VPN Shame

A Compiled List of VPN Services That Have Been Caught Logging, Lying or Hacked

Private Internet Access Receives Subpoena for Logs – Has None (2016) — 07/09/2018

Private Internet Access Receives Subpoena for Logs – Has None (2016)

In 2016 an investigation in Florida related to a stalking suspect and a number of false bomb threats was being conducted, and part of the investigation led to an IP address for a Private Internet Access VPN server. The FBI then presented Private Internet Access with a subpoena and Private Internet Access had no logs to provide. They could only tell the FBI that the servers that the IP address range that they were interested in were located on the east coast of the US. They had no other information due to their no-logs policy. Torrentfreak writes:

It is important to note that the FBI was able to build a significant case against the suspect using other police work. They knew that the suspect had motive, and banking information led them to store surveillance tapes and other evidence that led to the person serving justice.

This is one of the core arguments of privacy advocates; that “going dark” is a fallacy and police are more equipped than ever to catch criminals. Dragnet surveillance is not a necessary piece of the puzzle and privacy tools and services that push back against mass surveillance help us to cling to what little privacy remains in the information age.

UnblockUS VPN and SmartDNS Service is Connected to IPVanish Logging Scandal — 21/08/2018

UnblockUS VPN and SmartDNS Service is Connected to IPVanish Logging Scandal

When looking at the IPVanish scandal and relating what companies are caught up in this anti-privacy scandal, we need to look for specific company names. IPVanish, its parent company StackPath, and the line of company acquisitions that led to StackPath. IPVanish was owned by a parent company, HighWinds, who also acquired a company who has hosting and routing resources called BandCon. Recently, all of these involved companies were acquired by StackPath.

So we have BandCon = IPVanish = HighWinds = StackPath.

If we take a look at the SmartDNS instructions for Unblock.us, they give us two IP addresses for their DNS servers.If we look up those IP addresses, the servers belong to HighWinds:

And DNS2 also belongs to HighWinds:

If we can’t trust IPVanish with our data, we can’t trust any of these companies that are sharing the same infrastructure.

Overplay.net is Connected to the IPVanish and Highwinds VPN Logging Scandal — 20/08/2018

Overplay.net is Connected to the IPVanish and Highwinds VPN Logging Scandal

When looking at the IPVanish scandal and relating what companies are caught up in this anti-privacy scandal, we need to look for specific company names. IPVanish, its parent company StackPath, and the line of company acquisitions that led to StackPath. IPVanish was owned by a parent company, HighWinds, who also acquired a company who has hosting and routing resources called BandCon. Recently, all of these involved companies were acquired by StackPath.

So we have BandCon = IPVanish = HighWinds = StackPath.

So where does OverPlay come into this equation? Overplay’s VPN and SmartDNS services are using StackPath’s infrastructure.

Here is Overplay’s instructions for setting up SmartDNS:

The two DNS servers are directly linked to HighWinds (StackPath), the owners of IPVanish.

The secondary DNS server is linked to BandCon which is also IPVanish/HighWinds/Stackpath infrastructure.If IPVanish can’t be trusted, neither can any other company that is using the same infrastructure.

 

Encrypt.me VPN Serivce is Connected to the IPVanish Logging Scandal — 21/07/2018