Every few days we are seeing reports of hack attacks on companies leaving hundreds if not thousands of people’s private data in the open.
Whilst we can do little to stop such attacks we can protect what information others see whilst we are online, it doesn’t matter if it’s Facebook, Twitter or banking we risk exposing our personal details online every time we go online.
With most information stored on sites like Facebook it is easy to access other personal details like banking etc. Whilst we are at risk of being attacked when on our own wifi we are at even more risk on public wifi.
More and more places offer free wifi such as Costa, Starbucks, Tesco, Walmart heck even my local village offers free wifi.
A VPN creates a nice layer of security protecting you, there are hundreds around but one of the best I’ve found is able to cover you no matter if your on a Pc/Mac or mobile device and stores very little data about you.
Many people think $6.95 a month is a lot to pay however what they don’t know is that purchasing a yearly subscription brings the price down to $3.33 which is less than coffee these days.
We recommend PIA (Private Internet Access) I’ve used it for the past 2 years and it’s amazing, you can pay in many ways including using gift cards to help you stay anonymous, why not check it out from here.
1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?
2. Under what jurisdiction(s) does your company operate?
3. What tools are used to monitor and mitigate abuse of your service?
4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users?
5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled?
6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened?
7. Does your company have a warrant canary or a similar solution to alert customers to gag orders?
8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?
9. Which payment systems do you use and how are these linked to individual user accounts?
10. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?
11. Do you use your own DNS servers? (if not, which servers do you use?)
12. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located?
1. We do not log, period. This includes, but is not limited to, any traffic data, DNS data or meta (session) data. Privacy IS our policy.
2. We choose to operate in the US in order to provide no logging service, as there is no mandatory data retention law in the US. Additionally, our beloved clients are given access to some of the strongest consumer protection laws, and thus, are able to purchase with confidence.
3. We do not monitor our users, period. That said, we have a proprietary system in place to help mitigate abuse.
4. We utilize SendGrid as an external mailing system and encourage users to create an anonymous e-mail when signing up depending on their adversarial risk level. Our support system is in-house as we utilize Kayako.
5. We have a proprietary system in place that allows us to comply in full with DMCA takedown notices without disrupting our users’ privacy. Because we do not log our users’ activities in order to protect and respect their privacy, we are unable to identify particular users that may be infringing the lawful copyrights of others.
6. We do not log and therefore are unable to provide information about any users of our service. We have not, to date, been served with a valid court order that has required us to provide something we do not have.
7. We do not have a warrant canary in place at this time as the concept of a warrant canary is, in fact, flawed at this time, or in other words, is “security theater.”
8. We do not attempt to filter, monitor, censor or interfere in our users’ activity in any way, shape or form. BitTorrent is, by definition, allowed.
9. We utilize a variety of payment systems including, but not limited to, PayPal, Stripe, Amazon, Google, Bitcoin, Stellar, CashU, Ripple, Most Major Store Bought Gift card, PIA Gift cards (available in retail stores for “cash”), and more. We utilize a hashing system to keep track of payments and credit them properly while ensuring the strongest levels of privacy for our users.
10. The most secure VPN connection and encryption algorithm that we would recommend to our users would be our suite of AES-256, RSA 4096 and SHA1 or 256. However, AES-128 should still be considered quite safe. For users of Private Internet Access specifically, we offer addon tools to help ensure our beloved clients’ privacies including:
– Kill Switch : Ensures that traffic is only routed through the VPN such that if the VPN connection is unexpectedly terminated, the traffic would simply not be routed.
– IPv6 Leak Protection : Protects clients from websites which may include IPv6 embeds which could leak IPv6 IP information.
– DNS Leak Protection : This is built in and ensures that DNS requests are made through the VPN on a safe, private no-log DNS daemon.
– Shared IP System : We mix clients’ traffic with many clients’ traffic through the use of an anonymous shared-IP system ensuring that our users blend in with the crowd.
11. We are currently using our own DNS caching.
12. We utilize third party datacenters that are operated by trusted friends and, now, business partners who we have met and completed our due diligence on. Our servers are located in: USA, Canada, UK, Switzerland, Amsterdam, Sweden, Paris, Germany, Romania, Hong Kong, Israel, Australia and Japan. We have over 2,000 servers deployed at the time of writing with over 1,000 in manufacture/shipment at this time.