Note that all of these companies are also under the umbrella of Tesonet, a Lithuanian VC firm also headed by Tomas Okmanas (Tom Okman in TFA). Their flagship investments are Nord Security, Hostinger, Oxylabs, Surfshark, Decodo, Mediatech, and nexos.ai - all closely related business models around proxying.
They don't seem to have Russian ties: "In 2022, CyberCare opened an office in Lviv, Ukraine. Although planning for the move started before the war, according to Dainius Vanagas, CEO of CyberCare, one of the reasons why it was followed through was a desire to help Ukraine rebuild."[0]
Don't forget ProtonVPN links to Tesonet, which they're trying hard to "debunk" (though no clue why, I have nothing against Tesonet). They only shared employees and accidentally signed apps with the same certificates, but are "totally unrelated". Their PR people are already on this thread.
If they didn't try so hard to fight it, people might care less.
I used to work at Tesonet (as software engineer) and I'm not familiar with corporate politics / ownerships but they're lovely people that would 100% walk out if there were some real Russian ties involved.
Lithuania is a really small country and IT has been a huge economic strategy since early 00s as a way to become economically independent specifically because of Russia and it worked out really well.
Calling Tesonet a VC firm isn't really an accurate description of their history. They started as an IT services company (which they still do), then split out internal services into effectively separate companies (e.g. CyberCare was originally built to manage customer support for NordVPN).
Now they have got more money than they know what to do with so are making VC investments.
After seeing the front end and the tiniest bit of backend on CrowdStrike and why they’re in Ukraine… I wouldn’t say any company with offices there makes me feel at ease. It’s not better.
Hey Carl! This is the first I'm hearing of Obscura. After doing a deep dive into your product, it looks to be a very fascinating privacy tool. However, I'm concerned with your operating under US jurisdiction, as detailed by others here:
While I understand potentially not wanting to incorporate in the EU (with Chat Control on the horizon) nor Switzerland (due to their own non-EU-related privacy backslide), why still select the US, which historically other privacy tools have largely avoided? It feels like you're already shooting yourself in the foot, whereas you'd be good in the EU should Chat Control not pass. While it's great that you verifiably can't see a user's internet traffic, you're one US court order away from a forced compromising of the service for a user (or at least, giving up the connecting IP). Historically, EU court orders have been easier and more transparently fought by privacy tools.
Non sequitur, it would be great if you prioritized accepting Monero as payment, like your exit hop Mullvad. Also, how much control do we have over the features Mullvad offers (e.g. DAITA, quantum resistance, DNS filters, IPv6, integration with Mullvad Browser)?
Can you control the geography of the exit node? I really like Private Relay but it doesn't get around geo restrictions because the IP is still in the same country you are.
At this point, the VPN industry is so rife with shady dealings, suspicious ownership structures, weird exits, questionable marketing/PR practices/pushes, and rumours that waters have been muddied sufficiently for every provider out there. It might have been by design as well. Who knows.
I now believe that you know your use case and use VPN only for that, and decide whether you really need to pay with parts of your kidneys for a service that claims to be the "uber privacy bulwark of the season" (until proven otherwise, as it happens), and get done with it, and make sure "anonymity and privacy" are not the expectations unless you have gone to great lengths to ensure these two, and if that's the case, you won't be in the market for "list most private VPNs providers" at a search or LLM input box.
If your needs are anonymity, a VPN is not going to solve it— in fact, relying on one might endanger you. Even for privacy, I'd be very careful in trusting a VPN (any VPN).
So if you need a VPN for streaming content from other geographies, just get the one at the best cost that does the job well in your geography, without going through the rabbit hole of cryptographic verification, reputation spiral, etc.
A VPN is always a risk. Still, there is a difference between using Mulvad or PrivateInternetAccess. The difference between risking that the service might do bad things with your data, and having high certainty that it does. And this article gives pretty good indications which category each service belongs to
Not saying that this is what I do, but a VPN is useful for things that are illegal but not serious.
For example, France is spying torrent downloads of copyrighted content but they only look at the domestic consumer ISP IP addresses. They ignore all foreign IPs, so if you're using a VPN it doesn't matter if the VPN keeps all the logs they won't bother.
Of course if you're doing things that will get you personally targeted by the police, like cyber-bullying or CSAM, a VPN won't protect you.
Yeah, agreed. Most VPNs just move the trust boundary from your ISP to another opaque network and call it privacy. There’s no way to verify what’s running, who controls it, or what happens to your data once it leaves your machine.
We solve this with vp.net, by making the service verifiable. The code can be reviewed, the builds are reproducible, and each node can prove what software it’s running and where your traffic actually goes [1].
It doesn’t turn a VPN into an anonymity tool, but it makes trust measurable instead of blind. That’s the part the industry should have fixed a long time ago.
Are we allowed to discuss (edit: if it's not too political?) if Kape Technologies has any connections to Israeli security services, given the nature of VPNs and given the amount of data that can be trivially collected, and:
"Being from Israel, Teddy Sagi had connections with the Israeli military intelligence sphere and was able to procure himself a real-life cyber spy [his co-founder] from the famed Unit 8200 (kinda like Israel’s version of the NSA)" [0]
Unit 8200 is the premier software development track in the Israeli military.
Every Israeli tech company likely has multiple developers from Unit 8200 in it. Whether it's building e-commerce shops or making video games.
While 8200 definitely falls under the military intelligence wing, I don't think describing people in it as Cyber Spies is anywhere near accurate. And unless that guy was very high ranking it is a stretch to imply that's an indication that IL military intelligence is involved in the company.
That is not to say that the military isn't involved with the company - that might very well be true, just that someone being from Unit 8200 isn't an indication of it.
>Teddy Sagi had connections with the Israeli military intelligence sphere
Does this mean much given that israel has mandatory military service? Unlike in the US where you have to make a conscious choice (eg. patriotism or desperation) to join the CIA/NSA/military, that's not really the case in israel. "has ties to unit 8200" might as well mean "has ties to stanford/MIT/caltech" or "has ties to big tech".
I only ever use a VPN to access region blocked content and the occasional "linux iso" torrent..I tried Mullvad first, but they just don't play the game of cat and mouse with the streaming providers and all their IPs are pretty much blocked. I have about a 95% success rate with NordVPN (except for Amazon Prime video which have some sort of wizardry and always are able to detect VPNs).
It's a shame because Mullvad has a deal with Tailscale where you can sign up for Mullvad through Tailscale and use any of their servers as a Tailscale exit node. It's super slick and nice since Tailscale has really decent apps for nearly everything (even Apple TV, etc) and I already have a decently sized Tailnet of all my devices / ssh accessible things.
VPNs will become illegal or backdoored, because privacy is becoming illegal.
This is not really a technology problem, it's a social and legislative one. Many of us are afraid of (other people's) privacy, so we vote for legislators that will make it illegal. The legislators stoke this fear of privacy because they want an excuse to deepen their control of discourse, and their own citizens.
Can anyone give info on who owns Trust.Zone VPN? The company saves all credentials and doesn't allow the user to generate anything, such as Wireguard private keys. The service is very likely logging everything, and already admits to logging bandwidth, which is severe enough.
Wouldn't be surprised if this was a honeypot for logging Russian internet users, as it appears to cater to Eastern users.
> ExpressVPN was founded in 2009 by Peter Burchhardt and Dan Pomerantzwe who later sold it to British-Israeli security software company Kape Technologies
You will have to be a lot more specific than "wasn't as good as", to get a response that is helpful to you. What are you looking for in a VPN provider?
Fast/low latency is to some extent diagrammatically opposed to high quality privacy. The fastest route is always you to source. The more hops/mixers/proxies/things you add the worse the experience gets
That's actually interesting. My yearly Proton subscription ended several months ago and I tried both NordVPN and ExpressVPN before switching back to Proton. The other two options had limited server locations and I wasn't a fan of the software/setup. There's also a weird shady vibe with how they do their advertising compared to Proton, can't quite put my finger on it though. Proton's software also seems to be more intuitive (although a bit clunky).
I’m not a big expert on the VPN tech side, but it always seemed to me that the most logical option for those that actually understand about VPN is Proton, or am I missing something here?
Im a happy Proton user myself but if someone wanted the absolute most secure and private and reputable VPN I would point them to Mullvad. The main reason I use Proton is because I use the other apps in their suite as well and I get the VPN in the package deal. The threat model is good enough for my use cases
Company who's blog post this is ain't bad either if you're looking for a non-ecosystem VPN. Proton is trying to be Nord and create an ecosystem of products that store all your most private data, all under the umbrella of 1 company which defeats the whole point of a VPN who should have no data on you (not even an email).
[+] [-] nerdsniper|5 months ago|reply
They don't seem to have Russian ties: "In 2022, CyberCare opened an office in Lviv, Ukraine. Although planning for the move started before the war, according to Dainius Vanagas, CEO of CyberCare, one of the reasons why it was followed through was a desire to help Ukraine rebuild."[0]
They also donated money to help arm Ukraine.
0: https://en.wikipedia.org/wiki/Tesonet
[+] [-] ashirviskas|5 months ago|reply
If they didn't try so hard to fight it, people might care less.
[+] [-] wraptile|5 months ago|reply
Lithuania is a really small country and IT has been a huge economic strategy since early 00s as a way to become economically independent specifically because of Russia and it worked out really well.
[+] [-] fy20|5 months ago|reply
Now they have got more money than they know what to do with so are making VC investments.
[+] [-] moontear|5 months ago|reply
[+] [-] pessimizer|5 months ago|reply
[deleted]
[+] [-] SV_BubbleTime|5 months ago|reply
[+] [-] dongcarl|5 months ago|reply
With Multi-Party Relays you no longer have a trust a single entity not being malicious or compromised.
Disclaimer: I run obscura.net, which does exactly this with Mullvad (our partner) as the Exit Hop.
[+] [-] FlynnLivesMattr|5 months ago|reply
https://discuss.grapheneos.org/d/20059-obscura-vpn-and-mullv...
While I understand potentially not wanting to incorporate in the EU (with Chat Control on the horizon) nor Switzerland (due to their own non-EU-related privacy backslide), why still select the US, which historically other privacy tools have largely avoided? It feels like you're already shooting yourself in the foot, whereas you'd be good in the EU should Chat Control not pass. While it's great that you verifiably can't see a user's internet traffic, you're one US court order away from a forced compromising of the service for a user (or at least, giving up the connecting IP). Historically, EU court orders have been easier and more transparently fought by privacy tools.
Non sequitur, it would be great if you prioritized accepting Monero as payment, like your exit hop Mullvad. Also, how much control do we have over the features Mullvad offers (e.g. DAITA, quantum resistance, DNS filters, IPv6, integration with Mullvad Browser)?
[+] [-] sporkxrocket|5 months ago|reply
[+] [-] Thystler|5 months ago|reply
This is is what i wrote my master thesis on. I ended up not turning it into something proper. Thank you! i love that you did this!
Its awesome! OMG good job!
[+] [-] thenthenthen|5 months ago|reply
[+] [-] mcdonje|5 months ago|reply
[+] [-] crossroadsguy|5 months ago|reply
I now believe that you know your use case and use VPN only for that, and decide whether you really need to pay with parts of your kidneys for a service that claims to be the "uber privacy bulwark of the season" (until proven otherwise, as it happens), and get done with it, and make sure "anonymity and privacy" are not the expectations unless you have gone to great lengths to ensure these two, and if that's the case, you won't be in the market for "list most private VPNs providers" at a search or LLM input box.
If your needs are anonymity, a VPN is not going to solve it— in fact, relying on one might endanger you. Even for privacy, I'd be very careful in trusting a VPN (any VPN).
So if you need a VPN for streaming content from other geographies, just get the one at the best cost that does the job well in your geography, without going through the rabbit hole of cryptographic verification, reputation spiral, etc.
[+] [-] wongarsu|5 months ago|reply
[+] [-] eloisant|5 months ago|reply
For example, France is spying torrent downloads of copyrighted content but they only look at the domestic consumer ISP IP addresses. They ignore all foreign IPs, so if you're using a VPN it doesn't matter if the VPN keeps all the logs they won't bother.
Of course if you're doing things that will get you personally targeted by the police, like cyber-bullying or CSAM, a VPN won't protect you.
[+] [-] andrepd|5 months ago|reply
Why?
[+] [-] rasengan|5 months ago|reply
We solve this with vp.net, by making the service verifiable. The code can be reviewed, the builds are reproducible, and each node can prove what software it’s running and where your traffic actually goes [1].
It doesn’t turn a VPN into an anonymity tool, but it makes trust measurable instead of blind. That’s the part the industry should have fixed a long time ago.
[1] https://youtu.be/sz7NAe0G1_Y
[+] [-] WarOnPrivacy|5 months ago|reply
https://kumu.io/embed/9ced55e897e74fd807be51990b26b415#vpn-c...
[+] [-] zer0tonin|5 months ago|reply
[+] [-] ashirviskas|5 months ago|reply
Some fake debunking in the comments of this thread that is factually almost correct: https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn...
EDIT: ProtonVPN app was "accidentally" signet by Tesonet. How do you think this could happen?
[+] [-] fuckyah|5 months ago|reply
[deleted]
[+] [-] octo888|5 months ago|reply
"Being from Israel, Teddy Sagi had connections with the Israeli military intelligence sphere and was able to procure himself a real-life cyber spy [his co-founder] from the famed Unit 8200 (kinda like Israel’s version of the NSA)" [0]
?
[0] https://windscribe.com/blog/what-is-kape-technologies/
[+] [-] Illniyar|5 months ago|reply
Every Israeli tech company likely has multiple developers from Unit 8200 in it. Whether it's building e-commerce shops or making video games.
While 8200 definitely falls under the military intelligence wing, I don't think describing people in it as Cyber Spies is anywhere near accurate. And unless that guy was very high ranking it is a stretch to imply that's an indication that IL military intelligence is involved in the company.
That is not to say that the military isn't involved with the company - that might very well be true, just that someone being from Unit 8200 isn't an indication of it.
[+] [-] gruez|5 months ago|reply
Does this mean much given that israel has mandatory military service? Unlike in the US where you have to make a conscious choice (eg. patriotism or desperation) to join the CIA/NSA/military, that's not really the case in israel. "has ties to unit 8200" might as well mean "has ties to stanford/MIT/caltech" or "has ties to big tech".
[+] [-] codazoda|5 months ago|reply
https://joeldare.com/ssh-tunnels-my-vpn-alternative-for-priv...
[+] [-] ARandomerDude|5 months ago|reply
That doesn't sound good for privacy.
[+] [-] gorbypark|5 months ago|reply
It's a shame because Mullvad has a deal with Tailscale where you can sign up for Mullvad through Tailscale and use any of their servers as a Tailscale exit node. It's super slick and nice since Tailscale has really decent apps for nearly everything (even Apple TV, etc) and I already have a decently sized Tailnet of all my devices / ssh accessible things.
[+] [-] Nifty3929|5 months ago|reply
This is not really a technology problem, it's a social and legislative one. Many of us are afraid of (other people's) privacy, so we vote for legislators that will make it illegal. The legislators stoke this fear of privacy because they want an excuse to deepen their control of discourse, and their own citizens.
So really, everybody wins!
[+] [-] justapassenger|5 months ago|reply
1. Getting access to geolocked data
2. Torrenting "Linux ISOs"
?
[+] [-] RyanShook|5 months ago|reply
Were VPNs ever really providing privacy? The underlying business model is selling user data.
[+] [-] daveidol|5 months ago|reply
[+] [-] Ms-J|5 months ago|reply
Wouldn't be surprised if this was a honeypot for logging Russian internet users, as it appears to cater to Eastern users.
[+] [-] laylower|5 months ago|reply
[+] [-] userbinator|5 months ago|reply
All it takes is an unattended machine for someone to boot another os on and grab the file
If you're going to the trouble of using a VPN, that is not a very likely scenario, and ditto for other users(!) on your machine.
[+] [-] brikym|5 months ago|reply
> ExpressVPN was founded in 2009 by Peter Burchhardt and Dan Pomerantzwe who later sold it to British-Israeli security software company Kape Technologies
Close enough.
[+] [-] cchance|5 months ago|reply
[+] [-] kovrik|5 months ago|reply
[+] [-] yegor|5 months ago|reply
[+] [-] tacker2000|5 months ago|reply
But if Nord is sketchy, what is the recommended one?
[+] [-] zelphirkalt|5 months ago|reply
[+] [-] flexagoon|5 months ago|reply
[+] [-] Havoc|5 months ago|reply
Fast/low latency is to some extent diagrammatically opposed to high quality privacy. The fastest route is always you to source. The more hops/mixers/proxies/things you add the worse the experience gets
[+] [-] y-c-o-m-b|5 months ago|reply
[+] [-] dkga|5 months ago|reply
[+] [-] SOLAR_FIELDS|5 months ago|reply
[+] [-] davkan|5 months ago|reply
[+] [-] yegor|5 months ago|reply
PS. I'm from the company who's blog post this is.