ProtonVPN (operated from Switzerland) claims[1]: "Our security team has also identified at least one VPN service which is working on behalf of a state surveillance agency."
If I had to guess, it would be PIA: the most popular, the most accessible, and the most affordable US-based VPN.
When a VPN is run by NSA, of course it will stand up in all courts. How would a state surveillance agency let its tool be so publicly destroyed? And it doesn't have to keep any logs at all. They can just be forwarded in real-time, based on a set of filters and rules ("URLs that are requested by <IP>", "IPs that are requesting <URL>").
Honest question: Is there any reason to believe that PIA is a US intel operation vs, say a Russian one? I ask because my main privacy concern is state sponsored industrial espionage. I have often thought that if I wanted to gather kompromat on high level professionals, I would probably start an "anonymous" VPN service to further that effort. Say what you will about the NSA, but I am not worried about them in that space.
> Honest question: Is there any reason to believe that PIA is a US intel operation vs, say a Russian one?
I would also like to know the motivation for a US intel agency to want to run a VPN. It seems to me like it wouldn't be worth the bother: VPNs aren't illegal in the US, so it would be too hard to convince everyone to use theirs. Spies, etc. could just use private ones they control. They'd just see a bunch of crap from unsophisticated people.
Seems to me like it would be more likely for US law enforcement to want to do something like that, but I'm skeptical they have the resources.
if you're a spy using it to hide your identity from websites when you visit, it would be good for your VPN to have a mix of normal activity and spy activity. If you run your own, it's going to have a weird pattern of traffic that might stand out to a website with decent analytics.
> ProtonVPN (operated from Switzerland) claims[1]: "Our security team has also identified at least one VPN service which is working on behalf of a state surveillance agency."
> If I had to guess, it would be PIA: the most popular, the most accessible, and the most affordable US-based VPN.
If I had to guess, the state surveillance agency-run VPN would be one that's still accessible from China. I understand (but I could be wrong) there are still a few that manage to evade the blocks and provide good service despite all the crackdowns. Chinese state security has many more reasons to want to watch domestic VPN traffic than the US does. Their motivation is proven by the fact that they've spent the effort to build and maintain the "Great Firewall," and crack down on VPNs that bypass it.
It would be reasonably clever for the Chinese to crack down on all the VPNs that they don't control, funneling all the "illicit" traffic to the few VPNs they do control. It would make spying, monitoring dissidents, etc. much easier for them.
The NSA and other US intelligence agencies probably don't care very much about anyone that's dumb enough to need to use public VPN. Seems like the only people who would care in the US are domestic law enforcement, like the FBI.
We're not ready to name names at this point, but you're actually correct. If one looks closely at what China lets through the Great Firewall in terms of the major VPN providers, there is something that stands out.
In addition to the redacting the above comment, we deleted several comments below by request of their authors. My understanding is that the dispute has been resolved and that the allegations are retracted.
You aren't doing much in terms of brand ambassadorship for PIA by muck raking and bickering with a competitor. It's quite petty. The comment about PIA wasn't put forth by ProtonVPN. They clarified the discrepancy you raised and did so in a civil manner.
I wasn't that familiar with your company before today but I can tell you that I won't be a customer at any time in the future based on your comments.
ProtonMail team here. None of the above is correct. ProtonVPN is developed, operated and 100% owned by Proton Technologies AG, the Swiss company that also operates ProtonMail. This can be verified in the Swiss commercial registry, which also lists all our directors:
http://ge.ch/hrcintapp/externalCompanyReport.action?companyO...
I wasn't aware that ProtonVPN was not run by ProtonMail, even though I happen to be from Vilnius, Lithuania myself and even have a close friend working at Tesonet. If this is true, that makes me question how much anything branded Proton* can be trusted in general.
ProtonMail team here. The above is not correct. ProtonVPN is developed and operated by ProtonMail. However, it exists as a separate legal entity for security reasons. This is to avoid ProtonMail getting banned in jurisdictions where VPNs are illegal. An example is China where ProtonVPN is banned, but ProtonMail is permitted. Had they been the same company, both would have been banned together. So from the legal standpoint, we put as much separation as possible between ProtonMail and ProtonVPN.
Like ProtonMail, the ProtonVPN team is distributed, split between Geneva, Skopje, Vilnius, and San Francisco. Tesonet (one of the biggest IT firms in Vilnius) was previously used as outsourced HR before we incorporated our own entity in Vilnius. We have similar arrangements for our staff in San Francisco, Prague, and Skopje. The above poster's intentions are a bit suspect, given that he's the co-founder of PIA...
> Tesonet was previously used as outsourced HR before we incorporated our own entity in Vilnius
But your entity's business address in Lithuania is still Tesonet's HQ. And Tesonet runs the entire technical infrastructure needed for a VPN service. So, are you partners or competitors?
The problem is that, without a publicized investigation, there is absolutely no way for users to verify no-logging claims by VPN providers. The same is so for Tor relays. And Tor deals with that by using three-relays circuits. In order to connect users with online activity, adversaries would need access to logs from multiple relays.
One can do the same, albeit more crudely, using nested VPN chains. It's quite easy, using pfSense VMs as VPN gateways.
> It's quite easy, using pfSense VMs as VPN gateways.
One privacy tool that I'd like to see is a program that takes a .ovpn file and user credentials and outputs a pfSense config file which the user just has to import.
Following a guide like yours is quite a bit of work and somewhat error prone. Few users will be able and willing to do that.
This is available within pfSesne. There is a package called openvpn-client-export that exports the pfSense config to .ovpn and a number of other config/packages.
I agree that it's tedious and error-prone. Perhaps someone could automate it. But that's over my head.
There is the argument that, in doing the setup manually, users come to understand what they're doing. But yes, it seems that most are put off by it all.
I've freelanced with IVPN for five years. IVPN was "[f]ounded in 2009 by a group of security professionals at the prestigious Information Security Group at the University of London (Royal Holloway)".[0] In my experience, their CEO Nick Pestell is fundamentally a privacy activist.
Nothing has any defence against global traffic analysis.
Tor still does better than anything else. I don't think it's worth scaring people away from using Tor, because whatever else they'd be using instead is certainly worse.
EDIT: Parent comment originally said words to the effect of "Reminder that Tor has no defence against global traffic analysis".
> Nothing has any defence against global traffic analysis.
It's possible to guard against global traffic analysis by establishing permanent fixed-bandwidth links between each node and sending traffic along them even when they aren't assigned to a circuit (or the circuit is idle). Then there is nothing to passively analyze because the amount of traffic between each node is always the same.
The problem is that this consumes a very large amount of bandwidth.
If you instead ask yourself "how many Tor nodes are out there"[1], and then ask yourself "what is the NSA's annual budget"[2], the concept of a global active adversary makes me a bit nervous.
The scary thing about a global passive adversary is that the attack is undetectable. Active attacks are harder to defend against but they're also harder to keep secret.
I think you're referring to traffic analysis for protocol identification, which is something else entirely, and Tor handles that as well. Resisting protocol identification can be done very efficiently -- you basically get the same information theoretical efficiency as the protocol you're mimicking does, and the primary failure mode is to not be mimicking it completely accurately. It's theoretically possible to mimic the target protocol perfectly, and each time someone finds a way to distinguish them is one step closer to there not being any more ways left.
Resisting global traffic analysis for the purposes of deanonymization is not so easy. The issue is that if every time Alice sends ~476MB of traffic, Bob promptly receives ~476MB of traffic, it's not hard to deduce that Alice is talking to Bob. To fix that, the amount and timing of the traffic Bob receives needs to be independent of the traffic Alice is sending him. Which is possible but inherently comes at an efficiency cost.
Well, first thing, you don't send many MB directly to someone. You put it on a Tor onion file-share site, and PM the link via Tor. Unless your adversary is lucky enough to pwn the guard for that onion site, they can't even see the correlation.
I can imagine a global passive adversary that could log all Internet traffic, and make it searchable. The NSA can somewhat do that. But even the NSA can't retain everything for more than a few days, if even that. So even retaining necessary data for a match would be a stretch. Let alone having the processing power needed to do the matching.
> Unless your adversary is lucky enough to pwn the guard for that onion site, they can't even see the correlation.
We're talking about an attacker that can see every byte going over the wire, encrypted or not it's still able to measure the volume of data itself.
> Well, first thing, you don't send many MB directly to someone. You put it on a Tor onion file-share site, and PM the link via Tor.
In that example the attacker wants to determine the location/IP of the hidden service itself. It's pretty well known that high traffic / volume hidden services are some of the easiest targets for global traffic analysis.
> I can imagine a global passive adversary that could log all Internet traffic, and make it searchable. The NSA can somewhat do that.
They don't have to log the data itself simply the meta data and in specific the volume of data sent between vertices in the graph. Various agencies have openly admitted they keep this information and it's not considered "protected" in their view.
This is simply a graph analysis problem, similar to how Bitcoin is pseudo-anonymous unless you use specific methods that aren't built into the core protocol.
Sure, the NSA can arguably see every byte on every wire. But that wouldn't do them much good, unless they knew what to compare with what, over what time period. But OK, say that they had the processing power to compare every traffic stream with every other traffic stream, with time offset up to a week or so. That still wouldn't tell them whether Mirimir had shared something with someone else. Because we'd all be using Tor.
And about onion file-sharing sites. With OnionShare, you can create a site just for that transfer.
What you're describing is equivalent to a dead drop, which is an old school anonymity method. It's not that it doesn't work, it's that it's completely independent of Tor and it doesn't work in all the contexts where Tor is supposed to work.
If Alice uploads the file and Bob downloads it immediately then you haven't gained anything. Bob has to wait some time for it to work, which means you didn't actually need a low-latency anonymity network to begin with. You can't use it for things that actually need real-time communication, like for live streaming or anything interactive.
True. But Tor is the large anonymity network that we have. I2P is cool, but it's too small. For high latency, perhaps Mixmaster remailers via alt.anonymous.messages is still workable. Last I checked, there was a Tor onion news server.
I agree about unworkability for real-time communication. But there, you want to keep messages small. And use padding. Trying to make live streaming anonymous is nontrivial.
I don't personally know anything about i2p but my spidey senses suggest that until it becomes about as widely-used as Tor, it's not going to have as good an anonymisation factor as Tor.
I mean, if only 100 people use I2P, and some traffic has gone over I2P, you can quite easily narrow it down to the set of 100 people.
Also problematic is that from my understanding i2p is not used by any honest actors, since it doesn't have clearnet access. Tor is used by lots of people for honest things or at least less-than-completely-shady things like getting around IP blocks or geo-fencing whereas i2p is used exclusively for people that require perfect privacy for their communications.
The US has some of the laxest data retention and filtering laws in the world. Especially compared to most European countries. Mullvad is based in Sweden which has much more strict data retention and filtering requirements for ISPs than in the US and the government has already expressed a desire to expand these to VPN providers.
And as the Snowden leaks have shown being located outside the US is not even a speed bump to the NSA being able to access your communications.
I understand your point, but I believe in this case it doesn't apply necessarily because Sweden/Europe are only concerned with privacy related data.
Mullvad gets around this by not storing customer information. As others have pointed out, your "account" is just a long number. You top it up any way you want (including sending cash in an envelope if you are truly paranoid).
So I do believe that it stands a better chance of being fully anonymous & private than a US counterpart.
Mullvad allows for cash in mail payment.
They also don't really have accounts in the traditional sense.
Just a long account number that is associated with the payments.
Really ticks all the boxes for me.
I know PIA likes to talk a big game here but I didn't see anything in your link that would instill overwhelming confidence in their marketing claims. Specifically:
If you click on the Almanac News source in your link, it states:
>"John Allan Arsenault, general counsel for London Trust Media, a VPN company, testified about how many VPN companies, including his, intentionally don’t retain logs of internet activity of their clients so that they cannot be produced in response to subpoenas from law enforcement or others."
Note it doesn't say they don't log only that they don't retain them. So it's quite possible that the subpoena process simply lagged behind the log retention window. Also the claim in only for "internet activity" and nowhere do we see that defined. Does that include client authentication?
Then article then goes on to state:
>"Arsenault said he could not find any record of Ross Colby subscribing to the VPN service when he searched using Ross Colby’s two known email addresses, which he received from law enforcement."
Could not find is not the same thing as there was nothing to search.
I'm not sure why you are providing that second link as proof that they don't log. That is just a link to the same story being discussed here and the same one I am quoting in my comment.
Also the first link continues its insistence on using the phrase "user activity" logging. That's a rather nebulous term. Nowhere is "user activity" defined and it's certainly not a term that meaning in the context of syslog/journald. Does "user activity" logging preclude RADIUS authentication?
And nobody has any way of knowing if this is actually true do they? There is no independent third-party verification of your assertions is there? So why not commission such an audit then. Why not make actual verification your distinguishing characteristic then?
I am also very curious how support and operations troubleshoot client issues in the absence of any logging.
No, health inspections are instaneous spots checks. Audits are far more extensive and look at historicals. This is how nearly all audits work - financial audits, tax audits, compliance audits etc. They are not the same at all.
Furthermore an independent audit is still far more credible than believing something is true simply "because the CEO said so."
What I also like about PIA is their continued support of Open Source projects. I have been a PIA customer for a while now and will remain for the time to come.
