Which VPN Can You Trust? + Howto: Check ...

Which VPN Can You Trust? + Howto: Check For MITM In Browser

Oct 16, 2021

[ UPDATED 09.17.2024 : Updated fingerprints at bottom to help readers verify mitm.

2023: Added more information / stories; I offer honest advice to help others make the best decision for themselves and their unique situation.

If you can Support content like this, options on homepage / below.

[ membership ]

[ 💻 buy coreboot laptop (Linux or Qubes, intel management engine disabled) ]


DISCLAIMER: I'm not against VPN's at all. I want everyone following here to be informed to make safe decisions for their unique use case. And to realize it's not a small decision to choose a VPN.

Some of this partly commentary. Should not be considered a claim for or against any said subject / company.

Goal here is use real-world events to help users better understand and recognize hypothetical issues, on the internet.


VPN: TRANSFER ISP DATA TO ANOTHER PRIVATE COMPANY?

Main point to keep in mind, when considering (whether one does or does not need) a VPN: by using one, you agree to transfer ISP collected data over to (another) private company. This requires trust.

Something to keep in mind.

Placing them in ideal position for the snoop. Doesn't mean they all do this. There are (few) providers accepting anonymous payments - they do exist (a sign you may be able to trust them more not to want your identity). Still, even then, one has to realize: if direct connecting: they have home IP / data, if they choose to collect it.


Rule For VPN Choice Is Simple:

Only use VPN / host you trust more than your ISP. This also goes for all forms of VPN / single hop proxy.

I word it this way because there are aggressive marketing campaigns to make everyone think they need x named VPN.

Not against VPN's at all. Just want others to understand, servers / ownership can change any day of the week.


Be Cautious Following Advice Based On Sponsorship

In a world where "data is oil", always a good idea to do opposition research before making big decisions regarding sensitive data -- seek out negative coverage on prospective providers, to find more balance. This will help you make a more informed decision.

Many channels make recommendations for specific hosting / VPN providers (part of sponsorship). They may offer great advice on all other topics -- this is where you need to be careful: where sponsorship is involved, it may not be their very best advice (but hey: it still could be good advice!).


None of this means sponsored advice = bad recommendations: not what I'm saying at all;

This happens to be a topic (VPN) where I have (at times, not always) seen normally reliable channels offer subpar advice (or at least forgetting to share "risks") regarding sponsors;

My point is: no VPN solves all problems (even if otherwise perfect).

if concerned: find a second opinion (again: look for critical views / stories on said provider).

(VPN server takes the place of ISP for data transfer - choose wisely)


💡 TIP: For those needing at any moment the most possible private / anonymous experience, 🧅 Tor / 🧄 I2P both greatly exceed any VPN on multiple levels: by stripping away the personal account identity / originating IP, automating addition of multiple layers of connection nodes, which are additionally decentralized (ie: each node ideally / by design different ownership).


Of course, it is well understood Tor / I2P are not fast enough for all network activities (such as gaming / ultra HD streaming). This is where you may like another option.

A VPN could be the answer, depending what you are attempting to protect.


Using Any Of The Following VPN's (and likely more)?:

  • ExpressVPN

  • PIA (Private Internet Access) VPN

  • Zenmate VPN

  • Cyberghost VPN

SUMMARY: If you use one of the above, you should be aware of recent events and what this may mean for you and other VPN's. Video covers some history behind the people who made the buyout.

Below this I will post additional information relating to the case (not found in the video), and howto: check for an active MITM (Man In The Middle Attacks).

Over $1 Billion was spent buying the above VPN's. These purchases were made by a single entity: Kape Technologies. Kape Tech bought several VPN review websites to secure VPN reputations, during same time period.

First thing to mind is the Billion dollar purchase. ExpressVPN held 2 million active users and yet, by itself came to a cost of over $934 million.

How many VPN subscription months will it take to make the break even money:
$934 million?

Let's find out:

At 15 month special rate of $6.67/month, it will take 140,092,995.35 months sold to make the money back on a 15 month subscription model.

Possible? Absolutely.

(Ex: In fact if the 2,000,000 users were to reasonably buy 5 years subscription each, this would bring a return on their investment)

Does this $934million sale (price) for a single VPN company make sense to you?

There is still a possibility some decided to use their specialized knowledge to create a uniquely private VPN experience (ie: lacking certain metadata in transit). Certainly possible.

At least, I'd certainly like to think so.

Time to dig deeper.


Kape Technologies (owner) prior experience was in a company called Crossrider. A company with a concerning past in data collection, malware and browser hijacking... and previously connected to highly specialized Israeli surveillance units. Surveillance/malware has become big business in Israel (ex: think Pegasus).


CROSSRIDER

Facts about Crossrider:

  • The owner was in the Panama Papers.

  • Crossrider pled guilty to illegal hacking.

  • Crossrider sold hacking/malware to the UAE (United Arab Emrites) to track dissidents and Human Rights Activists.


If you haven't done so already, see the latest (Public) video for more (and even more important follower information below that):

https://youtu.be/_NgdKh1qkdo

Earlier in life billionaire owner Segi was part of an elite Signals Intel group called Unit 8200: a highly specialized IDF unit. The most elite in the Israeli military (equivalent to NSA).

There are additional connections not mentioned on the above public video: Crossrider is reminiscent to the background carried by creators of a previous root certificate scandal, which came preinstalled on Lenovo laptops over a period of years (several million affected), causing US gov to ban Lenovo use internally (Superfish).


Superfish scandal covered on Bitchute (suggested watch):
https://www.bitchute.com/video/HjDrBrqffhZn/


STATEMENT: USE CAUTION WITH VPN'S

I do want to note, companies like PIA (Private Internet Access) have had a 'clean record' prior to major buyout. There is no evidence of misuse at this time (to be fair).

In fact they sponsored (2017) an audit of open source encryption library libsodium. You can read that here. This was an important step in testing the crypto library (used by Tox).

The audit was performed by Dr Matthew Green of Johns Hopkins Crypto Dept. Still considered valid. Read the audit here.

Since then, ownership has changed, and we can't be sure of trustworthiness. Due to history of owners prior involvement in malware, I can not vouch for any of the listed VPN's on this page at this time.


SUPERFISH

The Superfish scandal, an example to learn from. Superfish integrated persistent malware, preinstalling root certificates/pseudo cert authorities into Lenovo laptops: allowing 'breaks' in the encryption for *all https websites (visited on the sold Lenovo laptops). All the while Lenovo user's browser situation appears entirely secure (due to the pseudo cert authority/root cert).


The figures behind Superfish and Crossrider held a similar background:

  • Superfish was started by an IDF Core Intelligence Programmer (according to Forbes) specializing in image recognition (combined with https breaking opens up possibilities)

  • Crossrider was run by a former Unit 8200 member

Plausible deniability could have been used in this case (hypothetically), as cover for Superfish by the explained creation of https breakage as a"parental control" application (Komodia). By offering to potential discoverers https breaking malware being part of a separate"Parental Controls" software (offering parents a way to check what https sites their kids were looking at), they could easily escape any real responsibility from its discovery... (Still doesn't explain the Windows based rootkit).

Under this theme Superfish holds an air of "legitimacy."

Persistent malware/covert data collection may (or may not) use ad injection companies as a form of cover. Allowing for unlimited data collection/sharing without arousing suspicion.


See video below covering Superfish:

https://www.bitchute.com/video/HjDrBrqffhZn/

We are in a time where private/personal data collection specialists create startups. Another reason to be more aware of the software we decide to try.


STORIES: VPN PROVIDERS WHO LEAKED DATA (UPDATED)

Some providers advertising "no logs" have been found to be leaking just that. Even reselling that personal user data.

CASE INCLUDES:

  • full name

  • user passwords

  • email addresses

  • home addresses

  • stored activity in logs (while advertising "no logs")

ABOVE IMAGE CONCERNS STORY ON

  • UFO VPN

  • FAST VPN

  • FREE VPN

  • FLASH VPN

  • SECURE VPN

  • RABBIT VPN


(source)


PureVPN

Another case where PureVPN was found to log user / s in Court documents:

(source)


DETECT MITM IN THE BROWSER (MAN IN THE MIDDLE ATTACKS)

Any connection can be vulnerable to a MITM attack, dependent on a few variables including unknown persistent malware. If you want to check for an active MITM attack, follow steps below:

  • Visit one of the domains in the list below.

  • Click the 'padlock' at top of your browser tab opened to one of the domains.

  • Select "More Information"-> "Security" -> "View Cert" to take a look at the https certificate and associated fingerprints (see screenshot below).

  • Here you can match (or not) the fingerprints again the list below.

  • Make sure the fingerprints match exactly

  • If the fingerprint matches, you are safe!

  • If the fingerprint in question doesn't match, leave a comment below and let's talk about solutions!


FINGERPRINT LIST (SHA-1) - (*BE SURE TO CHECK AGAINST SHA-1*)

www.facebook.com: -> A6:EB:24:DD:FE:BD:5C:59:D6:5A:A1:DB:46:E9:30:93:EA:A4:51:D6
(SHA-1) x.com -> 8C:E6:57:50:05:33:5F:42:28:51:36:95:92:0E:D9:95:95:41:92:6F
(SHA-1) www.google.com -> 97:72:B0:50:D3:11:5A:F7:A4:3E:14:43:9B:9B:DA:05:44:40:58:1C


Thanks for reading and a BIG thank you to those who Support this kind of work (by sharing this, commenting, liking). :) Thanks everyone following.


Thoughts, comments and questions welcome.


😀 Thank you for Sharing this (Telegram/Social media + everywhere).

----------------------------------------------------------------------
🧅🔐 ANONYMOUS GITEA (.onion): Books, Code/Scripts, Wiki, more (make a repository)
🧅🔐 PASTEBIN (.onion): options- password protect, zk-256bit, "Burn After Reading" + more
----------------------------------------------------------------------
🤗 SUPPORT OPTIONS (If you like to)
💲CASHAPP: $HumanRightsTech
✍🗒🎞 Politictech (BMAC Memberships (monthly supporter option)
🎁 EXTRAS: Unique extra Services (get something back for your support)
💳 Politictech Main Page: (info + current Crypto)
----------------------------------------------------------------------
FOLLOW:
✍🗒MASTODON
🐦 TWITTER
🎞 PEERTUBE
🎞 BITCHUTE
🎞 ODYSEE
---------------------------------------------------------------------
CONTACT
-------------------------------------------------------------------------
If you aren't registered for Odysee I'd love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP

--------------------------------------------------------------------------

¿Te gusta esta publicación?

Comprar 🥷 (RTP) Privacy Tech Tips 📡 un café

10 comentarios

Más de 🥷 (RTP) Privacy Tech Tips 📡