CategoryVPN Info

What you need to understand about a VPN

VPN Companies Caught Logging User Info

V

I’ve started to compile a list of VPN companies caught doing what they said they would never do, log user data. Do you really trust your VPN provider?

PureVPN was caught logging customer data for the FBI.IPVanish collected logs on their users.HideMyAss provided logs to US authorities for a hacking caseUFO VPN exposed millions of log files about users of its service, including their account passwords and IP addresses, despite claiming that it keeps no logs.Seven VPN Services Including UFO VPN, Rabbit VPN, Fast VPN Leaked Over 1.2TB of Private User Data: Report

+1

How Do They Know You Are On A VPN

H

How do websites know your’e coming from a VPN? The answer to that question is pretty easy…. Technology.

Companies Sell The Data

There are many companies that compile and sell IP address provider data. IPQualityScore is just one such company.

IPQualityScore maintains the most accurate database of VPN providers, including new servers and nodes that are added each day. By querying our API or processing a list of IP addresses, it’s very easy to accurately check if an IP addresses belong to a VPN provider. The VPN IP address can also be analyzed for risk analysis, location, and behavior history and similar data.

IP Blocking

A company like IPQualityScore might compile the data, but other companies like Cloudflare implement that data. Cloudflare can deny you access to a site if your IP address triggers an event. Maybe your IP address belongs to a company that hosts VPNs. One way to match an IP address to a company is via their ASN number. ASN numbers can tell other companies what their IP address might be used for. The example below is from NordVPN when I was testing out various VPN providers. While using NordVPN my IP address 64.44.55.156 was blocked from visiting a site. This happed quite a few times while testing their VPN service. But what this shows is that NordVPNs IP address (64.44.55.156) is owned by Nexeon Technologies a “Network Sharing Device or Proxy Server” service with ASN 20278.

With this information a website could block you based on knowing you are coming from a Network sharing device or proxy server.

Colocation Data Centers

A colocation (colo) is a data center facility in which a business can rent space for servers and other computing hardware. As you can see from the example below, this company has blocked the IP address range from being able to access their ordering website. You can get to their marketing side of their website using a VPN, but you can’t order food. Cloudflare has given the ability to block the IP address based on their knowledge of the IP address range.

What Is ASN?

ASN (Autonomous System Number) A unique identifier of an autonomous system on the Internet. Of the 65 thousand ASNs available, more than 30 thousand have been assigned to ISP (Internet Service Provider) and NSP (Network Service Provider). ISPs usually have only one ASN, but NSPs may have more than one.

What Is A NSP?

NSP (Network Service Provider) is an organization that provides a high-speed Internet backbone to ISPs and other service providers. Sprint, MCI and UUNET are examples of NSPs.

What Is A ISP?

ISP (Internet Service Provider) is a company such as AT&T, Verizon, Comcast, or MetroNet that provides Internet access to companies, families, and even mobile users. ISPs use fiber-optics, satellite, copper wire, and other forms to provide Internet access to its customers.

Look Up Your ASN

If you want to see who really provides your IP service, you can look them up on an ASN look up tool.

 

0

My VPN Thoughts

M

There are a ton of great articles out there about a VPN. I’m not going to try and compete with what they have to say. I think having a VPN is an important part to anyone’s online security. I have a VPN connected to each one of my running computers when I’m home or away from home. I use my VPN on my iPhone when I want semi-complete privacy. When I’m working out, my gym doesn’t need to know what music I stream, nor do they need to see I just made a transfer of fiat from one bank account to another. Those are my thoughts, but they don’t have to be yours.

At the end of my VPN rant, there are a few linked articles I’d recommend reading. They have some good information that you might find helpful.

I decided to go full time VPN after my local fiber provider was sold to a much bigger company. I had met the owner and knew his company was not mining my data and selling it. But I couldn’t say the same for our new fiber provider. AT&T, Xfinity, Cox, Frontier, HughesNet, etc, do collect and sell your data. Your data is just another revenue stream for them. I’m a private person and I expect my data to be mine and no one else’s.

I’ve had quite a few people ask me about who I’d recommend as a VPN provider. If you would have asked me a few months ago I would have said NordVPN. They have been great for years. I can’t say that anymore. Not that Nord has changed, or that they are a bad company. But a company doesn’t know what it doesn’t know. They didn’t realize that there was a back door into one of their servers. You can read from both angles below:

NordVPN confirms it was hacked

Why the NordVPN network is safe after a third-party provider breach

This fall I sat under the silver maple in my back yard. I pondered about life and technology. I came to the conclusion that if I wanted to be my own crypto exchange, be my own bank, I also needed to be serious about securing my own data. I decided to become my own VPN provider. Why would I want to be my own VPN provider? So I know exactly who is and who is not looking at my data.

Some of us understand Sutton’s Law. Why would someone rob a bank? Cause that’s where the money is. The same goes for VPN and Data. Someone uses a VPN to secure their data and keep it private. That’s not illegal, but some would like it to be. When you use a large VPN provider everyone knows where you’re coming from. There are companies that sell IP ranges of IP Proxies and VPN providers. Clause D made a statement in Telegram that struck a note with me. “I used VPN for a few years and now, NordVPN. But from what I know already I feel it’s almost pointless, and using a VPN might actually attract additional attention – like a honey pot.” – Clause D.

There are countless examples out there about Big Tech saying one thing publicly and doing another thing privately. I personally experienced these types of business practices and it became the norm. It’s what you had to do if you wanted to remain “part of the team”. The question is, can you trust what a company says. That’s for each one of us to decide on our own.

There is one more experience that has forever changed my view on power. I was working for a small company that its main focus was communication via the internet. A couple times a year we would be contacted by the Secret Service or FBI due to some type of threat made via our service. It became pretty routine. The law enforcement agency would call and tell me what they needed, I would ask for a subpoena, I would give them the information they wanted, I would get a copy of the subpoena and our deal was done. We felt the subpoena would cover us for handing over someone else’s private data to law enforcement. We felt we couldn’t be sued by our client or our client’s clients for the information we disclosed. This procedure morphed over the years. I got a call from an FBI agent, he informed me on what he needed, I asked for a subpoena, ect. Three days went by, no subpoena, I called. Four more days went by, still no subpoena, I finally got him on the phone. I asked him where the subpoena was, I was informed that they would no longer need to get a subpoena for me. That he just needed the Patriot Act. He told me to read it. I told him I wanted the subpoena he promised me. He told me to read the Patriot Act and he would email me the link. That was it, and the conversation was over.

The next time they asked for something, I told them I needed something first. That didn’t work either. Instead of a call, I had people knocking on my door. Lesson learned and noted.

These are my experiences that I can talk about. But what about the ones that no one can talk about? Have you ever heard of a Gag Order, a National Security Letter? If a company is hacked and your data is stolen, you legally need to be notified. But no so if it’s your own government. Secret F.B.I. Subpoenas Scoop Up Personal Data From Scores of Companies

So why my VPN rant?

** Update: I had this article 95% complete and was ready to make it public. However, Claus posted an article that I just had to read. It led me down hours worth of rabbit holing. After that read I’ve come to the conclusion that I won’t be renewing my NordVPN service. There were too many things I stumbled accross which left more questions than answers. You can go rabbit holing too if you want (see links below). You can also read how US Senators Demand Probe of Foreign VPNs Over Spying Risk . I don’t feel the need to turn this article more negative then it already is. This information is not to induce fear, but to educate so you can make your own decision based on knowledge. Don’t listen to me, don’t listen to a YouTuber, listen to your inner voice. I feel that always leads anyone on their best path.

These two three examples convinced me of the following:

I have distrust of Big Tech.I expect that my personal data will be shared if asked for by any law enforcement agency.I’m not sure I should trust my VPN provider. **

My Solution

So that’s why I’ve been running my own VPN servers for the last 6 months. I’m a small target, not a big one like NordVPN or other VPN provider. No one has a clue I’m running my own VPN.

I have a connection in the USA (one that I connect to 24x7x365). I have a connection in London. At this point I feel I’m covered in whatever I need to do. But time will tell, and I’ll let you know how it’s working out.

Helpful Articles

This article came to the same conclusion I had this summer –

What is a VPN –

Best VPN Services 2019 –

5 Eyes, 9 Eyes, & 14 Eyes Countries – What You NEED to Know –

Why you might be a moron – Humor Helps –

Rabbit Holing with NordVPN

There appears to be some good evidence on this site worth reading and verifying for yourself. This was my starting point.

Tesonet with the CEO named removed from the page. The letter has the same date.

Tesonet with the CEO named on from the page. The letter has the same date.

I investigated the NordVPN ordeal. Here is what I found. from VPNTorrents

ProtonVPN and Tesonet from ProtonVPN

Wyoming Secretary of State CloudVPN, Inc.

Who really owns NordVPN? – Tefincom S.A., according to my NordVPN receipt.

Tefincom S.A. owns NordVPN. Alina Gatsaniuk ( Linkedin Page ) is the Director & Secretary. She is also the Director & Secretary for 5 other companies. Her mail.ru page shows she is 32yrs old and lives in Kiev, Ukraine and not Panama. To get an idea of what some companies registered in Panama are designed for, watch The Laundromat on Netflix.

It’s pretty easy to state that Tefincom S.A. in a Panamanian shell company. My latest invoice (2019) from NordVPN stated they were in Nicosia, Cyprus. If they have a shell company in Panama, but offices in Cyprus, what jurisdiction would they really fall under?

Everyone Loves Images In a Webpage

This gives you a visual idea of how a VPN might help protect you.

0

Recent Posts

Recent Comments