important, we do not offer any weak cipher by default. We have iptables to protect your linux clients, rules for windows are in development. Most of us use any linux, but we have simple windows commandline tool and another windows-GUI in development, to get your oVPN certificates and configs updated. Our Stunnel 4/5 Server use maximum encryption ECDHE-RSA-AES256-GCM-SHA384 with 5120 bit RSA-keys and our SSH Server use AES-256-CTR with 8192 bit RSA-keys. We have VPN connections between our servers too. You can chain multiple SOCKS5-Proxy connections through our encrypted virtual LAN between all servers, even randomized. Best practice for dns leak protection is DNScrypt!
11. We provide own internal and public DNScrypt servers.
12. We use rented root-servers from several companies. All data is kept securely (binaries and the configuration files for services are on ramdisk).
2. We operate under Swedish law.
3. Due to the nature of our service, we do not use any tools to monitor abuse of our services.
4. We use our own self-hosted ticket system and mail servers.
5. We politely tell all DMCA/EUCD requesters that due to the nature of the service, we do not have any possibility to track the content.
6. We inform the other party that we are unable to hand out any information since we do not keep any logs or monitor the traffic.
8. All traffic is allowed.
9. We support PayPal, Bitcoin (BitPay) and Credit Cards (Stripe).
10. We recommend our users to use our OpenVPN servers with SHA512 auth, AES-256-CBC cipher and tls-auth for maximum security.
11. Yes, we have our own DNS servers for both client recursor as well as authoritive NS for our domains.
12. Yes, we own all our hardware and have physical control. Our servers are located in Stockholm Sweden.
2. Under what jurisdiction(s) does your company operate?
We’re a decentralized project, with intentional separation of loosely-integrated project components. Much of our financial processing runs through a payments-focused sibling entity based on First-Nations sovereign territory geographically located within the province of Québec, itself loosely encased within the federal confines of the country of Canada. We own no intellectual property, patents, trademarks, or other such things that would require a corporate entity in which ownership could be enforced by the implied threat of State-backed violence; all our code is published and licensed opensource.
We’ve concurrency in financial operations and make use of parallel payment processes under distinct organisational control in two other jurisdicational locations: France and Iceland. Thus, we can walk away from 2 of the 3 simultaneously with no impact to ongoing financial operations for the network.
3. Um, never happened. Not sure what “abuse” would actually involve, and as we don’t have “users” we’d not have any way to block someone’s network access in functional terms. Here’s our Terms of Service.
4. This is an excellent question, and the answer is no. All such correspondence is self-hosted (with the obvious exception of bitmessage-based communications, of course).
5. Our choice is to reply to any such messages that are not obviously generated by automated (and quite likely illegal) spambots. In our replies, we ask for sufficient forensic data to ascertain whether the allegation has enough merit to warrant any further consideration. We have yet to receive such forensic data in response to such queries, despite many hundreds of such replies over the years. Silence speaks loudly.
6. See above
7. We have been involved in the technical and theoretical work of developing the concept and implementation of warrant canaries since prior to their currently-seen popularity as a marketing tool. Indeed, we coined the term “privacy seppuku” itself, which is a closely related subject.
Unfortunately, many implementations of “warrant canaries” we see recently are terribly flawed both in conceptual foundation and in real-world application. This topic is perhaps a bit long for an interview reply, but we can say that doing a flawed warrant canary is worse than doing nothing at all, as it provides mere “security theatre” and encourages false confidence.
9. We don’t have purchasing/financial information connected in any way to real-life identity of our network members; our token-based authentication system removes this systemic connection, and thus obviates any temptation to “squeeze” us for private data about network membership. We quite simply know nothing about anyone using our network… save for the fact that they have a non-expired (SHA512 version of) token when they connect.
10. We only support one cipher suite on-net, per reply above. Offering “musical chairs” style cipher suite roulette is bad opsec, bad cryptography, and bad administrative practice. There is no need to support deprecated, weak, or known-broken suites in these network security models; unlike browser-based https/tls, there are no legacy client-side software suites that must be supported. As such, any excuse for deploying weak cipher suites is untenable. Everyone on cryptostorm receives equal and full security attention.
There are no “kill switch” tools available today that actually work. We have tested them, and until we have developed tools that pass intensive forensic scrutiny at the packetized/NIC level, we will not claim to have such. Several in-house projects are in the works, but none are ready yet for public testing.
We take standard steps to encourage client-side computing environments to route DNS queries through our sessions when connected. However, we cannot control things such as router-based DNS queries, Teredo-based queries that slip out via IP6, or unscrupulous application-layer queries to DNS resolvers that, while sent in-tunnel, nevertheless may be using arbitrary resolver addressing. Once again, we’re working on tools to mitigate these risks, but no currently tools or frameworks are 100% effective in doing so. We are saddened to see others who claim they have such “magical” tools; getting a “pass” from a handful of “DNS leak” websites is not the same as protecting all DNS query traffic. Those who fail to understand that are in need of remedial work on network architecture.
As we run our own mesh-based system of DNS resolvers, “deepDNS,” we have full and arbitrary control over all levels of DNS resolution presentation to third parties. Indeed, on-cstorm visitors to “DNS leak” websites see a message directly from cryptostorm, embedded in the results presented… this is the level of expertise we are employing as we work towards improved member security.
11. Do you use your own DNS servers? (if not, which servers do you use?)
We have constructed a mesh-topology system of redundant, self-administered secure DNS resolvers which has been collected under the label of deepDNS. Rather than simply forwarding DNS resolution queries on to other outside layers for reply, deepDNS is a fully in-house mechanism that keeps all query data (and metadata) within cryptostorm exclusively.
12. We deploy nodes in commodity datacentres that are themselves stripped of all customer data and thus disposable in the face of confirmed attacks on their kernel integrity. We have in the past “downed” such nodes based on alert from onboard systems and offsite, independently maintained kernel logs that confirmed a kernel-level violation was taking place. It is important to note that such “downing” does not explicitly require us to even have physical (or root) control of the machine in question: we push nameserver updates, via our HAF (Hostname Assignment Framework) out via redundant, parallel channels to all connected members and by doing so we can “offline” any node on the network within less than 10 minutes of initial commit.
1. No. We have no traffic logs, no connection logs, no DNS logs and real IP addresses are never logged.
2. BlackVPN operates under the jurisdiction of Hong Kong which has no mandatory Data Retention laws. This helps to impede the requests from international law enforcement and spy agencies like NSA/GCHQ. China is not interested in policing the internet outside its Great Firewall and does not interfere with Hong Kong in this regard.
3. Since we do not monitor or log any VPN activity we have no internal tools for detecting abuse on our VPN servers. Instead we respond to abuse complaints from 3rd parties (which usually contain an hostname/IP + port) by temporarily blocking access to that hostname/IP or port.
In rare cases we may monitor a specific IP/port that is being abused via the traffic going through our VPN firewalls (using iptables) in order to warn or ban the offending user. The last time this happened the user responsible found that their computer was infected with malware which was causing the abuse without their knowledge.
4. We run our own mail servers for @blackvpn.com, host our own support systems (osTicket and Live Helper Chat – which have both been configured not to log IPs), plus host our own website analytics (Piwik). We use a 3rd party email service only for sending generic emails in bulk (such as security alerts, renewal reminders, updates from blackVPN, etc.) which contain no identifying information. We also use a 3rd party system for our blog (medium.com/@blackVPN) and of course our social media.
5. In most cases these will be ignored. Our Privacy VPNs are located in
countries which do not enforce these notices. We have P2P blocks in
place on our USA + UK servers to try to prevent DMCA issues in the first
6. To identify an active user of our service we legally require a valid court order from a Hong Kong court. So far this has never happened. We have received requests from various international law enforcement agencies asking us to assist them, however our response has always been to ask for a valid court order from Hong Kong. Recently we were asked by Hong Kong police to come to Hong Kong in person to make a statement regarding an investigation by the UK authorities. With the help of the EFF we found new legal counsel in Hong Kong who quietly resolved the issue with the Hong Kong police, resulting in the UK authorities withdrawing their request. Any future requests from international authorities will be handled by our lawyers in a similar way.
7. Hong Kong does not have an equivalent to America’s NSLs and is unable to legally issue a gag order. Since none of the BlackVPN team are in Hong Kong it’s difficult for them to intimidate us that way.
We do not have a warrant canary as we’ve never seen one used effectively. In the worst case scenario we would simply “do a Lavabit” and hit the kill switch to shutdown all our systems until the authorities or the offender went away.
8. Yes it is allowed on our Privacy VPNs but not allowed on our TV VPNs (USA, UK and Singapore). Extreme pressure is being applied to the network providers in these countries to minimise copyright infringement so if we don’t take action our servers will soon get cut off.
9. We accept PayPal, Credit Cards (via CardPay) and Bitcoin (via BitPay). All payment information is stored by our payment providers and is linked to a blackVPN account via their own transaction IDs.
10. OpenVPN is the only protocol that can be considered secure after recent leaks show the NSA can decrypt PPTP and IPSec protocols (source). Since our beginning in 2009 all openVPN connections have been forced to use the AES-256-CBC cypher for maximum security and after the recent Heartbleed bug we switched to new 4096-bit Diffie-Hellman keys too. We encourage the use of open source software such as OpenVPN and Tunnelblick, neither of which have a kill switch or DNS leak protection. Our VPN routers use firewall rules to only allow internet access while the VPN connection is established, which is a more reliable solution than a “kill switch”.
11. Yes we run our own DNS servers however we use censurfridns.dk (which does not log or censor DNS queries) as a DNS forwarder.
12. We do not have physical control over our VPN servers and network since we lease bare-metal dedicated servers in various data centres around the world for our VPNs and infrastructure. Management of these servers is performed ONLY by the blackVPN founders – no employees of the company have access to the VPN servers or infrastructure. Our VPN servers are located in the USA, UK, Canada, Netherlands, Switzerland, Luxembourg, Estonia, Lithuania, Russia, Ukraine, Panama and Singapore. Other infrastructure servers (such as databases, mail servers, etc) are hosted in places with strong privacy protection laws such as Iceland, Switzerland or the Netherlands.