Israeli firm buys Private Internet Access (PIA) VPN

[V.T. Eric Layton]

Israeli firm buys Private Internet Access (PIA) VPN raising privacy concerns

 

Interesting... and disturbing.

 

I may be considering Nord shortly.

[securitybreach]

Nord is garbage, use Mullvad instead.

[securitybreach]

Quote

On October 21, 2019, a security researcher disclosed on Twitter a server breach of NordVPN involving a leaked private key. The cyberattack granted the attackers root access, which was used to generate an HTTPS certificate that enabled the attackers to perform man-in-the-middle attacks to intercept the communications of NordVPN users. In response, NordVPN confirmed that one of its servers based in Finland was breached in March 2018. The exploit was the result of a vulnerability in a contracted data center's remote administration system that affected the Finland server between January 31 and March 20, 2018. According to NordVPN, the data center disclosed the breach to NordVPN on April 13, 2019, and NordVPN ended its relationship with the data center. Security researchers and media outlets criticized NordVPN for failing to promptly disclose the breach after the company became aware of it. NordVPN stated that the company initially planned to disclose the breach after it completed its internal audits. On October 29, 2019, NordVPN announced additional audits and a bug bounty program. Approximately 2,000 usernames and passwords of NordVPN accounts were leaked in credential stuffing attacks that were reported on November 1, 2019.

 

https://en.wikipedia.org/wiki/NordVPN#History

 

It took them a year and a half to report the incident and even then, it was only because they were outed.

 

Now Mullvad doesn't ever even ask for any information, including an email address. You can even just send them cash in the mail with a generated token.

 

 

They have clients for all OSs and also offer wireguard and openvpn configs as well.

[V.T. Eric Layton]

If I decide to drop PIA, I'll definitely be doing my homework regarding a new VPN. Thanks for the info, Josh. :)

[securitybreach]

Yup, I sent them cash for 5 months a few weeks ago. It took 2 weeks to get to Sweden but it worked fine.

 

[V.T. Eric Layton]

A fellow on LQ.org posted this video regarding PIA and Kape's merger:

 

 

The fellow doing the vid (Linus?) really needs to work on his stuff a bit more. The vid is crappy and technology didn't seem to be working too well for communications.

 

Anyway, watch it.

 

My renewal is coming up in a couple months. I intend to stick with PIA, but... I will definitely be keeping my eye on their operations and any news leaks about this. I'll give them the benefit of the doubt for now. If things go south, I'll definitely be considering Mullvad. I checked them out briefly after you posted their name in an above post the other day.

 

 

[securitybreach]

It was bought by a company known to spread malware and is a former Mossad agent...

[V.T. Eric Layton]

48 minutes ago, securitybreach said:

It was bought by a company known to spread malware and is a former Mossad agent...

 

The fellow from Kape in the video tries to explain that situation and assure folks that's not the case with the current Kape company.

[securitybreach]

Just now, V.T. Eric Layton said:

 

The fellow from Kape in the video tries to explain that situation and assure folks that's not the case with the current Kape company.

 

Hard to trust a company that was caught spreading malware and had ties to a spy agency.

[V.T. Eric Layton]

Yup. That's PIA's biggest problem right now... having to deal with the history of their new partners.

[securitybreach]

Yeah, I dropped then immediately as soon as I find out.

[V.T. Eric Layton]

10 minutes ago, securitybreach said:

Hard to trust a company that was caught spreading malware and had ties to a spy agency.

 

Meh... BIG ISPs, BIG SOCIAL NETWORKS and BIG ONLINE RETAILERS are providing backdoors to the NSA to allow spying on U.S. citizens. Who ya' gonna' trust these days?

[V.T. Eric Layton]

On 12/11/2019 at 7:16 PM, securitybreach said:

Yup, I sent them cash for 5 months a few weeks ago. It took 2 weeks to get to Sweden but it worked fine.

 

Ah... IC. In the post above you were talking about sending $ to Sweden. I missed that somehow. Well, that's good. In a few months, I'll ask you to rate Mullvad for me.

[securitybreach]

Just now, V.T. Eric Layton said:

 

Ah... IC. In the post above you were talking about sending $ to Sweden. I missed that somehow. Well, that's good. In a few months, I'll ask you to rate Mullvad for me.

 

It works beautifully and is very fast. I get about 850 up and down on my gigabit connection.

[V.T. Eric Layton]

https://thebestvpn.com/reviews/mullvad-vpn/

 

Hmm... not the best of reviews.

 

This wouldn't be good for me...

 

Mullvad Cons
– Located in Sweden (14 eyes*)
– Not very user-friendly
– Mediocre customer support

 

* You'd have to trust their no-logging policy, but that's the case with any VPN.

 

Sadly, they're twice as expensive as PIA. I'm a bit tight on $$$ these days, so that would be not good for me. I also don't like their speed tests. With PIA, the encryption load hardly has any affect on my 50Mbps/50Mbps connection. Also, I don't do bitcoin or any of that baloney. Sending cash to Sweden doesn't sound like a good idea. Do they take money orders, I wonder?

The mediocre customer support would also be a deal killer for me. PIA's CS is outstanding.

 

Well... we'll see how things go.

[securitybreach]

Their speeds are faster than Pia (I use the LA server). I sent cash to Sweden without any issues but it took two weeks to arrive. There are trusted and been around since 2012. No logging or dns leaks.They do not want any details from you. No name, email address, payment info, etc. You visit and when you click to join, they give you an account number. You login with that number and it generates a token that you write on a slip of paper and send that along with cash. It's that easy. No name or email required. I paid for the first month with Bitcoin and sent them three months payment of 5 euro a month which was about 17 bucks. Then almost two weeks later, my account was updated.

[securitybreach]

I don't know why they said it was hard to use considering they offer a client on every OS (windows, apple, linux, android and macos) including router config. I use their openvpn config (on Linux and Android) but they also offer wireguard as well. The reviewer who called it difficult must be an absolute moron  or working for a competitor as that is a flat out lie.

[securitybreach]

Of course their customer support is poor, they don't know who you are.

[securitybreach]

The review points out some good things but a lot of them are simply not true or skewed:

 

Torrenting and P2P work just fine.

 

Netflix works just fine on the NYC server (which he mentions), as well as the LA server (that I use)

 

14 eyes. Of course, so does every other VPN except those hosted in Russia or China (including PIA which is a USA based company)

 

"You’ll have to go through a lengthy 15 step process via OpenVPN to setup your mobile devices."

Another lie, as it took like 2 clicks using the openvpn client on android. It works just like the desktop version, you load the config and you are done.

 

"There is also no information regarding smart TVs, router assistance and other less often used internet devices." You can use the router config if your device supports a VPN. BTW this is the same as on PIA, Nord or any other VPN. Not even worth mentioning.

 

Yup, another reviewer who suggests to use NordVPN. The one VPN that loves to advertise and who is probably paying this guy as his review is full of cons that do not exist.

 

So much BS in one single review that its almost laughable. Gotta love those paid shills.

[V.T. Eric Layton]

Thanks of the info and explanations. I'll see how things go. I may not have Internet access by this time next month, so other bigger issues to worry about for me right now.

[securitybreach]

Ok, let us know what you decide.