Financial numbers only shows whether you have to pay for the service and how much money the service has earned the company so far, they cannot be used to accurately determine how secure their service is.
My recommendation? Pick VPNs that are popular and avoid those that were involved in incidents. Just dont forget that there is always a risk that the current VPN you’re using could be breached any day, even without you knowing.
When I looked for free VPNs I found out, most of them are dubious. Since security is not a concern (KC is https) you only have to take care, that your computer isn’t riddled with malware. You can connect to VPNgate via IPsec with windows builtin methods, so you don’t have to install their app, which I have in bad remembrance because of frequent update messages.
VPNgate is a university project with volunteers, so be nice and don’t use unnecessary bandwidth, which shouldn’t be a problem, as you can disconnect after login. But VPNgate can be really slow. One time the game needed 5 minutes to load.
You can make your own for about the same cost as other VPNs if you really want to be in control of it. Just Bing “How to make your own VPN” and you’ll find video guides. The main issues being, it’s a bit more complicated and not have access to as many output points.
I agree. I have worked with many such individuals who do fit the bill of thinking everything is easy, and always go for the solution that works on the surface. In fact I can really relate, I once had to rip out a whole server repository that had open public connections on FTP we couldn’t verify the origin of…put in place by my predecessors. They do cause problems, but IMO the other group cause just as many. The paranoid bunch who…I’m going to be less charitable than the poster here…are so calcified and fossilized, they turn away from very practical solutions, particularly new ones.
This wouldn’t be so much of an issue if they weren’t equally in love with what their sometimes long or well-read experience tells them “has always worked, is very simple and won’t ever change”…except such concepts are kind of an oxymoron in the tech space.
And that also sometimes leads them to over-complicating problems, requiring high amounts of bureaucracy and review for a simple fix. Of course the opposite, rushing a poorly considered hotfix or patchjob for a complicated problem is just as bad. But in this case? Well, we only need to mask our IP to connect to DMM’s servers, after which the vast majority can play the game with their regular connection. You only need to connect to one site, for 10 seconds, nothing more. You’re not using it to play your whole KC session, browse the net or play other games.
I prefer using the VPN Gate university project atm. Theoretically it’s even less secure than “free” VPNs, since it’s nodes are provided by volunteers, any of whom can be malicious. Also, quality of connection is usually pretty poor. But in practice it does log activity, which can be handed over to authorities and deters a lot of malicious users, and you can get a Japanese IP, which usually doesn’t flag DMM’s frankly very poor security.
And I think that’s good enough for home use. Giving advice about how to keep secure while playing KC for most other users while citing the example of trying to do so while operating in a highly secure workplace network environment is…simply not very helpful.
I never said it was a fair division of tech people. But I am not going to double back and tell you that this is not how tech people work when the HR department spend millions upon millions throwing away CVs just to find a decent tech.
But you might replace stupidity with ignorance just to be nice. Even if ignorance might turn into stupidity. As example, we have the tech guys who jumps on a new soultion every half year and tell you that THIS WILL SAVE THE WORLD!!! and then drops it for a new solution when he learns the ups and downs of the first product. The question is when the turning point turns up. Is it ignorance when you believe the sales pitch of a new backup solution? If it’s you first time, yes. But it turns into stupidity when you turn down half a years work getting the first backup solution to work just because you believe the sales pitch of a newer backup solution that’s just as shitty…
And if the guys who watches this years after years don’t turn paranoid every time they see a suit… Well, there are people who learns and those who don’t. We usually call those who don’t learn something that begins with stu and ends with pid.
I’m kind of tech illiterate in this field. I’ve followed what’s on the manual with some help but explaining how it works is not something I’d be able to do I’m afraid.
Absolutely true, it’s just that a service’s business model is probably the easiest check. As the saying goes, if something is too good to be true, it often is.
First of all it’s important to mention that it wasn’t Nordvpns fault but the data center’s and it was only one server out of thousands. As it says in their official statement no user was affected by it, so at the end of the day, it wasn’t anything major and I still think that they provide a good service.
Assuming the latter (since the former has a linked Ars article) … I’ve had a paid Tunnelbear account for a long time, but a couple years ago, Netflix seems to have caved to licensors and invested into detecting/blocking VPN connections in order to enforce region blocks. ExpressVPN was one of the few that still work to this day. Pretty much the only reason why I switched … I don’t browse other regions’ catalogs regularly, but it’s just too nice to have the option.
Sorry, I wrote this poorly. I meant if it was possible to nest the proxies. I can imagine how useful it would be to have a local cached version, but would like to see if the proxy can redirect itself into a second proxy that had auth support.
And yeah, while the poi devs have implemented the socks5 proxy, they told me that they would not likely add in auth support. Which is why I tried (and failed) to compile a variation with some tweaks that I thought might allow for it to work, based on the original source that they used from another repo.
I’m well aware that NordVPN blamed a 3rd party in Finland, claiming they were incompetent and has made a security misconfiguration. But lets keep the following things in mind though:
The breach caused a TLS key to be leaked out. Although they found out later that it was expired, you can still theoretically create a new server that impersonates NordVPN and/or its services, which is effectively a MITM attack. Considering it is a company that advertises on the security of our privacy, this is a pretty big deal.
The server was up at around the end of January 2019. The hack happened anywhere between January to March 2019. During the time, NordVPN admitted that roughly 20 to 200 users connected to said server. Although they claim no users were compromised by the breach, there’s no way we can ever verify this, especially since they also claim to have a no log policy.
NordVPN claims that they learned of the hack on April 2019. They only made it public in October 2019 after their TLS key ended up on twitter. Their excuse? They want to be 100% sure that they were compromised.
Don’t get me wrong, NordVPN is perfectly capable of providing a decent VPN service with the infrastructure they own, but you must also understand that every service on the internet operates on a trust basis, hence why every privacy authority urges organizations to be as transparent as possible.
As I still have a running subscription, I’m sort of stuck with NordVPN for a while I guess, but as someone speaking who works in the field of infrastructures and security, I sure as hell wouldn’t recommend NordVPN to anyone else.
You mean in general or when connecting to KC? Like I said, for KC you’re connected for a very short period of time. I don’t want to sound glib, like viking is asserting some people are, but while there are real dangers to using a lot of VPNs, most of them don’t matter for this use case. VPNs can track your browsing history, they can force ads on sites you visit (never touch ads when browsing a website using a public vpn), they can even steal your bandwidth (which I suspect is what viking encountered, actually), and they can snoop non-encrypted data (but your login credentials to DMM are encrypted, VPN doesn’t change that). But we’re not using a VPN for our whole KC session, and unless you care that someone could know you play KC, there’s not much that can happen…assuming you’re even using a malicious VPN.
As for in general, I’d just say use software for what its meant for. Internet security and anti-virus software will protect you from the vast majority of home user remote threats. Ad blockers are not intended to be security software, so if that’s your reason for using them, don’t rely on them for that. They do protect you against malware in ads, but that’s more of a coincidental benefit. Just like how in viking’s example, Filezilla is certainly not a secure solution to send confidential data…and was never meant to be. And VPNs are not intended to be security tools, as much as public VPN providers market themselves as that.
Oh but I should add, almost definitely don’t install VPN apps on your phone. Like VPNs, they too can be malicious. But the difference is that they stay on your phone as apps even when you’re not using them, and malware is easily injected this way. It’s also probably a good idea to disable the extension when you’re not using a browser based VPN (and any other type of publicly sourced extension, at that).
Uh, you might want to check those dates again. While I wouldn’t be surprised that a company would lie like that, I’d like to think nord wouldn’t claim to have only learned of an attack a month from now…
