Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Massive free VPN data breach exposes 360M records
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Massive free VPN data breach exposes 360M records

ArkasArkas Moderator

https://www.foxnews.com/tech/massive-free-vpn-data-breach-exposes-360-million-records

Cybersecurity researcher Jeremiah Fowler discovered and reported that over 360 million user data records have been leaked in a breach with the free VPN service SuperVPN. These records contained tons of personal information, including email addresses, original IP addresses, geolocation records, unique user identifiers, references to visited websites and more.

Don't use Free VPNs!!!

«134

Comments

  • WebProjectWebProject Host Rep, Veteran

    As example a free VPN service does the log all activity! I am wondering if the paid service does the same collection of data, so in this case much better to use own VPN service.

    Thanked by 3desperand ariq01 pbx
  • "impossible to live without VPN, because of privacy" they told... And now, all private data leaked. Because of centralized storage of privacy data.

  • emghemgh Member

    But also, imagine seeing this and trusting it 100 %: https://play.google.com/store/apps/details?id=com.jrzheng.supervpnfree&hl=en&gl=US

  • Never use freevpn service

    Thanked by 1hvedar13
  • 😳😬😧

  • MumblyMumbly Member
    edited June 2023

    I am wondering what @joepie91 is doing in these days ...

    https://gist.github.com/joepie91/5a9909939e6ce7d09e29

    Thanked by 1hyperblast
  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @Mumbly said:
    I am wondering what @joepie91 is doing in these days ...

    https://gist.github.com/joepie91/5a9909939e6ce7d09e29

    Starting fights with mall cops.

    Francisco

  • MumblyMumbly Member

    For real? :)

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @Mumbly said:
    For real? :)

    Yes, sorta. Supposedly the mall cop started the fight with him, but basically the same idea.

    He hangs out on my matrix/discord if you ever want to drop by.

    Francisco

    Thanked by 2Mumbly skorous
  • emghemgh Member
    edited June 2023

    @Mumbly said:
    I am wondering what @joepie91 is doing in these days ...

    https://gist.github.com/joepie91/5a9909939e6ce7d09e29

    I’ve seen this get posted all the time but I really don’t agree lol

    The swedish police went to Mullvad and wanted data, Mullvad explained that they don’t keep any, police went away without data

    Same thing happened at Bahnhof

    Had it happend at any ISP in Sweden today, the police would then charge the ISP for not keeping records (as they have too, and do have to in most countries as well as I’d guess all EU countries)

    So even if they’re hiding some devious plan and saving TBs of data doing nothing with it, practically, it can make a huge difference to use a VPN since legally an ISP generally HAS TO to save data whilst a VPN dosen’t have to

    Yeah, I just think it’s some mental gymnastics gone wrong tbh

    No offense to Joe intended

  • MumblyMumbly Member
    edited June 2023

    @emgh hypothetical situation.
    How much would it cost gov, any gov agency to establish something like Mullvad through proxy companies and put some faces in front, to run such operation? My guess is: peanuts.
    Not to mention all other relatively popular vpn companies registered in some remote parts of the world like Belize where all what you got is their "word" that they don't log anything.
    Heck, pay me and I will do it, I will establish it. I may even put some discounted lifetime deals for LET members so that you all will praise me and provide me with your personal data for my gov at the same moment.
    What I am trying to say is that in reality we know a shit who's founding all those companies from the background.

    Thanked by 1hyperblast
  • @Mumbly said: Mullvad through proxy companies and put some faces in front, to run such operation?

    To run it since 2009 and not get exposed? Not possible.

  • emghemgh Member
    edited June 2023

    @Mumbly said:
    @emgh hypothetical situation.
    How much would it cost gov, any gov agency to establish something like Mullvad through proxy companies and put some faces in front, to run such operation? My guess is: peanuts.
    Not to mention all other relatively popular vpn companies registered in some remote parts of the world like Belize where all what you got is their "word" that they don't log anything.
    Heck, pay me and I will do it, I will establish it. I may even put some discounted lifetime deals for LET members so that you all will praise me and provide me with your personal data at the same time.
    What I am trying to say is that in reality we know a shit who's founding all those companies in the background.

    But it’s such a weird comparison:

    Mullvad might give you up, probably not.

    Telia WILL give you up, they are bound by law to save your data, as well as to give it over. It’s a 100 % certainty.

    Not using a VPN because of the above is like jumping off of a cliff in order not to fall.

    I stand by what I said, mental gymnastics gone wrong.

  • This VPN provider is no different than "LIFETIME VPN DEALS" shilled here.

  • emghemgh Member
    edited June 2023

    @treesmokah said:

    @Mumbly said: Mullvad through proxy companies and put some faces in front, to run such operation?

    To run it since 2009 and not get exposed? Not possible.

    Also proxy companies aren’t really a thing in Sweden.

    Obviously you could pay someone and have them pretend they own it.

    But you’re legally obliged to publish who’s the ”verklig huvudman” and ownership is public too.

    Everything is public.

    Sweden with our ”offentlighetsprincip” would have to be the worst country to hide through companies in. Probably the worst in the world.

    Even our last 4 social security digits are public info, you just have to Google lol

  • MumblyMumbly Member

    @treesmokah said: To run it since 2009 and not get exposed? Not possible.

    Don't be naive. 10 years to build trust solely is nothing. But I don't mean Mullvad specifically anyway. We use shady suspicious cheap VPN providers registered in most remote parts of the word.
    How hard is for gov to fund some shitty vpn provider registered in let's say Belize and run it for years? Even some of us here with our limited budget would be able to do it, let alone the government agency with unlimited budget.

  • @Mumbly said: How hard is for gov to fund some shitty vpn provider registered in let's say Belize and run it for years? Even some of us here with our limited budget would be able to do it, let alone the government agency with unlimited budget.

    If you gained actual traction, gained real trust, attracted criminals that will screen everyone working for your company before using it - it would not be possible to run it for that long unnoticed, its simply not possible.

  • MumblyMumbly Member

    @emgh so Sweden don't have secret service which do a things you know a shit about?
    I would imagine that every country do.

  • MumblyMumbly Member
    edited June 2023

    @treesmokah said: it would not be possible to run it for that long unnoticed, its simply not possible.

    You're naive. Long? 10 years is nothing. NOTHING. Unless you hunt small petty criminals. They yes ...

    I am not saying it's exactly that or that. What I am saying is that @joepie91 is in principle right. It would be naive to think any different.

  • emghemgh Member
    edited June 2023

    @Mumbly said:
    @emgh so Sweden don't have secret service which do a things you know a shit about?
    I would imagine that every country do.

    Good look hiding behind a aktiebolag

    Allabolag.se
    Ratsit.se
    Mrkoll.se
    Merinfo.se
    Bolagsfakta.se

    And this is just on top of my head

    Also, as I said, the alternative is ZERO privacy

  • @Mumbly said:

    @treesmokah said: it would not be possible to run it for that long unnoticed, its simply not possible.

    You're naive. Long? 10 years is nothing. NOTHING. Unless you hunt small petty criminals. They yes ...

    i'm confident you have no idea what are you talking about, and have no experience nor knowledge in that area.

    i will refrain from arguing with you, because its pointless.

  • MumblyMumbly Member

    @treesmokah said: i'm confident you have no idea what are you talking about, and have no experience nor knowledge in that area.

    Yes, because you know exactly who really found this and that shit registered somewhere in Belize, right? Don't be naive...

  • emghemgh Member

    @treesmokah said:

    @Mumbly said:

    @treesmokah said: it would not be possible to run it for that long unnoticed, its simply not possible.

    You're naive. Long? 10 years is nothing. NOTHING. Unless you hunt small petty criminals. They yes ...

    i'm confident you have no idea what are you talking about, and have no experience nor knowledge in that area.

    i will refrain from arguing with you, because its pointless.

    The real important point to make is that a good VPN provider is somewhat private. They MIGHT be corrupted. No one can say there’s 0 % risk.

    What we do 100 % know is that not using one is 100 % risk of not having privacy.

    So if there’s a 10 % risk Mullvad is corrupted, or a 0,001 % risk, both are well below 100 %, like ISPs (since they’re bound to save data by law).

  • MumblyMumbly Member

    @emgh said: The real important point to make is that a good VPN provider is somewhat private. They MIGHT be corrupted. No one can say there’s 0 % risk.

    That's what I am saying.

  • emghemgh Member

    Also, had Mullvad leaked data, cops might have gotten away with faking the origin of the data a few times, but it’s impossible for Mullvad to not get exposed if they regularely give the police data that the police use in court rooms

  • emghemgh Member

    @Mumbly said:

    @emgh said: The real important point to make is that a good VPN provider is somewhat private. They MIGHT be corrupted. No one can say there’s 0 % risk.

    That's what I am saying.

    That’s a million times better than no VPN, right?

  • MumblyMumbly Member
    edited June 2023

    @emgh said: That’s a million times better than no VPN, right?

    Depend from the usage. But that's also what @joepie91 said.

  • emghemgh Member
    edited June 2023

    @Mumbly said:

    @emgh said: That’s a million times better than no VPN, right?

    Depend from usage. But that's also what @joepie91 said.

    No. The article says a bunch of misguided shit, but I’m on my phone right now so I can’t quote it one by one.

    This might be the most misguided piece of it though:

    But a provider would lose business if they did that!

    I'll believe that when HideMyAss goes out of business. They gave up their users years ago, and this was widely publicized. The reality is that most of their customers will either not care or not even be aware of it

    ———

    So the point is that there’s a few bad VPN providers that uneducated people buy, and therefore VPNs log.

    It’s just silly.

    No one who’s spent 3 minutes inside an SSH console would advocate these sketchy providers.

    The point is basically like saying that using a VPS sucks because IONOS is slow.

    • It makes zero sense

    Or that ”I’ll stop breahting because the air might be toxic”

    • The alternative is zero privacy
  • emghemgh Member

    Let’s take it back to the absolute basics:

    An ISP have to save your data, and has to share it.

    A VPN provider does not have to save your data, and don’t have to share it.

  • AltesAltes Member

    What @Mumbly said is true; guys who do drugs will often either entice or coerce weak people in being the so-called "strawmen". Essentially, they don't own anything on paper, but they control companies and bank accounts that sometimes even do millions worth of transactions, and no one can do anything about it.

    Sweden is no different... this happens everywhere, and setting up an onshore or an offshore company is the easiest thing in the world. You just need to have $1K - $10K and you're good.

    If you ever wondered how all those dodgy dating sites operate with bank accounts from high street banks, they're doing the exact same thing. Using locals as shareholders and signatories, and while they are in control on paper, they have absolutely no access to anything, and no one is stupid enough to make waves with people like that.

    Anyway, I wouldn't go as far as to call common cyber criminals smart. For example; no one cared or bothered to check if FlokiNET was born out of CINIPAC, HostSailor out of Santrex, or if BlazingFast owner is into carding, etc (just like the rest of them)... and you trust all these people with your information.

    Also, a lot of Swedish VPN operations are mostly the same guys who are connected to the TPB guys, and were legitimizing the income made from running TPB and the associated projects. Much like Njalla being setup to service the associated projects and still have plausible deniability should it be brought up in court. But it all works out in the end because the prosecutors are complete and utter idiots, if they ever brought up Flattr or IPredator into the case, but anyway... :)

Sign In or Register to comment.