Tag: m247

  • Kaspersky

    Kaspersky

    In the labyrinthine world of cybersecurity, Kaspersky Lab has carved out a name for itself as a leading antivirus and security software provider. Founded in 1997 and headquartered in Moscow, the company has had its share of accolades and controversies. Kaspersky gained significant recognition for its role in uncovering state-sponsored cyber-attacks, including the Stuxnet worm that targeted Iranian nuclear facilities. However, the company has also faced scrutiny, most notably in 2017 when the U.S. government banned federal agencies from using Kaspersky software over concerns that the Russian government could exploit its access to U.S. systems. Amid this backdrop, Kaspersky offers a Virtual Private Network (VPN) service, adding another layer to its cybersecurity portfolio. Intriguingly, the VPN infrastructure is managed by Pango Group, which is owned by the conglomerate Aura. This relationship raises questions about Kaspersky VPN’s commitment to privacy, given that multiple entities are involved in data processing and management. In this article, we’ll explore the details of Kaspersky’s VPN service, examining its features, privacy policies, and the implications of its association with Pango and Aura.

    App Privacy

    Our analysis of the app’s network connections reveals some intriguing insights. While Kaspersky does maintain connections that are integral to its core security functions—such as touch.kaspersky.com and edge.geo.kaspersky.com—the story doesn’t end there. The app engages with an assortment of analytics and tracking services, including various appsflyersdk.com subdomains, firebaselogging-pa.googleapis.com, and app-measurement.com. This paints a picture of an app that’s not just focused on security but also has its fingers in the analytics and tracking jar. Adding another layer of complexity, Kaspersky employs a multitude of unique subdomains related to its own services, raising questions about the necessity of such intricacy. For the privacy-conscious user, these details cast a shadow on Kaspersky’s otherwise reputable image, ultimately placing it in the “D” category of our privacy rating scale. So, while Kaspersky may offer robust security features, those looking for an equally strong commitment to privacy might want to tread carefully.

    Terms of Use

    In the digital age, scrutinizing the Terms of Use of any software solution is crucial for maintaining one’s privacy and security. Kaspersky’s Software solution, according to its Terms of Use, collects an extensive array of user data ranging from email addresses and unique IDs to sensitive financial information and device-specific details. While some data collection is necessary for the software’s core functionalities like managing licenses and remote control of security levels, the breadth and variety of data being collected raise questions for privacy-conscious users. Notably, the terms also mention that using external authentication providers subjects your data to another set of policies, adding another layer to consider in terms of data security.

    Adding to the complexity, the software operates under the legislation of the Russian Federation, which could entail different data protection standards than those you may be accustomed to. The terms also prohibit users from independently assessing the software’s security, limiting your ability to gauge its robustness. While Kaspersky is a respected name in the cybersecurity world, the extent of data collection and other stipulations in their Terms of Use necessitate a thorough evaluation, especially if you prioritize privacy and data security. Always remember, the devil is in the details—or in this case, the fine print.

    Privacy Policy

    Kaspersky’s Privacy Policy further expands on how user data is collected and processed, with specific attention to marketing and VPN functionalities. The policy points out that some statistics are used explicitly for marketing purposes, aiming to improve the quality of the application and offer targeted security solutions. While the policy does specify that the collected data cannot be linked to your online activity, it introduces Adaptive Security technology for Android, which ‘normalizes’ website and app information by deleting all personal data before checking against Kaspersky’s reputation cloud database. It’s worth noting that while the Terms of Use prohibits users from independently assessing the software’s security, the Privacy Policy emphasizes that they adhere to “the highest data protection standards.”

    Interestingly, the policy explicitly states that your online activity is not logged and that data is never used for advertising. This is in line with the Terms of Use, which also does not mention any third-party advertising. However, one point to consider is the involvement of Pango as the VPN service provider. While Kaspersky processes data required for the application to function, Pango processes data needed to arrange VPN sessions. Despite the division of labor, both companies claim not to log online activity. The Privacy Policy could be clearer on how Pango aligns with Kaspersky’s data protection standards, especially given that VPNs are often used specifically for enhanced privacy and security. As always, understanding the full scope of data collection and usage requires vigilance and a careful read of both the Terms of Use and Privacy Policy.

    See also:

  • X-VPN

    X-VPN

    X-VPN is a freemium VPN service that has become well-known for its simplicity and extensive server network. However, these points are overshadowed by some major concerns, making it a questionable choice for privacy-conscious users. One key issue is the existence of adware built into its app, making it a risky choice for users valuing privacy and security.

    X-VPN is owned by Free Connected Limited, a Hong Kong-based company that, upon investigation, revealed alarming links to mainland China. Given China’s notorious approach towards VPNs and digital rights, this is a significant cause for concern.

    Considering all these factors, X-VPN doesn’t come across as a trustworthy service. Its price and value for money also rank low at 6.0 out of 10, especially when there are cheaper and more reliable alternatives available.

    Privacy Practices

    Among the numerous concerns associated with X-VPN, the most unsettling is its privacy and logging policy, which received a dismal score of 2.9 out of 10. While many VPNs pride themselves on a strict no-logs policy, X-VPN has chosen a path far from it.

    Firstly, X-VPN logs a range of information that should typically be off-limits for a VPN service, especially one that purportedly values user privacy. This logged data includes device information, individual bandwidth usage, and connection timestamps, a decision we find to be unacceptable. While none of this information may be immediately identifiable, when correlated, such data can potentially be used to de-anonymize user activity.

    For mobile app users, X-VPN goes a step further, collecting VPN connection timestamps, choice of VPN protocol, and network type. Although the service has recently reduced its data retention period from 96 to 48 hours, it still raises eyebrows as to why it needs to collect this data in the first place. Top VPN providers have shown it’s entirely possible to optimize service without maintaining such logs.

    Furthermore, X-VPN’s vague privacy policy and the extent of data it collects vary by device. Across all its apps, it logs data like device information, usage, and city-level location, ostensibly for product development purposes. Even though this data can be deleted upon request, it’s unclear how straightforward this process is and whether any residual data remains.

    X-VPN’s logging practices become all the more concerning when coupled with its ties to China. Given the stringent regulation and censorship in the country, the possibility of data being accessed by third parties or government authorities can’t be ruled out.

    Lastly, X-VPN’s logging policy has not been verified by an independent audit or backed by a warrant canary. This lack of transparency and validation casts further doubt on X-VPN’s commitment to user privacy.

    In conclusion, X-VPN’s privacy policy and data logging practices not only betray the core principles of what a VPN should stand for – privacy, security, and anonymity – but also place it as a poor choice for those seeking a genuinely private and secure online experience. Users are strongly advised to consider VPNs that have clear, user-friendly, and audited no-logs policies to ensure their online activities remain private and secure.

    During the review, we also noted multiple connections to various domains such as get-xmore-links8.com, api.du-just-link.com, etc., which only compounds our concerns about its commitment to user privacy and security.

    We strongly advise against using X-VPN, particularly its free version which comes without a kill switch and is restrictive on server locations. While it does have some positives like ease of use and ability to unblock streaming platforms, its serious flaws, especially the adware issue, make it a risky choice.

    We suggest exploring other VPN services ranked higher, which offer fast speed, reliable unblocking capabilities, and most importantly, prioritize user privacy and security.

  • Mullvad

    Mullvad

    Mullvad is a small but mighty VPN provider that offers incredible speeds along with security and performance that stacks up with the best VPNs. Mullvad VPN is fast, great for torrenting, and excellent at keeping you safe online. It uses AES-256 encryption, OpenVPN and WireGuard protocols, multi-hop, and a dependable kill switch. However, Mullvad prioritizes internet privacy over entertainment. Despite its excellent privacy and security offering, the VPN is terrible when it comes to unblocking streaming services.

    But when you are using Mullvad VPN, who’s networks are you really using? After my testing I concluded that Mullvad uses 48% M247, 15% 31173, 11% Tzulo, 8% DataPacket, 7% 100TB, 3% xTom, and the remaining servers use Blix, QuadraNet, and Intergrid.

    Looking at the chart above, you can see that Mullvad VPN has effectively surrendered a significant degree of control over their VPN network to the British authorities. This means that M247 and DataPacket may be required by the courts to monitor, censor, or eliminate certain nodes. The UK is notorious for mandating that internet service providers keep records of every website visited by a user for a year. Furthermore, the country has proposed that social media and ISPs block posts containing “legal but harmful content.” Additionally, the so-called independent regulator Ofcom, which is not truly independent, has the power to censor anything it deems to be misinformation or disinformation, much like China and Russia.

    Either the government or Ofcom could easily categorize M247 and DataPacket as ISPs, rather than web hosts. This would result in the enforcement of censorship on their global networks or a 10% global turnover fine. M247 provides internet services to UK-based businesses, making it an obvious candidate for ISP classification. DataPacket, on the other hand, could potentially be classified as offering an internet service due to their active advertising to VPN providers, although this is a weaker argument.

    App Privacy

    Other Security Features

    • Kill Switch — A kill switch acts as your last line of defense when your VPN connection unexpectedly drops. Mullvad has a built-in kill switch that can never be disabled, but it’s only available on its desktop apps. I tested it by trying to load a page when changing servers on my laptop, and it said my connection was cut off.
    • Split Tunneling — Split tunneling allows you to use your VPN connection and local network at the same time. The advantage is that you can use local apps while bypassing geoblocks on your browser. Mullvad only enables split tunneling on its Android and Linux apps, and are currently building a Windows version. When I tried it on my Android smartphone, I could use my local banking app while watching US Netflix through the encrypted VPN tunnel. If you’re not using Android or Linux, then you can configure your routes on your OpenVPN or WireGuard protocol to enable split tunneling.
    • Double VPN — Mullvad’s Bridge servers are a version of Double VPN or MultiHop. This is when your internet traffic gets redirected through 2 VPN servers instead of just 1 for extra security. It can also help you bypass firewalls on restricted networks. You can easily toggle Bridge on or off in settings. I was impressed that I didn’t notice any decrease in speed when I used them — usually, the extra encryption layers reduce your speeds. However, you can’t use Bridge servers on mobile devices, which was disappointing.
    • Tor compatibility — You can configure your OpenVPN connection to use the Tor network through Mullvad. Once the configuration is done, then you’ll need to configure your Tor browser to connect to Mullvad using the Shadowsocks proxy. This means that you can only connect to the Tor network through the Tor browser by using Mullvad as the exit node. Luckily, there are instructions available for this.

  • TurboVPN

    TurboVPN

    TurboVPN is a virtual private network (VPN) service that allows users to browse the internet securely and anonymously. However, before investing in this service, it’s important to consider the ownership of TurboVPN.

    TurboVPN is owned and operated by Innovative Connecting Pte. Limited, a Singapore-based company. While the company has been in business since 2016 and offers a variety of VPN services, I approached their brand with a hint of skepticism, given the company’s history in the VPN space.

    While Innovative Connecting Pte. Limited’s mission is to provide secure and private internet access to users worldwide, there have been concerns raised in the past about their privacy policies and data practices. As with many VPN providers, there is no guarantee that your personal data will be kept confidential, and it’s important to do your research and choose a service that takes your privacy seriously.

    At the time of this review, their servers are 41% M247, 17% Digital Ocean, 10% Take2, 7% Choopa, 7% Ghost, and the remaining servers are a mix of Lineode, Hetzner, Oracle, and Datacamp Limited. All in all this is a fairly common spread of providers which almost half being M247, but I was surprised to see a good distrubution of providers for the other 60%.

    Designed to track you

    Any time you decide to use a service or VPN owned and operated by a company from Asia, I would be very cautious. In my testing, after using the app for several minutes I found the following in my DNS logs:

    pangolin16.sgsnssdk.com
    www.wshifen.com
    sdk.iad-01.braze.com
    data.flurry.com
    baidu.com

    app-measurement.com
    cdn.snigelweb.com
    api16-access-sg.pangle.io
    pitaya-task-sg.byteintlapi.com
    alisg-normal-lb.byteoversea.net

    TurboVPN’s free version is indeed ad-supported and comes with some usage limitations, such as a limited number of servers and slower connection speeds. However, its premium version is available for a reasonable price and includes many advanced features, such as dedicated IP addresses and unlimited bandwidth.

    Overall, while TurboVPN may seem like an appealing option for those looking to protect their online privacy, it’s important to always approach VPN providers with a hint of skepticism. Although owned by Innovative Connecting Pte. Limited, TurboVPN claims to prioritize user privacy and data security, but it’s ultimately up to each individual user to decide whether they trust the company’s practices or not.

    Related Posts

  • Hotspot Shield

    Hotspot Shield

    Hotspot Shield

    Hotspot Shield is a VPN service that has been around since 2008, making it one of the older players in the market. The service gained notoriety for its use by dissidents during the Arab Spring protests in the early 2010s. However, its reputation took a hit in 2016 when researchers cited Hotspot Shield in a research paper for using tracking libraries in their VPN service. A year later, the Center for Democracy and Technology accused the company of engaging in unfair and deceptive trade practices. In 2018, a researcher discovered a data leak, further eroding Hotspot Shield’s reputation. As a result, many websites stopped recommending the service.

    Despite these negative events, Hotspot Shield got a fresh start in 2019 when it became part of the Pango family of products. The VPN service was then acquired by a company called Aura in July 2020. With these recent changes in ownership, we felt it was a good time to take another look at Hotspot Shield. During our research and testing, we identified both positives and negatives of the service, and we also uncovered some interesting facts about Hotspot Shield and its parent companies. While we will delve into the corporate complexities at a later time, our findings provide a comprehensive overview of Hotspot Shield and its suitability as a VPN provider.

    Baked with adware

    Similar to VPN 360, the Hotspot Shield app routinely pings multiple advertising domains which is immediately a red flag. Any company that injects tracking codes into their apps immediately lose credibility in my eyes, and I take all of their promises and core principles with a grain of salt. I also discovered the app pinging various subdomains from yahoo.com There are much, much better VPNs that fight to protect your privacy – for less money. Here are the most commonly accessed domains from the app:

    • adcolony.com
    • adtilt.com
    • unity3d.com
    • doubleclick.net
    • supersonicads.com
    • dewrain.life
    • ssacdn.com
    A complicated history

    The corporate structure of Hotspot Shield is complex, and it has undergone significant changes over the years. The VPN service was developed by AnchorFree in 2008, a company based in Redwood City, California. Despite being a popular VPN service, Hotspot Shield faced a setback in 2017 when the Center for Democracy and Technology accused AnchorFree of deceptive trade practices. In 2018, a security researcher discovered a bug in the Hotspot Shield client that exposed user data.

    In 2019, Hotspot Shield joined Pango, a new company that offers a suite of security and privacy products. Like AnchorFree, Pango is based in Redwood City, California.

    In July 2020, Pango joined Aura, a digital security company. According to Hari Ravichandran, the founder, and CEO of Aura, the goal of all this activity is to:

    …build the best all-in-one digital protection platform for consumers. With the scale achieved through these transactions, we continue our journey to build and expand our integrated security platform. Our vision is fueled by our commitment to make digital security simple, user-friendly and accessible to everyone.

    Shady logging practices

    Sure enough, when I clicked on the VPN’s privacy policy on its website, I was redirected to Aura’s general policy for all of its products. While Hotspot Shield claims it doesn’t store any information that can be linked back to you, Aura states it logs the following:

    • Information about the domains you access when connected.
    • Usage information such as connection timestamps, frequency of use, and bandwidth used.
    • Device information including identifiers, operating systems, browser type, internet service provider, and network information.
    • Approximate location information (obtained from logging your IP address, albeit encrypted).
    Related Posts
  • McAfee VPN

    McAfee VPN

    It’s highly likely that you’re familiar with McAfee if you’re acquainted with any company in the realm of digital security and virus protection. Founded in the United States in 1987, McAfee has gained notoriety primarily for its antivirus software. However, upon discovering that they also offer a VPN service, we felt compelled to put it to the test. Here are our findings.

    We found that McAfee has an extremely poor logging policy. Their VPN service logs information that can be used to personally identify you, including your IP address and the websites you visit. By using McAfee Safe Connect, you’re essentially forfeiting your privacy to McAfee instead of safeguarding it. While it’s true that VPN providers retain logs, they are typically only the minimum necessary to ensure their services run smoothly.

    Infested with tracking scripts

    One thing I always do when testing out app-based VPNs is pay attention to my DNS logs for anything suspicious. One or two pings to home servers is nothing unusual, you do have to connect to your provider’s servers to log in, change account settings, etc. But when I start to see a bunch of advertising domains come up, it makes the company lose any credibility whatsoever. While using their VPN app, I saw the following connections in my DNS logs:

    polargrizzly.com
    lazerpenguin.com
    usbla.net
    usabilla.com
    appsflyer.com
    moengage.com

    Slower speeds

    It’s common knowledge that using a VPN service can often result in a slower internet connection – but I found McAfee’s speeds to be horrendously slow. One of the reasons for this is that VPN providers may have a limited infrastructure that they use to route their customers’ internet traffic through. To save money and reduce infrastructure costs, VPN providers may opt to use a smaller number of servers, which can become overloaded and slow down the overall connection speed. While some VPN providers do invest in larger server networks and higher quality infrastructure, the cost associated with this can make their services more expensive than other options on the market. Clearly McAfee is not one of them.

    Recommended VPNS:

  • VPN 360

    VPN 360

    VPN 360 is a virtual private network (VPN) app that allows users to protect their online privacy and security by encrypting their internet connection and routing it through a private server. It is one of the security products offered by Pangu whose parent company is Aura. VPN 360 is available for both Android and iOS devices, and can be downloaded for free from the Google Play Store or the Apple App Store. VPN 360 offers both free and paid subscription options. The free version of the app has some limitations, such as slower connection speeds and a limited selection of servers. The paid subscription offers faster connection speeds, more server locations, and other additional features.

    Our first major problem with VPN 360, and it’s all because of their logging policy. Their so-called “privacy policy” clearly states that they’ll hand over your information to the authorities without hesitation, and there are a ton of exceptions where they’ll collect and give up your data. Honestly, we find this policy completely unacceptable and we wouldn’t recommend trusting it, especially since VPN 360 is a paid service.

    Tracking code

    Similar to Hotspot Shield, the VPN 360 app routinely pings multiple advertising domains which is immediately a red flag. Any company that injects tracking codes into their apps immediately lose credibility in my eyes, and I take all of their promises and core principles with a grain of salt. I also discovered the app pinging various subdomains from yahoo.com There are much, much better VPNs that fight to protect your privacy – for less money. Here are the most commonly accessed domains from the app:

    • adcolony.com
    • adtilt.com
    • unity3d.com
    • doubleclick.net
    • supersonicads.com
    • dewrain.life
    • ssacdn.com
    No OpenVPN or WireGuard configs

    Another worrisome part of this service is the fact that the only protocols they offer are IPSec and Hydra. Hydra is a proprietary VPN protocol developed by the cybersecurity company, AnchorFree. According to AnchorFree, Hydra VPN is designed to provide “faster and more reliable connections” compared to other VPN protocols such as OpenVPN and IPSec. The fact that they do not offer WireGuard confirms the fact that I would never use this product.

    Unfortunately, VPN 360 is just another one of those “free” VPN apps that’s mobile-only and barely even worth considering. Don’t waste your time with it – it’s security and privacy features are weak, its connection speeds are completely unreliable, and it doesn’t even work with Netflix. Plus, the app is absolutely riddled with ads. Seriously, there are so many other VPN options out there that are way safer and more trustworthy – go with one of those instead.

    Related Posts
  • ZenMate

    ZenMate

    Zenmate is a virtual private network (VPN) based in Berlin, Germany service that encrypts your internet connection and hides your IP address to protect your online privacy and security. It allows you to access websites and content that may be blocked or restricted in your geographical location. Zenmate offers several different subscription plans that provide various levels of security and privacy protection, as well as the ability to access content from different locations around the world.

    Is ZenMate safe?

    ZenMate claims to be a no-logs VPN service, but it does keep some connection logs. It will also ask for your email address when signing up for the free version or the 7-day premium trial. It’s also possible that ZenMate may clash with other VPN apps installed on your device. When it’s running in the background, it may not allow you to launch any other VPN.

    Their location in Germany may pose additional issues due to their strict stance on copyright infringement. In addition, they are owned by Kape Technologies, a company that was known to send malware through their software. Overall, this service is of questionable safety, if you’re looking for a top-security VPN service.

    Related Posts

  • StrongVPN

    StrongVPN

    StrongVPN is a virtual private network (VPN) service provider. A VPN is a service that encrypts a device’s internet connection and routes it through a server in a location of the user’s choosing. This can be used to protect the user’s privacy and security online, as well as to access content that may be restricted in their location. StrongVPN offers a range of VPN plans and features, including support for multiple devices, unlimited bandwidth, and a variety of security protocols. The company is based in the United States and has been in operation since 2005.

    StrongVPN, formerly Black Oak Computers / Reliable Hosting / Overplay, is owned by Ziff Davis (formerly J2 Global) who owns NetProtect who operates IPVanish as well as StrongVPN.

    Is StrongP2P safe for torrenting?

    In the book Resistance, Liberation Technology and Human Rights in the Digital Age by Giovanni Ziccardi, he writes:

    This company did not directly answer questions but pointed to their logkeeping policy instead. StrongVPN do log and are able to match an external IP address to their subscribers. They were the most outwardly aggressive provider in the survey when it came to dealing with infringement. “StrongVPN does not restrict P2P usage, but please note sharing of Copyrighted materials is forbidden, please do not do this or we will have to take action against your account”

    “StrongVPN Notice: You may NOT distribute copyright-protected material through our network. We may cancel your account if that happens.”

    Privacy Policy

    The StrongVPN privacy policy is reasonably transparent and does not appear to have any major contradictions. However, a few aspects stand out as potential privacy concerns:

    • They collect email addresses, payment information, names, credit cards, and billing addresses to create accounts. This is quite a bit of personal information.
    • They use cookies and allow third party cookies for analytics and functionality. Users have to opt out of each third party cookie separately.
    • They may send marketing and promotional emails, requiring users to actively unsubscribe.
    • They disclaim warranties and liability, reducing accountability.
    • Users have to take multiple steps to exercise data rights like deletion. StrongVPN can retain data if needed for legal reasons.
    • They can monitor, restrict, or suspend accounts without notice for any reason. This could enable unfettered surveillance.
    • Data can be shared across their corporate group and third party processors quite freely.
    • Data is transferred internationally, with some protection measures. Local laws may differ.
    • Retention periods are vaguely defined as “necessary” for purposes in the policy.

    Overall the policy seems standard for a VPN provider, but the collection of personal information, broad data sharing allowances, and power to monitor/suspend accounts stand out as areas of concern that could impact privacy. The policy meets transparency requirements but still merits careful review by users.

    Terms of Service

    Users should carefully scrutinize the StrongVPN Terms of Service before signing up for the VPN service. Several clauses in the Terms grant StrongVPN alarming levels of discretion when it comes to monitoring, restricting, and terminating user accounts without notice. Users must agree to binding arbitration and waive rights to class action lawsuits, severely limiting legal recourse options. Additionally, StrongVPN disclaims all warranties and liability on their end, removing accountability for services. The Terms also give StrongVPN broad rights to collect and use customer data with few constraints. Restrictions like prohibiting account sharing among household members seem unnecessarily strict as well.

    Overall, the StrongVPN Terms of Service appear heavily stacked against users and in favor of StrongVPN’s interests. Users have little power or recourse under the Terms as written. StrongVPN reserves the right to change the Terms anytime without directly notifying users beyond posting to their website. Those concerned about privacy and accountability are advised to fully review the StrongVPN privacy policy and Terms of Service before subscribing. Important to understand exactly what user data StrongVPN collects, how they use it, and what options users have. Proceed with caution given the broad disclaimers and unilateral power granted to StrongVPN under the Terms of Service.

  • IPVanish

    IPVanish

    IPVanish is a virtual private network (VPN) service that allows users to securely and anonymously access the internet. A VPN creates a secure, encrypted connection between a device and the internet, protecting data and preventing snooping or tampering by third parties. IPVanish offers a range of VPN products and services, including support for Windows, Mac, iOS, Android, Linux, and other platforms. The company was founded in 2012 and is headquartered in the United States.

    A few years ago, IPVanish handed over user logs to the FBI. This caused consumers to question just how seriously the company takes user privacy, and it saw a dip in use and confidence as a result. As part of my review, I look to see if there have been any changes, or if IPVanish still deserves caution when choosing a VPN.

    IPVanish is the latest high-profile VPN to have provided information to the authorities after earlier claiming security for their users. Back in 2011, HideMyAss handed over information that would help to jail LulzSec hacker Cody Kretsinger. Last year it was revealed that PureVPN helped the FBI catch a cyberstalker.

    Can you torrent with IPVanish?

    One of the most common reasons why people sign up for VPNs is so they can use BitTorrent without revealing their true IP address. If you look at section 12 and 13 of the IPVanish Terms of Service, it clearly states that they respect copyright and intellectual property. They also have a page on their website instructing individuals how to submit DMCA notices. It is clear from their ToS that repeated DMCA violations will result in termination of your account:

    It is our policy to terminate in appropriate circumstances the accounts of subscribers who infringe the copyrights of others.

    Looking at their privacy policy

    The IPVanish privacy policy starts off the generic “we do not log, monitor, or collect your browsing history” which is the baseline for a decent VPN. A lot of people will read that line and go SEE!!! They’re anonymous!!!1. However, the devil is in the details – just a few lines down in G. Lawful Bases for Processing Personal Data it states:

    We may Process your Personal Data where the Processing is required by applicable law;

    What exactly does that mean? Just a few more lines down it explains:

    “Personal Data” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
    “Process”, “Processing” or “Processed” means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    In a nutshell – they may not “monitor” or “log” your browsing activity but per their Privacy Policy they will hand over any and all information they have on you if required by law.

    Hands in many different pies

    IPVanish has an interesting history that also includes a few different ownership changes over the years.

    Here is a brief summary of IPVanish’s history based on my research for this review:

    • IPVanish was founded by Mudhook Marketing in 2012, a subsidiary of Highwinds Network Group in Orlando, Florida.
    • In 2017, StackPath acquired Highwinds Network Group, which also included IPVanish.
    • In 2019, IPVanish was sold off to J2 Global (now called ZiffDavis Inc.) under the “Net Protect” division.

    J2 Global, also known as ZiffDavis Inc., isn’t just any ordinary company – they’re the parent company for many websites that publish reviews, including PCMag. But wait, there’s more. J2 Global doesn’t just stop at publishing reviews, they also own several VPN services, such as IPVanish, StrongVPN, and Encrypt.me. As if that’s not enough, they also have a secure cloud storage service called SugarSync. It seems like J2 Global wants to control every aspect of the digital world, doesn’t it? Who knows what kind of data they’re collecting from all these different services. It’s enough to make you wonder who’s really in charge of your data and privacy.

    So, J2 Global is the proud owner of a collection of VPN services, which means we’re now in a situation where VPN review websites are recommending products that are actually owned by the parent company. How convenient, right?

    It’s a bit of a dubious situation if you ask me, and we’ve discussed it before in our article on VPNs that own review websites. It’s hard not to be skeptical when the very same company that owns the VPN service is also the one getting glowing reviews from their own review websites. One has to wonder if these reviews are truly unbiased or just part of a larger marketing scheme. It’s a classic case of “who watches the watchers,” and it’s not exactly comforting.