Tag: cdn77

  • ZenMate

    ZenMate

    Zenmate is a virtual private network (VPN) based in Berlin, Germany service that encrypts your internet connection and hides your IP address to protect your online privacy and security. It allows you to access websites and content that may be blocked or restricted in your geographical location. Zenmate offers several different subscription plans that provide various levels of security and privacy protection, as well as the ability to access content from different locations around the world.

    Is ZenMate safe?

    ZenMate claims to be a no-logs VPN service, but it does keep some connection logs. It will also ask for your email address when signing up for the free version or the 7-day premium trial. It’s also possible that ZenMate may clash with other VPN apps installed on your device. When it’s running in the background, it may not allow you to launch any other VPN.

    Their location in Germany may pose additional issues due to their strict stance on copyright infringement. In addition, they are owned by Kape Technologies, a company that was known to send malware through their software. Overall, this service is of questionable safety, if you’re looking for a top-security VPN service.

    Related Posts

  • Windscribe

    Windscribe

    Windscribe, a cross-platform virtual private network (VPN) service provider, was founded by Yegor Sak and Alex Paguis in 2016. Based in Canada, it has grown to operate internationally, supporting a broad range of operating systems and platforms, and providing services to personal computers, smartphones, routers, and smart TVs​1​.

    The company’s offerings include OpenVPN, Internet Key Exchange v2/IPsec, and WireGuard protocols in its applications, supporting peer-to-peer file sharing, and ensuring user privacy with a no-log policy. Additionally, Windscribe provides open source applications and encrypted proxy support, while allowing for unlimited device connections​1​.

    Windscribe has been recognized for its social responsibility efforts, particularly in advocating for freedom of access to information in regions of political unrest. It has also developed transparency tools to shine a light on the relationship between corporate VPNs and their paid promoters​.

    Despite earning accolades from publications like Wired UK and Engadget for its reliability, cost-effectiveness, and range of server options, Windscribe has faced criticism related to security vulnerabilities. However, the company has demonstrated swift response to these issues, underscoring its commitment to user security​.

    Some users familiar with the name may be wary to trust their services, after the poor security practices were revealed in their 2021 data breach. The company has since promised to do better. You can read the original article, but here are the main highlights:

    • Windscribe left its VPN servers in Ukraine unencrypted and unsecured.
    • When Ukrainian authorities seized the servers, they also obtained Windscribe’s private key.
    • With the private key, Ukrainian officials could decrypt traffic and spy on Windscribe users.
    • Windscribe admitted that it does not follow “industry best practices” with its server network, but promised to change.
    • Windscribe is in the process of upgrading server security and hopefully undergoing a security audit.

    Based on data collected, when you are using Windscribe VPN you are predominantly using Quadranet, CDNext, Global Secure Layer, CDN77, or M247 servers.

    Global Coverage

    Windscribe showcases an impressive degree of geographic diversity in its server locations. It has a presence in 59 countries across multiple continents including North America, South America, Europe, Africa, Asia, and Oceania. This comprehensive global coverage provides users with extensive options for regional access and optimizes connection speeds. Key locations such as the United States, Canada, the United Kingdom, Australia, and the Netherlands host a significant number of servers, ensuring a robust and reliable service. Windscribe’s commitment to geographic diversity is also demonstrated by their notable presence in emerging markets. Given this extensive geographic spread, Windscribe earns an impressive score on our Global Coverage Index, receiving an 85 out of 100.

    WeVPN users acquired by Windscribe

    In 2023 VPN service provider WeVPN announced that it is shutting down due to unforeseen financial difficulties. In a statement, the company assured its customers that those with active subscriptions will be able to use Windscribe for the remaining duration of their subscription free of charge. Windscribe has agreed to offer free accounts to WeVPN users, which will provide them access to Windscribe’s network of servers, robust security features, and customer support.

    However, many are skeptical of this offer, as it appears to be a backdoor deal, and there is a lack of transparency regarding the relationship between the two companies. Windscribe and WeVPN have confirmed that Windscribe did not acquire WeVPN, but rather, it is a gesture of goodwill by Windscribe’s founder, Yegor. The company will cover WeVPN accounts for three months up to two years, but those who purchased their subscriptions from specific promotions such as lifetime deals will not be covered. Despite this offer, customers are disappointed by the lack of compensation from WeVPN and the lack of transparency regarding the closure.

    It’s super weird that they’ve removed theWeVPN founder’s and CEO information from the site, and there is so little information about them on the Internet. Specially when WeVPN founder claims to “have been running” Private Internet Access for years, and there’s a blog post saying that he used to be the President for PIA, and some other press releases saying he was the CEO.

    The cache for their “about us” section [0]:

      Jonathan Roudier
      Founder
      
      VPN Experience: 8 years
      
      Jon has nearly a decade of working in the VPN industry originally in Marketing and later in leadership and senior management. With his years of insight and customer knowledge gained from running Private Internet Access®, one of the world's biggest VPN providers, Jon decided to build his own VPN to ensure that the moral and ethics which he holds true are upheld and to provide an industry leader in transparency and accountability. Outside of WeVPN, He enjoys spending time at the gym and watching movies.
    

    Press release in PIA’s blog for when they bought Cypherpunk VPN [1]:

      Private Internet Access President Jon Roudier
    

    Press release announcing CES sponsor [2]:

      Jonathan Roudier, CEO of PIA, said “We, at Private Internet Access, are so thrilled..."

    0: https://webcache.googleusercontent.com/search?q=cache:LVfIvHK77E4J:https://wevpn.com/about-us&cd=2&hl=es&ct=clnk&gl=es
    1: https://www.privateinternetaccess.com/blog/private-internet-access-london-trust-media-acquired-cypherpunk-vpn/
    2: https://www.businesswire.com/news/home/20151221005130/en/Private-Internet-Access-Top-Mobile-Sponsor-2016

    Windscribe pros & cons

    Pros

    • Free version with 10GB of data
    • Unlimited simultaneous connections
    • Unblocks various streaming sites
    • Supports torrenting
    • No DNS leaks
    • Highly configurable
    • Military-grade encryption
    • Lots of tunneling protocols
    • Reliable kill switch
    • Split tunneling on Android

    Cons

    • Potential speed issues
    • Not that many servers
    • WireGuard only on Android
    • No independent audit
    • Has had at least 2 unencrypted servers in Ukraine
    • Based in a 5-Eyes country
  • Brave

    Brave

    Brave is a free and open-source browser that prioritizes security and speed by automatically eliminating advertisements and website trackers. Based on the Chromium web browser, this browser was designed by the Brave software developer to provide consumers with an excellent browsing experience.

    The Brave browser functions on Android, iOS and desktop computers. People can also use Brave search on any browser and set Brave as the default search engine. This privacy browser is three times faster than Chrome and offers superior Google protection. Brave is a popular security browser with a user base of over 50 million people.

    But when you are using Brave VPN, who’s servers are you really using? Interestingly enough, Brave VPN is actually Guardian VPN rebranded. According to my research, Guardian / Brave VPN predominantly uses CDN77, OVH, and Hydra Communications servers.

    Network Analysis

    Guardian, as a smaller VPN provider, presents an interesting case when considering its diversity indices, comprising of the Shannon Diversity Index (SDI) for Autonomous System Numbers (ASNs), the Country Diversity Index (GDI), and the City Diversity Index (CDI).

    Guardian’s SDI value of 1.22 places it at the lower end of the spectrum compared to other VPNs. This low value implies a lower diversity of ASNs among its VPN servers, suggesting that Guardian’s network might be more susceptible to network failures or targeted attacks.

    Comparatively, the GDI for Guardian is 1.78, indicating a limited diversity in the country locations of their servers. This suggests that Guardian’s service might not provide as wide a geographic coverage or as many country-specific access points as other VPNs such as Cyberghost or ExpressVPN.

    Finally, the CDI for Guardian stands at 2.79, again indicating a lower city-level diversity compared to other providers. This could imply that users might have fewer options in terms of city-specific server locations, which might be a critical factor for those seeking to bypass geographic content restrictions or for those prioritizing local server access.

    Comparatively, smaller VPNs like Mullvad and Privado demonstrate higher diversity indices across all three dimensions. Therefore, while Guardian’s overall performance can’t solely be determined by these indices, these figures suggest that its network diversity – at both the ASN and geographic levels – may be limited relative to both larger providers and similar-sized competitors.

    As always, it’s important to remember that these indices only provide one perspective on network performance and resilience. Other factors such as the specific ISPs involved, the quality of server infrastructure, the network’s overall capacity, and how the VPN service is managed and maintained, are also crucial considerations when evaluating a VPN service.

  • Surfshark

    Surfshark

    Surfshark VPN is one of the most popular VPN services in 2022. Its competitive price and unlimited simultaneous connections make it a very attractive VPN option for all kinds of users. But does this VPN live up to give the actual value for money that it claims? Surfshark also offers thousands of servers worldwide, excellent connection speeds, and next-gen AES encryption. However, users have been questioning its jurisdiction and whether it’s as private as showcased.

    Surfshark offers some really useful features like SmartDNS, the fast WireGuard protocol, P2P-optimized servers, and provides a selection of easy-to-use intuitive apps and platforms.

    So, when you’re connected to Surfshark – who’s servers are you really using? After completing my testing I have concluded that Surfshark uses 20% their own servers, 17% CDNext, 17% M247, 14% CDN77, 13% Host Royale, and the remaining few are Host Universal, Clouvider, and Hydra Communications.

    Surfshark Network Overview

  • AdGuard VPN

    AdGuard VPN

    AdGuard has offered ad-blocking and tracking protection software for over 10 years, so my expectations of its VPN were reasonably high.

    On AdGuard’s website, there are several promises. It boasts about providing you with high speeds, the ability to virtually teleport you around the world, and keep you safe online. It also promises you the ability to watch “anything from anywhere”.

    While all this sounds amazing, I took AdGuard VPN for a spin to make sure it can deliver excellent performance and live up to its word. The VPN pleasantly surprised me in many ways. While not as good as top-tier VPNs, AdGuard has a lot to offer.

    AdGuard VPN offers a wide selection of over 100 servers in 44 countries with a kill switch to block internet access if the connection drops. This is a valuable feature for those concerned about privacy, as AdGuard has a no-logs policy, meaning the company can’t provide information about its users even if asked. However, this policy hasn’t been independently verified, so you’ll just have to take their word for it. The jurisdiction of AdGuard is in Cyprus, which provides better privacy protection under European GDPR rules compared to companies based in, say, the USA.

    Unfortunately, AdGuard doesn’t offer the “double VPN” feature that some other VPN services do, where your connection is routed through two servers for added security and anonymity. But, on the bright side, AdGuard does allow BitTorrent traffic, so you can anonymously download those “sensitive” files.

    During our testing, we were impressed by AdGuard’s security measures. When our colleague attempted to access the account from a different location to run speed tests, AdGuard’s system temporarily locked the account. This is a rare and reassuring extra layer of protection that we haven’t seen before.

    In conclusion, AdGuard VPN is a solid choice for those looking for a VPN with a kill switch and no-logs policy. The lack of a “double VPN” feature and independent verification of the no-logs policy may be drawbacks for some, but the BitTorrent traffic allowed and the added security measures make up for it.

    Related Posts

  • CyberGhost VPN

    CyberGhost VPN

    CyberGhost VPN was founded in 2011 in Bucharest, Romania, and initially began as a free VPN service. By the following year, it had gathered around 1.7 million users​. In 2017, a notable change occurred when Kape Technologies (then known as Crossrider) acquired CyberGhost VPN. This acquisition brought about concerns among observers due to Crossrider’s background as an ad-tech firm known for concealing spyware within its apps, which seemed to present a conflict of interest given CyberGhost’s focus on privacy. However, these concerns were largely allayed as Crossrider rebranded to Kape Technologies and positioned itself as a “privacy-first digital security software provider.” Following this, Kape Technologies went on to acquire other well-known VPN brands such as ExpressVPN and Private Internet Access, though these continue to operate independently. As of 2023, CyberGhost VPN has grown significantly with around 38 million users, making it one of the more popular VPNs available​.

    The company faced a minor hiccup in 2020 when a breach involving Typeform affected around 120 of its users. However, no evidence has emerged to suggest improper use of subscriber data by Kape, its subsidiaries, or any third parties. Despite past skepticism due to its history, CyberGhost VPN has maintained a strong reputation for privacy, continuing to provide valued services to its global user base​.

    Can I torrent with CyberGhost?

    One of the most popular reasons why people use VPNs is to encrypt their traffic and mask their IP while using P2P or BitTorrent services. CyberGhost even offers P2P servers to enhance your experience. However, right in section 8 of their Terms of Service is this alarming statement:

    We reserve the right to take appropriate measures when CyberGhost Products are being used contrary to these Terms and applicable laws, including cooperating with public or private authorities as provided by law.

    The “terms and applicable laws” are so broad that it essentially means anything illegal based on your local laws, wherever you may be. For DMCA violations generally they will just terminate your account and offer no refund. That being said, intellectual property companies rarely bother to file DMCA complaints for IPs associated with VPNs, especially when that company is registered outside of the United States.

    What services are accessible when connected to CyberGhost?

    ServiceBlocked / Restricted
    Amazon PrimeAccessible for browsing; streaming blocked
    NetflixAccessible for browsing; streaming blocked
    SpotifyAccessible; CAPTCHA during registration
    PandoraAccessible
    YouTube MusicAccessible
    HuluAccessible
    Disney+Accessible; no restrictions
    Google SearchCaptcha
    ChatGPTSome IPs blocked
    YouTubeAccessible

    Data collection

    Like almost every VPN, CyberGhost does collect some maintenance-related data, but it claims to not log your server location choices, your total amount of data transferred nor your connection timestamps. As with any VPN, it’s nearly impossible to independently verify the company’s no-logs claim. Even so, CyberGhost does log certain user hardware data in what is likely a bid to enforce the company’s limit of seven simultaneous connections per account. 

    According to the spokesperson CNET spoke to in August of 2019, CyberGhost does have the ability to help law enforcement by activating a limited user-tracking feature.  

    “The only way to do it is if that user is still in the system and if the law enforcement knows the IP and could provide also a warrant to track that IP,” the spokesperson said. “We can activate a special feature like a logging feature for that IP, but we have that ability to prevent malicious actions when using our service. But only if that user is still active and we have proof of what exactly is wrong, what IP he is using, and so on. So we’ve got to bring that in order to activate that, to be sure we don’t activate it on a regular user. Otherwise, we can not help any law enforcement company.” 

    In 2016, however, CyberGhost was called to the carpet by ProPrivacy when the company was discovered to be quietly requesting potentially dangerous, root-level access to customers’ computers — a function the software hasn’t included for about three years now. The service was also caught logging the unique identifiers of each of its user’s computers. Similarly, other reviewers have also expressed wariness after CyberGhost appeared to remove some threads from its forum which may have detailed a critical 2016 malfunction and potentially revealed log-keeping practices within its free proxy service.

    Speaking of revelations, in March 2019, CyberGhost took a small hit when the customer-survey company it contracted, Typeform, was breached. The company said 120 email addresses and 14 CyberGhost usernames — but no passwords — were included in the two forms involved in the compromised data. 

    The bigger concern for me is that CyberGhost still uses a method of ad-blocking that’s considered at best ineffective and at worst insecure. Most VPNs block ads by filtering out requests from websites identified as suspicious. Not CyberGhost. The company instead uses a method which inspects and modifies — rather than filters out — those requests. The method is twice as risky and only half effective since it only works on sites with an HTTP URL and not those with HTTPS. 

    CNET asked Beyel in June this year about this method of ad-blocking and the criticism it’s received. 

    “We know this is not very effective. That’s why we’re already working on a better solution which is working on the process,” he said. “We need to completely move this kind of technology on the client side because in the browser you can, of course, do that.” 

    In its suite of features, however, CyberGhost does offer an option (enabled by default in its MacOS client) which forces your browser to redirect away from sites not secured by HTTPS. 

    Beyel also said that CyberGhost will be releasing a new suite of privacy modules in the coming weeks which go beyond its VPN to include tools for optimizing your computer and preventing vulnerable apps from affecting your privacy.[2]

    See also:

  • Aloha Browser VPN

    Aloha Browser VPN

    The Aloha Browser is one of the up-and-coming new browser apps for mobiles which targets one of the most important aspects of modern browsing — privacy. The Aloha Browser is the only browser (to our knowledge) that comes with a built-in VPN and encrypts user data at all levels. 

    When you are using Aloha VPN Browser, just who’s servers are you really using? According to our research their servers are 38% M247, 16% IPXO, 16% Ghost, 10% CDN77, 7% Server Stadium, 7% Creanova, and 7% ZenLayer.

    Privacy Policy

    Upon reviewing the provided privacy policy for Aloha VPN, several areas of concern or potential anti-privacy practices can be identified. The points highlighted below may have implications on user privacy and security based on the information provided in the policy:

    1. Collection of Non-Personal Information:
      • The policy mentions the collection of standard information typically made available by web browsers. While this is framed as non-personal information, combined data could potentially be used to identify individuals, especially when correlated with other data.
    2. Manual Entry of Personal Information:
      • Manually entered information for accessing certain services, getting in touch with Aloha VPN, or participating in surveys may expose users to privacy risks, especially if the collected information is sensitive in nature.
    3. Information Protection:
      • The policy acknowledges that no method of transmission over the internet or electronic storage is 100% secure. This honest disclosure reflects a potential risk to user data, despite the measures in place to protect personal information.
    4. Use of Collected Information:
      • Personal information is used for a variety of purposes including improving services, marketing, and promotional purposes. This broad usage could be concerning depending on the exact nature and sensitivity of the collected information.
      • Mention of providing personal information to third parties if obligated by law implies a potential privacy risk in legal or governmental scenarios.
    5. Sharing with Service Providers:
      • Sharing personal information with third-party service providers may pose a privacy risk, especially if these third parties have differing privacy practices or less stringent security measures.
    6. Disclosure in Legal and Other Situations:
      • The policy outlines several scenarios where user information might be disclosed, including in response to legal processes, investigative demands, or during significant business transactions like mergers or asset sales. These disclosures could potentially expose users to privacy risks, especially in adversarial legal scenarios or if the acquiring entity has different privacy standards.
    7. Opt-Out Options:
      • While there is mention of opt-out options regarding updates, promotions, or surveys, the extent and ease of these opt-out mechanisms are not detailed, which could potentially affect user control over their data.
    8. Public Sharing of Aggregated Data:
      • The policy mentions sharing aggregated but non-personally identifiable information publicly. However, the effectiveness of the anonymization process and whether the aggregated data could be de-anonymized is not addressed.
    9. Notification of Legal Process:
      • The policy mentions the possibility of notifying users about legal processes compelling disclosure of their information but doesn’t guarantee such notifications. This can potentially leave users unaware of legal actions involving their data.

    The points above highlight some potential areas of concern regarding privacy and security within Aloha VPN’s privacy policy, and users should consider these factors when deciding whether to use this service, especially if they are concerned about maintaining a high level of privacy and security.

    See also:

  • TorGuard

    TorGuard

    TorGuard is a virtual private network (VPN) service that encrypts internet traffic and helps to secure online activity. It is designed to protect privacy and increase security, and is often used to bypass internet censorship and access blocked content. TorGuard is based in the United States and was founded in 2012. In addition to its VPN service, the company also offers proxy services and anonymous email. TorGuard claims to have servers in over 50 countries and to support a wide range of devices and platforms, including Windows, Mac, Linux, iOS, Android, and routers.

    According to TorGuard’s website and privacy policy, the company does not keep logs of its users’ online activity or IP addresses. TorGuard states that it has a strict no-log policy, which means that it does not collect or store any information about its users’ online activity or IP addresses. This is intended to protect the privacy and security of TorGuard’s users. It’s worth noting that VPNs can be subject to government and law enforcement requests for user data, and a VPN company’s no-log policy may not necessarily protect users in all cases. However, in the absence of any logs, a VPN company like TorGuard would not have any information to provide to third parties if requested.

    Network Overview

    2019 Security Incident

    According to a report by PCMag, NordVPN and TorGuard were hit by hacks involving insecure servers. The server did not contain user activity logs, but the hacker stole a Transport Layer Security key, which temporarily opened the door for a ‘man in the middle’ attack. The hackers may have also gained root access to the server, enabling them to potentially view and modify VPN traffic. NordVPN says that the attacker was able to nab the Transport Layer Security key that is used to verify that a site is actually run by NordVPN. TorGuard said that it manages its certificate authority and keys in-house and that its VPN or proxy traffic was not compromised during an isolated breach of a single VPN server and no sensitive information was compromised during this incident.

    Global Coverage

    TorGuard’s VPN service demonstrates a measure of global reach, with servers located in 34 countries. However, the number of servers per location is relatively modest, leading to less robust representation in each of the countries. The most prominent presence is in the United States, with 54 servers, which, although beneficial for users specifically seeking connections within this region, may not provide the most comprehensive access or optimal speeds for users desiring connections in other areas.

    Upon applying the Global Diversity Index (GDI) – a scoring system designed to assess the geographical spread of VPN server locations – TorGuard achieves a score of 45 out of 100. This rating is influenced by the geographic diversity of server locations, the number of servers within these locations, and the global coverage of the service.

    In constructing the GDI, several key factors are taken into account. The breadth of geographic representation is vital – providers with a greater number of countries covered generally score higher. The quantity of servers within each country is another crucial element, as a higher server count often equates to increased connection stability and potentially faster speeds. Furthermore, we consider the presence in regions typically underrepresented in VPN services, such as Africa and South America, as indicative of truly global coverage.

    Thus, while TorGuard demonstrates a degree of global presence, the relative scarcity of servers within each location impacts its overall GDI score. It’s essential to reiterate, however, that the GDI score represents just one dimension of evaluating a VPN service, and users should also consider factors such as privacy policies, speed, security features, and customer support in making their choice.