New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Massive free VPN data breach exposes 360M records
https://www.foxnews.com/tech/massive-free-vpn-data-breach-exposes-360-million-records
Cybersecurity researcher Jeremiah Fowler discovered and reported that over 360 million user data records have been leaked in a breach with the free VPN service SuperVPN. These records contained tons of personal information, including email addresses, original IP addresses, geolocation records, unique user identifiers, references to visited websites and more.
Don't use Free VPNs!!!
Comments
As example a free VPN service does the log all activity! I am wondering if the paid service does the same collection of data, so in this case much better to use own VPN service.
"impossible to live without VPN, because of privacy" they told... And now, all private data leaked. Because of centralized storage of privacy data.
But also, imagine seeing this and trusting it 100 %: https://play.google.com/store/apps/details?id=com.jrzheng.supervpnfree&hl=en&gl=US
Never use freevpn service
😳😬😧
I am wondering what @joepie91 is doing in these days ...
https://gist.github.com/joepie91/5a9909939e6ce7d09e29
Starting fights with mall cops.
Francisco
For real?
Yes, sorta. Supposedly the mall cop started the fight with him, but basically the same idea.
He hangs out on my matrix/discord if you ever want to drop by.
Francisco
I’ve seen this get posted all the time but I really don’t agree lol
The swedish police went to Mullvad and wanted data, Mullvad explained that they don’t keep any, police went away without data
Same thing happened at Bahnhof
Had it happend at any ISP in Sweden today, the police would then charge the ISP for not keeping records (as they have too, and do have to in most countries as well as I’d guess all EU countries)
So even if they’re hiding some devious plan and saving TBs of data doing nothing with it, practically, it can make a huge difference to use a VPN since legally an ISP generally HAS TO to save data whilst a VPN dosen’t have to
Yeah, I just think it’s some mental gymnastics gone wrong tbh
No offense to Joe intended
@emgh hypothetical situation.
How much would it cost gov, any gov agency to establish something like Mullvad through proxy companies and put some faces in front, to run such operation? My guess is: peanuts.
Not to mention all other relatively popular vpn companies registered in some remote parts of the world like Belize where all what you got is their "word" that they don't log anything.
Heck, pay me and I will do it, I will establish it. I may even put some discounted lifetime deals for LET members so that you all will praise me and provide me with your personal data for my gov at the same moment.
What I am trying to say is that in reality we know a shit who's founding all those companies from the background.
To run it since 2009 and not get exposed? Not possible.
But it’s such a weird comparison:
Mullvad might give you up, probably not.
Telia WILL give you up, they are bound by law to save your data, as well as to give it over. It’s a 100 % certainty.
Not using a VPN because of the above is like jumping off of a cliff in order not to fall.
I stand by what I said, mental gymnastics gone wrong.
This VPN provider is no different than "LIFETIME VPN DEALS" shilled here.
Also proxy companies aren’t really a thing in Sweden.
Obviously you could pay someone and have them pretend they own it.
But you’re legally obliged to publish who’s the ”verklig huvudman” and ownership is public too.
Everything is public.
Sweden with our ”offentlighetsprincip” would have to be the worst country to hide through companies in. Probably the worst in the world.
Even our last 4 social security digits are public info, you just have to Google lol
Don't be naive. 10 years to build trust solely is nothing. But I don't mean Mullvad specifically anyway. We use shady suspicious cheap VPN providers registered in most remote parts of the word.
How hard is for gov to fund some shitty vpn provider registered in let's say Belize and run it for years? Even some of us here with our limited budget would be able to do it, let alone the government agency with unlimited budget.
If you gained actual traction, gained real trust, attracted criminals that will screen everyone working for your company before using it - it would not be possible to run it for that long unnoticed, its simply not possible.
@emgh so Sweden don't have secret service which do a things you know a shit about?
I would imagine that every country do.
You're naive. Long? 10 years is nothing. NOTHING. Unless you hunt small petty criminals. They yes ...
I am not saying it's exactly that or that. What I am saying is that @joepie91 is in principle right. It would be naive to think any different.
Good look hiding behind a aktiebolag
Allabolag.se
Ratsit.se
Mrkoll.se
Merinfo.se
Bolagsfakta.se
And this is just on top of my head
Also, as I said, the alternative is ZERO privacy
i'm confident you have no idea what are you talking about, and have no experience nor knowledge in that area.
i will refrain from arguing with you, because its pointless.
Yes, because you know exactly who really found this and that shit registered somewhere in Belize, right? Don't be naive...
The real important point to make is that a good VPN provider is somewhat private. They MIGHT be corrupted. No one can say there’s 0 % risk.
What we do 100 % know is that not using one is 100 % risk of not having privacy.
So if there’s a 10 % risk Mullvad is corrupted, or a 0,001 % risk, both are well below 100 %, like ISPs (since they’re bound to save data by law).
That's what I am saying.
Also, had Mullvad leaked data, cops might have gotten away with faking the origin of the data a few times, but it’s impossible for Mullvad to not get exposed if they regularely give the police data that the police use in court rooms
That’s a million times better than no VPN, right?
Depend from the usage. But that's also what @joepie91 said.
No. The article says a bunch of misguided shit, but I’m on my phone right now so I can’t quote it one by one.
This might be the most misguided piece of it though:
But a provider would lose business if they did that!
I'll believe that when HideMyAss goes out of business. They gave up their users years ago, and this was widely publicized. The reality is that most of their customers will either not care or not even be aware of it
———
So the point is that there’s a few bad VPN providers that uneducated people buy, and therefore VPNs log.
It’s just silly.
No one who’s spent 3 minutes inside an SSH console would advocate these sketchy providers.
The point is basically like saying that using a VPS sucks because IONOS is slow.
Or that ”I’ll stop breahting because the air might be toxic”
Let’s take it back to the absolute basics:
An ISP have to save your data, and has to share it.
A VPN provider does not have to save your data, and don’t have to share it.
What @Mumbly said is true; guys who do drugs will often either entice or coerce weak people in being the so-called "strawmen". Essentially, they don't own anything on paper, but they control companies and bank accounts that sometimes even do millions worth of transactions, and no one can do anything about it.
Sweden is no different... this happens everywhere, and setting up an onshore or an offshore company is the easiest thing in the world. You just need to have $1K - $10K and you're good.
If you ever wondered how all those dodgy dating sites operate with bank accounts from high street banks, they're doing the exact same thing. Using locals as shareholders and signatories, and while they are in control on paper, they have absolutely no access to anything, and no one is stupid enough to make waves with people like that.
Anyway, I wouldn't go as far as to call common cyber criminals smart. For example; no one cared or bothered to check if FlokiNET was born out of CINIPAC, HostSailor out of Santrex, or if BlazingFast owner is into carding, etc (just like the rest of them)... and you trust all these people with your information.
Also, a lot of Swedish VPN operations are mostly the same guys who are connected to the TPB guys, and were legitimizing the income made from running TPB and the associated projects. Much like Njalla being setup to service the associated projects and still have plausible deniability should it be brought up in court. But it all works out in the end because the prosecutors are complete and utter idiots, if they ever brought up Flattr or IPredator into the case, but anyway...