The 5 Worst VPN #Fails

[Togijak]

 

VPNs are a great option for getting remote access to professional documents or browsing geo-restricted content and websites. However, at times, even the most popular VPNs too have some big, bad “fails”. In this article we’ve looked at the user experience of many individuals who have had some really terrible experience with a couple of VPNs. Have a look.

 

HideMyAss – Privacy #Fail

HideMyAss is a pretty decent VPN network, but Cody did quite not enjoy his experience with this VPN. Cody Andrew Kretsinger, a 23 year old boy from Phoenix was arrested by the FBI as he was allegedly a member of the dangerous hacker group called Lulzsec. According to the reports from FBI, this hacking group had used a SQL injection for obtaining confidential information from the Sony Entertainment Group, and posting it live on web. However, when Hide My Ass received a court order, they readily revealed Cody’s ip address and his vpn username, ‘recursion’. Cody has now been imprisoned for 15 years. So as you see, Hide My Ass doesn’t really hide your ass and it can get really dangerous when it comes to keeping user activity logs.

 

EarthVPN – No-logging #Fail

EarthVPN is a VPN network popular for its superb encryption, ‘no-logging policy’ and high-end features. However, a student from Holland had an absolutely terrible experience with this VPN. In the year 2013, he supposedly issued a bomb threat to his university and was arrested for the deed. Even though the act is absolutely reprehensible and he deserves being arrested, yet, the key matter into consideration is that he used EarthVPN which claims to delete all the user activity logs. An EarthVPN spokesperson justified the situation by saying that the logs procured were the IP transfer logs from their datacenter. However, we have no ways to confirm the authenticity of these facts.

 

Private Internet Access – Security #Fail

Private Internet Access is a top notch network which is popular for its superb connectivity, ‘high-end encryption’ and awesome features. However, on November, 2013, this popular VPN provider experienced a major security breach. A couple of people hacked the servers, and the hackers inserted a code to the forums asking users to send a certain amount, to a certain address, in order to receive 10X in return. These hackers also managed to access the SQL database thereby pulling out the various forum passwords from the servers. The response from PIA was quite weak. They ‘advised’ users to get their passwords changed but did not ‘force’ a password change which was absolutely necessary. This reinforced our idea that security does not always mean good encryption strength.

 

PureVPN – Hacking #Fail

Vpn users of PureVPN experienced a major scare when they received emails from hackers stating that their accounts would be closed and their private information would be revealed to some unspecified authorities. The hackers managed to access the database of the VPN with SQL injection and some specified URL requests. Even though PureVPN confirmed that these emails fake, yet, we cannot overlook the weak security of this VPN network.

 

AnonX – Disappearance #Fail

AnonX was a popular VPN network that was launched during the early 2000s. The network provided great speeds, amazing connectivity and high-end anonymity. However, after a year and a half, this VPN provider totally disappeared. The site was put down and the domain was sold off. The strangest thing was that there was no big announcement or press release before the network was put down. This kind of irresponsible activity is definitely unexpected from a good VPN provider.

Well, these were some really disappointing VPN fail incidents from our favorite VPN providers. In case you know of some more incidents like these, do not forget to share them in the comments section.

 

Source

[Sylence]

Rule #1, never trust any VPN provider no matter what they claim in their fancy websites

[steven36]

Actually a vendors forums being hacked dont have nothing do with a VPNs  Security, If  people went by this they hardly use anything  ..At lest PIA  never turned no one in like HMA and others have they don't play around with bullshit when they found out Leaseweb got caught working with the Russian and German police they pulled both countries form there vpn and are in the process of getting new German servers. While other VPNs are full of  Leaseweb servers  .. Also Leaseweb  corporate with the FBI  when they shut down Meaupload  because files   were stored on there servers and they had a warrant.

[Togijak]

The only VPN I trust to 200% is the VPN which I setup and encrypted myself and the dedicated server has to be in a country that don't deals with cops from USA, Great Britain etc.

[steven36]

1 hour ago, Togijak said:

The only VPN I trust to 200% is the VPN which I setup and encrypted myself and the dedicated server has to be in a country that don't deals with cops from USA, Great Britain etc.

qbittorrent , Linux Mint , Ubuntu 2 times , Debian and the list goes on and on  with the cloudflare leak this site may of been even hacked no one knows for sure.. Nsane was on the list and  Cyberghost uses a lot of Leaseweb servers  and they also use cloudflare in there VPN and there is no such thing as many countries that don't deal with the USA there are very few and most VPNs dont have servers for these countries because they have censorship laws and what is the point in having a censored VPN ? Just some countries  are more relaxed about warez and censorship  than others but if you're looking too hide from the Government using a VPN alone is not enough .

 

When you login too VPN server it just like when you buy internet from a ISP you're have too trust them regardless if what server you use I'm not afraid too use USA servers to do certain things . Heck before 2011 i never used a VPN and uploaded and download warez for years and many of the old members know i uploaded then This was before ISPs in my country started sending out warning from BitTorrent trolls witch they never was a law saying they could do this or not do this. I never been scared of my government because mostly rights holders in my country have caused people like me trouble.

 

Now if you are running a warez site you should be afraid of my government. But if you run one in Italy ,France , Spain ,Russia ,China ,UK and many other countries you need too be scared of those Governments too because it's not like it use too be it not just rights holders in the USA going after you the Governments are clamping down on Warez world wide. There are a few countries that don't care but they have other laws not related to warez and you may not even be able too access certain sites because of them if  they had a VPN had there servers witch most don't bother with countries that censor the web. .

 

Last I checked many buy VPNs too watch USA Netflix and have access to other streaming sites  and there breaking laws ether in the USA and/or there own country . And they do it all the time on USA servers and nothing happens too them, But some countries are going too ban vpn nationwide and it may be hard too get around soon.

[Togijak]

@steven36

 

I was more than 15 years ago member of some 0day groups like ACME and I know all that things. The problem is not Warze, the problem in Europe is that the nice people that is afraid to lost his power after "G20 Wellcome to Hell" wants to implement a Europe wide list of people of which they think that the extreme left-wing are and nobody knows which is enough for these miscarriages to be placed on the list.

[steven36]

Quote

As part of our company’s longstanding principles and commitments to privacy, Private Internet Access has discontinued using LeaseWeb as a datacenter partner and will be relaunching its German exit gateway.

 

According to court documents, LeaseWeb allowed authorities in The Netherlands and Russia to sniff, or perform analysis, on internet traffic in 2008. Their objective was to perform deep packet inspection (DPI) on unencrypted ICQ messenger traffic.

 

Private Internet Access customers’ internet traffic is encrypted before leaving their devices using strong AES encryption (128 or 256 bit) and can not be decrypted by a sniffer or DPI equipment. Further, it is mixed among our users using a shared IP anonymizer before exiting towards the greater internet. An upstream attacker using a similar sniffer would only be able to see anonymized outgoing traffic. Since we do not log any traffic or session data, by design, and because we encrypt all of the internet traffic, no user privacy could be compromised even if subjected to a similar attack. Private Internet Access is designed in such a way that even if incoming and outgoing traffic is being monitored, individual users’ privacy will still be maintained. Furthermore, Private Internet Access has never had any servers in LeaseWeb facilities in The Netherlands or Russia. Our users were, are, and will always be private and secure.

 

Upon learning of these court documents, we have decided to disable our servers at the single Leaseweb location we were using and will no longer be doing business with them. Germany was the only region in which our servers were located in Leaseweb facilities, and they have been completely shut down as of June 11th 2017. We will relaunch our Germany exit gateway at another facility as soon as possible and have already begun the migration.

 

We apologize for any inconvenience this may cause. We really appreciate the patience, and thank you for your continued support and helping us fight the good fight.

 

Sincerely,

The Private Internet Access Team

 https://www.privateinternetaccess.com/forum/discussion/24134/private-internet-access-is-temporarily-discontinuing-its-german-exit-gateway

 

[straycat19]

14 hours ago, Togijak said:

However, at times, even the most popular VPNs too have some big, bad “fails”.

 

There use to be an old saying 'Trust But Verify' that was used by security personnel.  That is as true today as it was back then.  A lot of the VPNs have a problem with DNS Leaks, which means that your ISP can still track you and you would need to manually edit your DNS settings to a DNS that did not keep logs.  There are a few that claim not to but there is no way to verify whether they do or not unless you know someone on the inside.  And being totally honest, how many countries are there that do not share data with each other today, even if it is thru back channels.  Back Channels have been around since WWII.  Though there has been a Cold War going on as far as the public sees, there are back channel communications taking place constantly because crime is no good for anyone.  So if you believe that any country (with the possible exception of North Korea) is not sharing information through these back channels concerning criminal activities on the internet you are living in a dream world.  Picture Putin and Trump standing together each pointing a gun at the others head with one hand while the other hand is behind their backs passing notes back and forth.  That is today's reality.