[liberationtech] [SPAM:####] Re: advice on securing a new computer
Jacob Appelbaum
jacob at appelbaum.net
Mon Jan 28 07:02:25 PST 2013
Eric S Johnson:
>> Similarly, be careful which VPN provider you use. It's perfectly possible
> that
>> some VPN providers operating in countries may work for those countries,
>> under the juristiction they pay tax within. They may have reasons to be
>> interested in what you are doing (activism, diplomatic relations,
>> corporate and governmental communications, etc) and so provide
>> access to that government if asked.
>
> Totally *not* casting doubt on this possibility (above), but I think it'd be
> interesting: does anyone know of any cases in which this has happened?
>
> Not "I'm willing to bet" or "I suspect" but *some* proof, however
> circumstantial. Not talking about estimations that UltraSurf's privacy
> policy isn't up to snuff. Not talking about Riseup refusing to deny having
> responded to an FBI demand to access someone's mailbox. Not even talking
> about a VPN which helped an LEA catch a serial axe murderer. I mean, a
> proxy/VPN service which seems to have "betrayed" its customers, or its
> customers' traffic, to an LEA, in a manner which 90% of this list would
> agree is "wrong" (not legal or illegal, just wrong).
>
Yes:
http://blog.hidemyass.com/2011/09/23/lulzsec-fiasco/?COLLCC=1839346378
http://www.securityweek.com/vpn-service-snitched-alleged-lulzsec-member
http://invisibler.com/lulzsec-and-hidemyass/
http://www.informationweek.com/security/privacy/lulzsec-suspect-learns-even-hidemyasscom/231602248
In any case, PPTP is totally broken, don't use it.
All the best,
Jake
More information about the liberationtech
mailing list