VPN Transparency Project

Tag: latitude

  • Kaspersky

    Kaspersky

    In the labyrinthine world of cybersecurity, Kaspersky Lab has carved out a name for itself as a leading antivirus and security software provider. Founded in 1997 and headquartered in Moscow, the company has had its share of accolades and controversies. Kaspersky gained significant recognition for its role in uncovering state-sponsored cyber-attacks, including the Stuxnet worm that targeted Iranian nuclear facilities. However, the company has also faced scrutiny, most notably in 2017 when the U.S. government banned federal agencies from using Kaspersky software over concerns that the Russian government could exploit its access to U.S. systems. Amid this backdrop, Kaspersky offers a Virtual Private Network (VPN) service, adding another layer to its cybersecurity portfolio. Intriguingly, the VPN infrastructure is managed by Pango Group, which is owned by the conglomerate Aura. This relationship raises questions about Kaspersky VPN’s commitment to privacy, given that multiple entities are involved in data processing and management. In this article, we’ll explore the details of Kaspersky’s VPN service, examining its features, privacy policies, and the implications of its association with Pango and Aura.

    App Privacy

    Our analysis of the app’s network connections reveals some intriguing insights. While Kaspersky does maintain connections that are integral to its core security functions—such as touch.kaspersky.com and edge.geo.kaspersky.com—the story doesn’t end there. The app engages with an assortment of analytics and tracking services, including various appsflyersdk.com subdomains, firebaselogging-pa.googleapis.com, and app-measurement.com. This paints a picture of an app that’s not just focused on security but also has its fingers in the analytics and tracking jar. Adding another layer of complexity, Kaspersky employs a multitude of unique subdomains related to its own services, raising questions about the necessity of such intricacy. For the privacy-conscious user, these details cast a shadow on Kaspersky’s otherwise reputable image, ultimately placing it in the “D” category of our privacy rating scale. So, while Kaspersky may offer robust security features, those looking for an equally strong commitment to privacy might want to tread carefully.

    Terms of Use

    In the digital age, scrutinizing the Terms of Use of any software solution is crucial for maintaining one’s privacy and security. Kaspersky’s Software solution, according to its Terms of Use, collects an extensive array of user data ranging from email addresses and unique IDs to sensitive financial information and device-specific details. While some data collection is necessary for the software’s core functionalities like managing licenses and remote control of security levels, the breadth and variety of data being collected raise questions for privacy-conscious users. Notably, the terms also mention that using external authentication providers subjects your data to another set of policies, adding another layer to consider in terms of data security.

    Adding to the complexity, the software operates under the legislation of the Russian Federation, which could entail different data protection standards than those you may be accustomed to. The terms also prohibit users from independently assessing the software’s security, limiting your ability to gauge its robustness. While Kaspersky is a respected name in the cybersecurity world, the extent of data collection and other stipulations in their Terms of Use necessitate a thorough evaluation, especially if you prioritize privacy and data security. Always remember, the devil is in the details—or in this case, the fine print.

    Privacy Policy

    Kaspersky’s Privacy Policy further expands on how user data is collected and processed, with specific attention to marketing and VPN functionalities. The policy points out that some statistics are used explicitly for marketing purposes, aiming to improve the quality of the application and offer targeted security solutions. While the policy does specify that the collected data cannot be linked to your online activity, it introduces Adaptive Security technology for Android, which ‘normalizes’ website and app information by deleting all personal data before checking against Kaspersky’s reputation cloud database. It’s worth noting that while the Terms of Use prohibits users from independently assessing the software’s security, the Privacy Policy emphasizes that they adhere to “the highest data protection standards.”

    Interestingly, the policy explicitly states that your online activity is not logged and that data is never used for advertising. This is in line with the Terms of Use, which also does not mention any third-party advertising. However, one point to consider is the involvement of Pango as the VPN service provider. While Kaspersky processes data required for the application to function, Pango processes data needed to arrange VPN sessions. Despite the division of labor, both companies claim not to log online activity. The Privacy Policy could be clearer on how Pango aligns with Kaspersky’s data protection standards, especially given that VPNs are often used specifically for enhanced privacy and security. As always, understanding the full scope of data collection and usage requires vigilance and a careful read of both the Terms of Use and Privacy Policy.

    See also:

  • Hotspot Shield

    Hotspot Shield

    Hotspot Shield

    Hotspot Shield is a VPN service that has been around since 2008, making it one of the older players in the market. The service gained notoriety for its use by dissidents during the Arab Spring protests in the early 2010s. However, its reputation took a hit in 2016 when researchers cited Hotspot Shield in a research paper for using tracking libraries in their VPN service. A year later, the Center for Democracy and Technology accused the company of engaging in unfair and deceptive trade practices. In 2018, a researcher discovered a data leak, further eroding Hotspot Shield’s reputation. As a result, many websites stopped recommending the service.

    Despite these negative events, Hotspot Shield got a fresh start in 2019 when it became part of the Pango family of products. The VPN service was then acquired by a company called Aura in July 2020. With these recent changes in ownership, we felt it was a good time to take another look at Hotspot Shield. During our research and testing, we identified both positives and negatives of the service, and we also uncovered some interesting facts about Hotspot Shield and its parent companies. While we will delve into the corporate complexities at a later time, our findings provide a comprehensive overview of Hotspot Shield and its suitability as a VPN provider.

    Baked with adware

    Similar to VPN 360, the Hotspot Shield app routinely pings multiple advertising domains which is immediately a red flag. Any company that injects tracking codes into their apps immediately lose credibility in my eyes, and I take all of their promises and core principles with a grain of salt. I also discovered the app pinging various subdomains from yahoo.com There are much, much better VPNs that fight to protect your privacy – for less money. Here are the most commonly accessed domains from the app:

    • adcolony.com
    • adtilt.com
    • unity3d.com
    • doubleclick.net
    • supersonicads.com
    • dewrain.life
    • ssacdn.com
    A complicated history

    The corporate structure of Hotspot Shield is complex, and it has undergone significant changes over the years. The VPN service was developed by AnchorFree in 2008, a company based in Redwood City, California. Despite being a popular VPN service, Hotspot Shield faced a setback in 2017 when the Center for Democracy and Technology accused AnchorFree of deceptive trade practices. In 2018, a security researcher discovered a bug in the Hotspot Shield client that exposed user data.

    In 2019, Hotspot Shield joined Pango, a new company that offers a suite of security and privacy products. Like AnchorFree, Pango is based in Redwood City, California.

    In July 2020, Pango joined Aura, a digital security company. According to Hari Ravichandran, the founder, and CEO of Aura, the goal of all this activity is to:

    …build the best all-in-one digital protection platform for consumers. With the scale achieved through these transactions, we continue our journey to build and expand our integrated security platform. Our vision is fueled by our commitment to make digital security simple, user-friendly and accessible to everyone.

    Shady logging practices

    Sure enough, when I clicked on the VPN’s privacy policy on its website, I was redirected to Aura’s general policy for all of its products. While Hotspot Shield claims it doesn’t store any information that can be linked back to you, Aura states it logs the following:

    • Information about the domains you access when connected.
    • Usage information such as connection timestamps, frequency of use, and bandwidth used.
    • Device information including identifiers, operating systems, browser type, internet service provider, and network information.
    • Approximate location information (obtained from logging your IP address, albeit encrypted).
    Related Posts
  • McAfee VPN

    McAfee VPN

    It’s highly likely that you’re familiar with McAfee if you’re acquainted with any company in the realm of digital security and virus protection. Founded in the United States in 1987, McAfee has gained notoriety primarily for its antivirus software. However, upon discovering that they also offer a VPN service, we felt compelled to put it to the test. Here are our findings.

    We found that McAfee has an extremely poor logging policy. Their VPN service logs information that can be used to personally identify you, including your IP address and the websites you visit. By using McAfee Safe Connect, you’re essentially forfeiting your privacy to McAfee instead of safeguarding it. While it’s true that VPN providers retain logs, they are typically only the minimum necessary to ensure their services run smoothly.

    Infested with tracking scripts

    One thing I always do when testing out app-based VPNs is pay attention to my DNS logs for anything suspicious. One or two pings to home servers is nothing unusual, you do have to connect to your provider’s servers to log in, change account settings, etc. But when I start to see a bunch of advertising domains come up, it makes the company lose any credibility whatsoever. While using their VPN app, I saw the following connections in my DNS logs:

    polargrizzly.com
    lazerpenguin.com
    usbla.net
    usabilla.com
    appsflyer.com
    moengage.com

    Slower speeds

    It’s common knowledge that using a VPN service can often result in a slower internet connection – but I found McAfee’s speeds to be horrendously slow. One of the reasons for this is that VPN providers may have a limited infrastructure that they use to route their customers’ internet traffic through. To save money and reduce infrastructure costs, VPN providers may opt to use a smaller number of servers, which can become overloaded and slow down the overall connection speed. While some VPN providers do invest in larger server networks and higher quality infrastructure, the cost associated with this can make their services more expensive than other options on the market. Clearly McAfee is not one of them.

    Recommended VPNS:

  • VPN 360

    VPN 360

    VPN 360 is a virtual private network (VPN) app that allows users to protect their online privacy and security by encrypting their internet connection and routing it through a private server. It is one of the security products offered by Pangu whose parent company is Aura. VPN 360 is available for both Android and iOS devices, and can be downloaded for free from the Google Play Store or the Apple App Store. VPN 360 offers both free and paid subscription options. The free version of the app has some limitations, such as slower connection speeds and a limited selection of servers. The paid subscription offers faster connection speeds, more server locations, and other additional features.

    Our first major problem with VPN 360, and it’s all because of their logging policy. Their so-called “privacy policy” clearly states that they’ll hand over your information to the authorities without hesitation, and there are a ton of exceptions where they’ll collect and give up your data. Honestly, we find this policy completely unacceptable and we wouldn’t recommend trusting it, especially since VPN 360 is a paid service.

    Tracking code

    Similar to Hotspot Shield, the VPN 360 app routinely pings multiple advertising domains which is immediately a red flag. Any company that injects tracking codes into their apps immediately lose credibility in my eyes, and I take all of their promises and core principles with a grain of salt. I also discovered the app pinging various subdomains from yahoo.com There are much, much better VPNs that fight to protect your privacy – for less money. Here are the most commonly accessed domains from the app:

    • adcolony.com
    • adtilt.com
    • unity3d.com
    • doubleclick.net
    • supersonicads.com
    • dewrain.life
    • ssacdn.com
    No OpenVPN or WireGuard configs

    Another worrisome part of this service is the fact that the only protocols they offer are IPSec and Hydra. Hydra is a proprietary VPN protocol developed by the cybersecurity company, AnchorFree. According to AnchorFree, Hydra VPN is designed to provide “faster and more reliable connections” compared to other VPN protocols such as OpenVPN and IPSec. The fact that they do not offer WireGuard confirms the fact that I would never use this product.

    Unfortunately, VPN 360 is just another one of those “free” VPN apps that’s mobile-only and barely even worth considering. Don’t waste your time with it – it’s security and privacy features are weak, its connection speeds are completely unreliable, and it doesn’t even work with Netflix. Plus, the app is absolutely riddled with ads. Seriously, there are so many other VPN options out there that are way safer and more trustworthy – go with one of those instead.

    Related Posts
  • ExpressVPN

    ExpressVPN

    ExpressVPN was launched in 2009 by serial entrepreneurs Peter Burchhardt and Dan Pomerantz. From its inception, ExpressVPN’s commitment to privacy and security would be called in to question as several unsettling events unfolded. The service would eventually be acquired by Kape Industries (see more below) for just shy of 1 billion dollars. You have to ask yourself – what kind of company has that kind of cash sitting around, and how do they earn it? Certainly no humble privacy thinktank or nonprofit.

    Contents

    The notoriety of ExpressVPN began to gain prominence in 2016, when Turkish authorities confiscated one of its servers. The device was believed to be implicated in the erasure of evidence linked to the assassination of the Russian ambassador to Turkey.

    The spotlight shone on ExpressVPN again in 2021, but this time due to a change in its corporate structure. The VPN provider was acquired by Kape Technologies, an Israeli company with a concerning history of generating malware and adware. The implications of this acquisition remain debatable, especially considering the parent company’s questionable past activities.

    The plot thickened in the same year when Daniel Gericke, ExpressVPN’s Chief Information Officer, admitted to participating in Project Raven. In this scheme, he helped the UAE spy on American dissidents and journalists, a revelation that raised alarm bells among privacy advocates. It was discovered by Reuters that some of those individuals were later tortured by the UAE.

    ExpressVPN Privacy Policy

    When evaluating ExpressVPN’s privacy policy, there is one interesting bit that stands out:

    Legal. Your Personal Data is controlled by and stored under ExpressVPN, and not by its ultimate holding company, Kape Technologies PLC (UK) or other related entities. Express Technologies Ltd. operates under BVI jurisdiction, in accordance with BVI laws (pursuant to Section 16 of the Terms). Consequently, any demand via legal means for Personal Data (or other types of data) is subject to BVI jurisdiction and laws. We fight vigorously to defend our rights (and those of our users) if an attempt is made to bypass the privacy protections provided for by the BVI. A parent, subsidiary, or related entity cannot be compelled to, nor would it voluntarily, provide Personal Data stored by Express Technologies Ltd.

    Let’s translate this from legalese and break it down. What that essentially means is that if a law enforcement agency from outside the British Virgin Islands, such as an American agency, wants access to your account information, the request would be assessed under BVI legal standards. This does not mean gaining access to your account information is not impossible, just more difficult.

    If a U.S. law enforcement agency contacted ExpressVPN for your account information, several scenarios could unfold:

    1. Mutual Legal Assistance Treaty (MLAT): The agency might go through an MLAT or other formal channels to request assistance from BVI authorities. If BVI authorities deem the request valid under BVI law, they might compel ExpressVPN to comply.
    2. Direct Request Refusal: If the U.S. agency approached ExpressVPN directly, the company might refuse the request based on BVI jurisdiction unless ordered by BVI courts to comply.
    3. Challenge and Defense: ExpressVPN indicates it would fight vigorously to defend its rights and the rights of its users against attempts to bypass BVI privacy protections. While highly unlikely, this could involve legal battles where the legitimacy of the request would be tested against BVI privacy laws.

    The more heinous your offense was, the more likely the British Virgin Islands are to cooperate with the United States.

    App Telemetry

    When evaluating a company’s commitment to privacy, one of the best representations is what data or telemetry is collected while you are using their app. It’s kind of like if you were to find out a guest went through your medicine cabinet while using your bathroom. I do applaud ExpressVPN for immediately asking whether you would like to participate in sending usage analytics – most apps leave that option buried in the settings.

    However, despite turning this setting off, the iOS App Privacy Report tells an interesting story. The most contacted domains are all related to analytics and marketing:

    • app-measurement.com
    • firebaselogging-pa.googleapis.com
    • googleadservices.com
    • adservice.google.com
    • app.usercentrics.eu
    • fonts.googleapis.com
    • googleads.g.doubleclick.net
    • app.launchdarkly.com
    • sdk.iad-05.braze.com

    Collectively, these instances draw attention to ExpressVPN’s tangled engagement with privacy, power, and politics. They suggest a need for more in-depth investigations and disclosures to make informed decisions about the use of such services. Evaluating any VPN service is no longer just about comparing features and prices; it also entails a keen understanding of the company’s ethics, allegiances, and accountability. It’s clear that trust and transparency are vital in the digital age, but the story of ExpressVPN reminds us that these values are often harder to find than we’d like.

    Can you safely torrent with ExpressVPN?

    In section 7 Acceptable Use Policy of the ExpressVPN Terms of Service it clearly states that you are not to upload, download, or distribute material that is copyrighted, and that they will terminate your account after repeated violations. That is not to say that ExpressVPN actively monitors for BitTorrent usage – it simply means if your account is flagged multiple times for DMCA violations they will terminate your account in order to remain legally compliant. That being said, quite often once an IP address is verified to be from a VPN the group representing the intellectual property holders will not bother to submit the DMCA notice, but your mileage may vary.

    What services are available while using ExpressVPN?

    ServiceBlocked / Restricted
    Amazon PrimeAccessible; non-US IPs blocked
    NetflixAccessible
    SpotifyAccessible
    PandoraAccessible
    YouTube MusicAccessible
    HuluAccessible
    Disney+Accessible
    Google SearchCaptcha for non-US IPs
    ChatGPTAccessible
    YouTubeAccessible

    It’s also worth discussing ExpressVPN’s questionable advice regarding browser choice. Their marketing team has recommended the Chrome browser to its users, a decision that stands in stark contrast to their ostensible privacy-focused ethos. Chrome, as is well known, is a product of Google, a company with a prominent role in the realm of data collection and targeted advertising. Recommending a browser that has been at the center of various privacy controversies suggests a surprising disconnect from the fundamental principles of data protection. This discrepancy between ExpressVPN’s supposed commitment to privacy and its browser recommendation raises questions about the company’s understanding and prioritization of privacy issues. It serves as a sobering reminder that companies may not always act in the best interest of users when it comes to safeguarding digital rights and freedom.

    Kape Industries

    In our original article, we highlighted the evolution of Kape Technologies, formerly known as Crossrider. Initially, Crossrider was involved in the production of a browser development platform that was unfortunately exploited by third parties to distribute malware onto devices. However, in 2016, Crossrider decided to shut down its development platform. Subsequently, the company underwent a significant transformation, acquiring various VPNs starting in 2017 and ultimately rebranding as Kape Technologies in 2018.

    Under the umbrella of Kape Technologies, several notable VPN services are now owned, including CyberGhost, Private Internet Access, ZenMate VPN, and recently, ExpressVPN. It is worth noting that Kape Technologies also runs VPN “review” websites, which curiously rank its own VPN services in top positions. This arrangement raises questions about the impartiality and objectivity of these rankings.

    Despite the acquisition, ExpressVPN seems to be operating independently for the time being. However, the long-term impact of the ownership change remains uncertain. It will be interesting to see how ExpressVPN develops under the ownership of Kape Technologies. In our latest round of tests, ExpressVPN has performed well, surpassing its performance from the previous year. We will closely monitor the situation and update our ExpressVPN review accordingly to provide accurate observations and insights to our readers.

    ExpressVPN’s ‘No Logs’ Policy Put to the Test

    In December 2017, Turkish authorities seized an ExpressVPN server in an attempt to obtain customer data. However, the authorities were unable to find any logs on the server, as ExpressVPN does not keep any logs of its users’ activity.

    This incident demonstrates the strength of ExpressVPN’s ‘No Logs’ policy. Even when authorities seized a server, they were unable to obtain any user data. This is because ExpressVPN does not store any logs of its users’ activity, including their IP addresses, browsing history, or connection times.

    ExpressVPN is one of the few VPN providers that can make this claim. Many other VPN providers claim to have a ‘No Logs’ policy, but they have been caught logging user data in the past. This makes ExpressVPN a more trustworthy option for users who are concerned about their privacy.

    See Also

  • VPN – Super Unlimited

    VPN – Super Unlimited

    Just about everyone knows what a VPN is these days, or at the very least, they’ve heard of them. And businesses keen on making a quick dollar have caught on to the recent surge in VPN users. A quick glance at the iOS App Store shows over a dozen VPN apps, all with their own unique names and branding. Many purport to be the best and many are free. Unfortunately, many of these VPNs are immensely popular due to their free or inexpensive services.

    After all, all VPNs are the same… right? In theory. All mechanics are indeed mechanics. But that doesn’t mean you should bring your car to any old mechanic with out at least doing some research or reading reviews. Every city has the shops to avoid because they will do unauthorized work or will exaggerate the severity of your cars work to get an easy Buck out of you. Blinker fluid, anyone? VPNs are no different exempt you are entrusting these companies with some of your most personal, sensitive data.

    Our opinion: Thumbs down

    Website: https://www.mobilejump.mobi/

    Mobile Jump is based in Singapore, but according to Top10VPN, the company’s roots are in mainland China. And it’s the risk of user data being transferred to China that has prompted Top10VPN’s head of research Simon Migliano to issue a warning to U.S. users. “It’s certainly a surprise to see a Chinese VPN grow so rapidly in such a short space of time,” he told me. “There are two main risks. First, it collects unusually large amounts of personal information, including location data. Second, not only does it use that information for advertising, but it explicitly states it will share that data with authorities around the world, including those in China.”

    https://www.forbes.com/sites/zakdoffman/2019/12/03/top-ios-security-app-shares-user-data-with-china-8-million-americans-impacted/?sh=2481a89454d7
    • LA 38.75.137.21 as63023
    • Russia 146.185.215.81 AS210756
    • Dallas 38.68.134.247 AS63023
    • Seattle 169.197.143.20 AS63023
    • Germany 64.225.110.152
    • NY 38.91.101.107 AS63023
    • London 37.120.198.174
    • Mexico 103.14.26.33
    • Spain 195.206.107.242
    • Netherlands 185.200.119.110
    • Portugal 94.46.171.166 AS24768
    • Canada 217.138.213.106

    And, in fairness, Mobile Jump’s privacy policy should leave users in no doubt as to the risks being taken. For a VPN it’s extraordinary small print: “We regularly collect and use information that could identify an individual, in particular about your purchase or use of our products, services, mobile and software applications and websites… We use various technologies to determine [your] location, including IP addresses, GPS, and other sensors.” An app whose primary purpose is to anonymise users, collects and stores personal information that could identify and locate those users. And there’s worse. The company says it might share data with “regulators and law enforcement or investigation agencies in the EU, U.S., China, and around the world.”

    https://www.forbes.com/sites/zakdoffman/2019/12/03/top-ios-security-app-shares-user-data-with-china-8-million-americans-impacted/?sh=2481a89454d7
  • NordVPN

    NordVPN

    NordVPN is a Virtual Private Network (VPN) service provider that was founded in 2012 by four childhood friends in Panama. The company is now headquartered in Cyprus, with offices in the United States, the United Kingdom, and Lithuania. NordVPN is one of the most well-known VPNs in the market, and this is due to their extensive advertising on various platforms, including YouTube. NordVPN’s ads feature catchy taglines and famous personalities, making them one of the most recognizable VPN brands in the market.

    But just because NordVPN is based in Panama, that doesn’t mean their servers are. After testing around 6,700 servers used by NordVPN, I concluded that NordVPN servers predominantly use Datacamp Limited, M247, Clouvider, and Hydra Communications. It is worth noting that NordVPN does own and operate about 10% of their servers which are operated under the business name Tefincom.

    NordVPN Privacy Policy

    The privacy policy and terms of service are one key way a VPN provider can put their money where their mouth is. Afterall, a service can make whatever claims they want, but the truth lies in their policies. NordVPN has one of the worst privacy policies and acceptable use policies I’ve ever seen. First, in their ToS they stipulate that you are not to use NordVPN for anything that that they as a company would find inappropriate or offensive.

    • communicate, transmit, store, make available, share anything that is illegal, abusive, harassing, or otherwise objectionable (objectionable means anything which interferes with the rights of Nord, its users, or other third parties, or causes conditions that are dangerous, hazardous, and detrimental to others, or anything that most users and/or Nord would find to be offensive or inappropriate);

    Further, it goes on to suggest that using their service to bypass georestrictions is also against their ToS:

    • attempt to circumvent any technological measure and/or arrangement implemented by Nord and/or its licensors, or by the owner of the resource or the source of the material that the technological measure protects;

    • violate general ethical or moral norms, good customs, and fair conduct norms;

    Their privacy policy isn’t much better. It states that they will retain your billing information for ten years, and even worse, will retain your data if they receive a court order or subpoena:

    (ii) Nord also may retain information associated with you (e.g., payments data) in order to fulfill its obligations as required by applicable laws, regulations, court orders, subpoenas, or other legal processes for archival purposes.

    Lack of transparency

    One of the most well-known players in the VPN industry, has faced its fair share of controversy over the past few years. While it maintains a significant user base and performs admirably in various audits, numerous concerns have emerged about the company’s privacy practices, integrity, and security.

    One of the most glaring concerns revolves around a data breach that occurred in 2019. An attacker managed to gain access to a server by exploiting an insecure remote management system left by the data center provider. This incident, which went undisclosed by NordVPN until highlighted by a third party, is a clear violation of trust, raising valid concerns over the VPN provider’s transparency.

    Moreover, NordVPN’s relationship with Tesonet, a data-mining, analytics, SEO, and targeted marketing company, has been under scrutiny. Despite vehement initial denials, NordVPN finally admitted to this association, only to downplay its relevance. This admission further exacerbates concerns over user privacy, considering Tesonet’s activities.

    Adding fuel to the fire, NordVPN has been discovered to be based out of Lithuania, a country with mandatory data retention laws. This revelation contradicts the company’s claim of being registered in Panama, a known privacy-friendly jurisdiction, thus eroding trust.

    NordVPN’s partnership with Hola VPN, which was involved in forming a data mining botnet, and its alleged theft of technology from Hola VPN further draws into question the company’s ethics. It’s important to note that Hola VPN has been widely criticized for its own practices, which makes its association with NordVPN disconcerting.

    Several troubling practices have also surfaced relating to NordVPN’s marketing and sales techniques. The company has been accused of engaging in price discrimination, making it difficult for users to cancel auto-renewal, and reducing features for those who cancel auto-renewal. There are also reports of NordVPN sharing data with Facebook and leaking sensitive customer data.

    Adding to these controversies, NordVPN has been accused of blackmailing competitor TorGuard and has faced criticism from a UK-based watchdog for misleading marketing. It also reportedly sent cease-and-desist copyright claims to Njalla, further tarnishing its reputation.

    NordVPN’s wide-ranging sponsorship deals, which include football teams and numerous YouTubers, have also been called into question. Many believe these partnerships are incentivised by high affiliate commissions, which may be influencing the integrity of VPN reviews and recommendations.

    Despite the series of security audits that NordVPN has undergone, these revelations and practices suggest that trust and transparency are far from guaranteed. It’s crucial for users to conduct their due diligence and weigh the potential risks before choosing a VPN provider. The issues surrounding NordVPN serve as a sobering reminder that not all VPNs deliver on their promises of privacy and security.

    NordVPN, Surfshark, Denial

    NordVPN’s credibility was further strained when it was discovered that the company had ties to Surfshark, another popular VPN service. This discovery was unexpected and raised concerns given Surfshark’s track record.

    Surfshark has its share of controversies, which include system-level changes that persisted even after uninstallation, exposing user IPs and making them vulnerable. The company’s TrustDNS app has been implicated in data collection for advertising and marketing purposes. There’s also the issue of weak security, including the installation of risky root certificates on user devices.

    The link between NordVPN and Surfshark was initially and extensively denied by both entities. However, they eventually acknowledged their relationship, adding another layer to NordVPN’s complicated narrative. The merger between these two was officially announced, which startled users who were relying on these services for anonymity and security.

    These revelations not only shed light on NordVPN and Surfshark’s questionable practices but also underscore the need for users to question the transparency of VPN services. It’s essential to keep in mind that the practices of these companies can directly impact user privacy and security. Therefore, users must stay informed about the operations of their chosen VPN services.

    In the end, the core of the VPN business relies on trust, and the denial and eventual admission of the connection between NordVPN and Surfshark is a blatant breach of that trust. It highlights the need for vigilance and constant scrutiny of companies that promise to protect our digital rights and freedom.

    Related Posts