Trilight Zone

trilight · Site Admin Joined: 17 Jul 2005 Posts: 47

Dear All,

We would like to dedicate this article to point out some important
differences between us and many privacy providers. I'm one of the staff
here who from time to time looks around at all the beautiful and sky is
the limit promises many privacy providers are making on their site. It
is, to be honest, sometimes an insult to the community and people who
take this business serious to see many privacy providers write impossible
"facts". We've spent already a considerable time of our lives in this world
and the used technologies so it is easy to recognize the charlatans and
the real thing. We've decided not to name any provider by name, but just
to educate unknowing people to make the right choice, we believe this
is fair enough and gives those specific providers chance to do
something the right way.

Where o Where

Some of the few providers, we saw, which do state only good facts in the
right context are sadly enough located in countries, like the u.s/uk,
where privacy means nothing and can usually be forced to cooperate
with agencies without a subpoena directed to them or their
network provider. They and their clients are basically sitting ducks
since they state they log their clients and all the info needed to
"visit" them is also public to the world.

Some of the so called major privacy providers boast and lean only on the
amount of servers they have and try to lure people in with free software.
After we've analysed such claims the following can be concluded for the
majority of them;

- Most of their servers are all located in the u.s/uk, the sole reason for
this is the cheap price and hope that the average joe from those countries
will close his eyes and be happy with the bandwidth. Some already have a
history where they handover logs to agencies on a fingersnap. What really
should ring an alarm is that one of them went down together with all their
servers for 24-48 hours, everything went black. When they came back they
never gave a reason for it nor did their support replied to people asking
what happened. This can only mean one thing...

- Does free software replace privacy ? It doesn't, it would be a mistake to
fall for any service just because they give you free software in a world
which is flooded by good free software already.

- All their servers are tagged, they use recognizable domains which all lead
back to their service. It is easy for anyone to filter their servers making
it impossible for people to access their wished destinations like a forum,
blog, wikipage and so on. They don't bother giving a hard time to those who
want to censor people based on their ip/domain.

- Most VPN only providers offer vpn services based on the insecure PPTP
protocol. Despite changes and fixes made by microsoft to reenforce it it is
still not safe to rely on. You can google for this and find many reliable
sources which did an analysis of this protocol and point out how weak it is
to use. We've chose not to offer such protocol, it would be against our
principles which are still on the first place.

- Most providers only have one or a couple of servers available and on top
of that they're located all in the same country. If they or their servers go
down then they have no alternatives or ways to survive any damage and
still cover their clients.

- Some claim they keep logs for 5 days and that a subpoena takes
much longer to reach them thus no logs will exist by the time it's there.
Do you want to bet your life and privacy on this ?

- We didn't yet encounter a provider which encrypts a major part of their
harddrives so even if a server is taken unlawfully it would not make a
difference. Although we're the only ones who do this, it would be good if
more providers started to add extra security.

- The claims made by especially one provider are so hilarious that any one
who knows how the IP protocol and on top tcp/udp (and more) works would
burst in tears of laughing. They write like if they invented the holy grail
while it is normal operation since countless years by default. Claiming they
basically invented it to protect you from man in the middle attacks.

- Some providers claim a 100 % uptime. The way they explain this is by
saying they have for example 5 servers and since there are always 3 servers
up it while for example 2 are down it is called 100 % uptime. Should we say
more ?

- Again a certain or probably more providers claim that in Panama they
are 100 % safe so clients can store all their data there. They forget
to mention that Panama has various treaties which make it nothing
special. It is better to use alternatives and more security than to rely
on an exotic country to lure people in.

- A specific provider also claims that their normal VPN blocks popups.
We can only smile about this and hope the guy who wrote it still
works there.

- Again a certain provider says the competition logs while at the same time
they admit they log too, for 5 days !

Last but not last...

- Almost ALL claim that you are 100 % protected against hackers,
thieves and even earthquakes, figurely speaking. When it comes to
your privacy and security it is important to also educate yourself, keep
your eyes open and take care of your own environment on top of any
service. What they claim is like saying if you buy our seatbelt for your
car then you can drive and when a wall tries to stop your car you'll be
just fine and safe...

Conclusion

Much more can be concluded but we hope this makes enough sense to make
the right call. We mean with the right call that you do not
automatically choose our service but to objectively make the right
choice fitting your needs.

This article is written and sent to several of our partners who do take your
privacy serious. They're allowed to publish it and spread it to people who
need to make the right call for themselves.

Privacy Group PT2
=================
=================