just thought I’d put this out there
https://www.datacenterdynamics.com/news/nordvpn-cuts-ties-data-center-after-security-breach/
and from a different persp
https://restoreprivacy.com/nordvpn-hack/
1 Like
i’ve been using PIA for quite some time and have found them to be one of the few that accept gift card (anonymous payments) you pay cash for your gift card from walmart then link it to a free anonymous encrypted email service such as tutanota. PIA is very good with linux as well which i recommend with PIA if your wishing to not be mistreated.
If you are really serious about your privacy, I actually wouldn’t recommend any third-party VPN service at all, as a VPN will not make you anynonmous on the internet and you can also never ever be 100% sure that the integrity of your traffic and data is sustained when being handled by third parties where you have no control at all over their infrastructures. If using a third party VPN, you only have their word that e.g they won’t log your traffic etc. As shown by @Carlos such data leaks even happen at “renowned” VPN providers like NordVPN. Also, you can never be sure that their services aren’t backdoored nor have fixes for latest security vulnerabilites installed. If you want to read further, here’s an article: https://www.vpnmentor.com/blog/vpn-leaks-found-3-major-vpns-3-tested/
If you really want to protect your privacy while surfing the internet, I’d recommend you using the Tor Browser, which maybe is a bit slower than a conventional VPN, but will definitely give you some anonymity. Maybe also use a local VPN like AFWall+ or Netguard to block any tracker/ads on a system level before DNS requests even get resolved.
3 Likes
@exyna Even if what you said is true, it can’t be applied.
We have to distinguished two common use of the internet : inside a webrowser and outside a webrowser.
Inside, yes you can use the TOR network with Tor Browser (if all HTTP requests are blocked by HTTPS everywhere because those requests will be in clear text from the exit node) but a lot of common website blacklists IP adress of all exit nodes, so you can’t visit them.
Outside a webrowser (so the system and every applications on a smartphone, tablet and laptop), it’s a really bad idea to use Orbot in order to use the TOR network for every connection since, as I said, every HTTP request will be in clear text from the exit node. And of course it’s slower so watching a video in good quality won’t be easy.
The VPN is a good in between. But yes you have to trust almost blindly a third party.
1 Like
@exyna While it’s true that better to be careful with VPN services as many of them are not trustworthy. However it’s not true that “you only have their word that e.g. they won’t log your traffic etc.”
Serious providers do have regular third party audits, confirming that their statements aren’t hollow marketing blabla. The other thing is that in the past some VPN services did reveal themselves as definitely untrustworthy providing user’s data to certain authorities (it’s not about the fact that they did that but about having that data in their hand).
Also, one may not forget that tor can be used over VPN too. Linus Torvalds mentioned once, OpenVPN code is a mess while Wireguard looks better. There is a reason why China and Russia try to ban using VPNs. They still provide a good protection if used in the proper way.
1 Like
You are right that when using HTTP connections, it’s a real security issue as login data etc. can be sniffed by a compromised exit node. However, that also applies for HTTP connections outside Tor, for example for highjacked Wifi access points etc. But the risk of possible sniffing may be higher when browsing with Tor, thats true. You could still block any non-encrypted connections on a system level though - it’s another question if this is practical and can be done without restricting the functionality of an app.
Nevertheless, starting with Android 9, Apps MUST use TLS connections - cleartext requests have to be specially approved (see https://android-developers.googleblog.com/2018/04/protecting-users-with-tls-by-default-in.html ). If /e/ OS is fully based on Android 9, I see no reason why one shouldn’t use Tor on a system-wide level (except for speed reasons). Please correct me if I’m wrong here - just my own explanation of the cause with my current knowledge base.
I’m not saying one should not use Tor. I’m just saying that VPNs are useful too and some of the services are good (some of them unfortunately not so good). Sometimes it’s better to have a connection over a VPN (e.g. to avoid captchas or have a faster connection). For other use-cases Tor is more suitable. I cannot say how it is on a system wide level as I did not test it yet, but that sounds like a good idea (or even in combination with a VPN (vpn+tor), which might draw less attention as using Tor alone).
Thank you for the link, I didn’t know about that.
Then yes maybe Orbot can be system wide in this case. (It depends which TLS version is used though). Two issues remaining : the speed and servers blocking TOR exit nodes’ IP address (it can happen with a VPN too but it’s much less frequent).
In conclusion : do as it fits you the best 
Being the one who started this topic I thought people might be interested what all my research concluded.
-
Almost all the VPN apps for the phone have trackers (as per Exodus). OpenVPN being one of the very few exceptions.
-
Depending on circumstances a VPN can provide little benefit for privacy and in some cases even reduces privacy as it concentrates the traffic to a node which becomes more interesting for governments to monitor
-
Using Tor gives a much higher probability of being monitored than just being “one of the crowd”
I ended up not using a VPN but relying on sensible practices when using internet connections.
“Almost all the VPN apps for the phone have trackers (as per Exodus). OpenVPN being one of the very few exceptions.”
- There are many VPN apps without trackers like eddie airvpn, torguard, mullvad, vpn by pia, hoxx and so on. Just a short search brings up over a dozen VPN apps without trackers (and there are even more).
“Depending on circumstances a VPN can provide little benefit for privacy and in some cases even reduces privacy as it concentrates the traffic to a node which becomes more interesting for governments to monitor”
- This is simply not true if someone understands what a vpn is and how to use it. Or how would someone decide which vpn server to monitor if I can choose out of dozens (often hundreds) of servers I can connect and change any time? I can even connect to a vpn server, while set an other proxy server in the browser (as some services have their servers also proxied), which makes the browser traffic coming from a different server. Also, one vpn server is used by many users at the same time.
“Using Tor gives a much higher probability of being monitored than just being “one of the crowd””
- You can connect to a vpn server first and use Tor that way. Otherwise you are monitored anyway 24/7. The question is what they (ISPs, agencies, criminals, etc.) can “see” and collect. In case you don’t use a secure messenger, don’t use encrypted emails, surf with your ISPs IP everywhere (instead of using Tor or a VPN), don’t use a secure browser with the right add-ons - well, in this case your data is not your data anymore, because you have no protection at all.
I personally do prefer to have different layers of protection, which consists of using VPN services and Tor. On the internet either you protect your data or you’re lost, because nobody else will.
When I did my searching some months ago, I found (from memory) just 4 apps and those who use things like OpenVPN. Of course I avoided VPNs who log/track, so that may account for most of the difference. Also as privacy becomes more important more apps will be available, for example when I looked Mullvad did not have an app.
True, but many don’t. I was looking for both myself and my family so a range of levels, and my comment is based on this (hence the “depending on circumstances”)
That is where fingerprinting is used. I am surprised how good it has become. At work there are >100 computers all going out on the same single IP address. On my system I use 2 browsers one for normal use, and one for “less private use” like accessing Google Maps. I can find an address on the first browser, close that browser, open the “less private” browser and most times it is enough to just type part of the number of the address into Google Maps for the full address to be displayed, even for places in different countries.
More than you think…much more.
1 Like
Hello,
NordVPN lost some technical information during a physical hacking…
I have used a variety of VPN’s without any issues.
I am a linux user which helps.
I have found though to steer clear of any apps that the vpn companies offer
Yeah this makes set up easy but that is where your trackers lay in wait to capture your traffic.
I always set up any VPN on android using the latest openvpn (old habit from Linux) . not “openvpn connect” but the real “Openvpn” app,
yeah it might take a good 10 minutes of messing around the first time you do it but no trackers.
a clean free access to the internet. plus there are so many more options within openvpn to control your apps individually.
have fun
2 Likes
Nowdays Wireguard is considered to be better than OpenVPN. Wireguard also has an app on android, if someone tries to avoid using the apps directly from the VPN services.
I know this is a little bit old but I just came across an article about NordVPN being hacked in March 2018. The official statement came out on October 21 2018.
https://www.siliconrepublic.com/enterprise/nordvpn-data-centres-hacked-private-browsing
Thanks for this. I did read about it about a week ago, and now I’m considering switching to another VPN…
I tried ProtonVPN and couldn’t find anything wrong.
But if someone with more expertise on the matter could add some info, would be nice.
I don’t understand people who want to quit NordVPN just after reading those news.
This little hack could have happened to any VPN (and any service in general).
Actually I think this is a good thing because now NordVPN will do anything to catch up that mistake and their reputation, which will increase the security.
1 Like
@anonyme yes you’re right. I am far too busy to search for alternatives, so for now I’ll stay with NVPN!
1 Like