The phrase in the title is a common trope that comes up when VPN services are discussed. While this statement is technically correct, it can be misleading, as it implies that all providers handle law enforcement requests and prepare for worst case scenarios similarly, so their conduct cannot be a differentiating factor when you evaluate them.
It is something to always take into consideration and not forget.
Verifiably no logs without court order (I’m guessing canary pages have gone the way of the dodo now, probably boilerplate in the orders, maybe wrong according to the article, perhaps in some jurisdictions) would be awesome. Verified by external audit is about as good as we can get, so proton, tutanota, I think, others muchly appreciated. I think one of them setup their OS in volatile RAM, which is cool, but probably not legally protective.
No, I don’t expect you to go to jail for me, but due diligence minimising knowledge will bump you up my list of providers to choose.
One problem here is those that do verify, usually don’t allow torrenting ports, so, no ratios for you. Anyone know what the over/under is on lesser tier VPNs that port share vs a VPS (with all its potential, but which country?) vs Usenet? Looking to have a clue when the time comes, knowledge gratefully accepted :)
I love Mullvad and recommend them for everything other than torrenting. Once they disabled port forwarding I moved to AirVPN who seem to be pretty legit.
I’m not trying to keep my ratios up but I have a few torrents of media that are not available anywhere for sale and have less than 10 seeds, so I feel like I am helping keep the shows and movies of my childhood alive.
Good person. Much like I would like to do. I’d be happy with a VPN for personal use and another one for torrenting (gluetun compatible preferably) Shall look at AirVPN, thanks.
yes, but you can only download from peers with port forwarding enabled, and you can also only upload to port forwarding peers, so generally its fine for downloading, but if you want to keep ratio (uploading) on a private tracker you need port forwarding
I mean, if you set up your os on an encrypted ram disk, then set it to restart when the server rack door was unlocked/opened and didn’t leave a backdoor for yourself to remote in, you could have a situation where you entirely lack the capability to give them access to anything before that moment. A skilled hacker might be able to get in through an exploit or do something crazy with cryogenics to read the memory at the time of shutdown, but a quick restart would overwrite most of what’s in memory and scrub that
Legally, there’s not much better defense than “I’m sorry your honor, I can’t provide access to the running system in the same way I can’t un-shatter a smashed mug”. If someone shows up with a warrant, you could explain that it’ll wipe itself if they open or unplug it, and it might’ve done so already. Then you guide them to it, hand over the key to the server cabinet, and let them decide to open the cabinet and destroy evidence so they can take it with them. Or they can take you at your word, and give up.
Court orders can’t break physics, and as a VPN your reasoning for setting up the system like this is to make your service more appealing to customers - the purpose is not to aid in a crime or destroy evidence, it’s just the normal course of business.
The same way that most companies wipe their emails after 30 days - yes, it potentially destroys incriminating paper trails, but that’s just a side effect of the security policy you’ve had all along
Granted, there’s probably some sketchy sealed laws they could use to force you to backdoor your own system moving forward, but you can fight that as it’s undue hardship. It requires a non-negligible amount of work and would make your product less competitive
They might win in the end if they keep pushing, and even might be able to order you to “keep up the canary paper” (meaning keep claiming not even you have access to the running system), but more likely they’d get a warrant for your customer financial records and try to find an easier path to find what they want elsewhere
True, it’s probably overkill. But even if you don’t log, they could theoretically start live monitoring the VPN with a court order… With a setup like this, there’s no front door or backdoor, just an ephemeral image you have to restart to modify. You’d have to write in access methods and rebuild to get in… The government can’t just walk in and demand you stop what you’re doing and build something for them
It does add security, even if you might not need that level of security
Verifiably no logs without court order (I’m guessing canary pages have gone the way of the dodo now, probably boilerplate in the orders, maybe wrong according to the article, perhaps in some jurisdictions) would be awesome. Verified by external audit is about as good as we can get, so proton, tutanota, I think, others muchly appreciated. I think one of them setup their OS in volatile RAM, which is cool, but probably not legally protective.
No, I don’t expect you to go to jail for me, but due diligence minimising knowledge will bump you up my list of providers to choose.
One problem here is those that do verify, usually don’t allow torrenting ports, so, no ratios for you. Anyone know what the over/under is on lesser tier VPNs that port share vs a VPS (with all its potential, but which country?) vs Usenet? Looking to have a clue when the time comes, knowledge gratefully accepted :)
I love Mullvad and recommend them for everything other than torrenting. Once they disabled port forwarding I moved to AirVPN who seem to be pretty legit.
I’m not trying to keep my ratios up but I have a few torrents of media that are not available anywhere for sale and have less than 10 seeds, so I feel like I am helping keep the shows and movies of my childhood alive.
They did have a server seized (physically) in 2015: https://lemmy.dbzer0.com/post/6754830
Though apparently there were no logs.
Interestingly though, that forum post was now deleted from AirVPN site. Strange…
Hmm, TIL, thanks.
Good person. Much like I would like to do. I’d be happy with a VPN for personal use and another one for torrenting (gluetun compatible preferably) Shall look at AirVPN, thanks.
Just switched to Mullvad and haven’t tried torrenting with it yet… Doesn’t work? Or just slow?
yes, but you can only download from peers with port forwarding enabled, and you can also only upload to port forwarding peers, so generally its fine for downloading, but if you want to keep ratio (uploading) on a private tracker you need port forwarding
I mean, if you set up your os on an encrypted ram disk, then set it to restart when the server rack door was unlocked/opened and didn’t leave a backdoor for yourself to remote in, you could have a situation where you entirely lack the capability to give them access to anything before that moment. A skilled hacker might be able to get in through an exploit or do something crazy with cryogenics to read the memory at the time of shutdown, but a quick restart would overwrite most of what’s in memory and scrub that
Legally, there’s not much better defense than “I’m sorry your honor, I can’t provide access to the running system in the same way I can’t un-shatter a smashed mug”. If someone shows up with a warrant, you could explain that it’ll wipe itself if they open or unplug it, and it might’ve done so already. Then you guide them to it, hand over the key to the server cabinet, and let them decide to open the cabinet and destroy evidence so they can take it with them. Or they can take you at your word, and give up.
Court orders can’t break physics, and as a VPN your reasoning for setting up the system like this is to make your service more appealing to customers - the purpose is not to aid in a crime or destroy evidence, it’s just the normal course of business.
The same way that most companies wipe their emails after 30 days - yes, it potentially destroys incriminating paper trails, but that’s just a side effect of the security policy you’ve had all along
Granted, there’s probably some sketchy sealed laws they could use to force you to backdoor your own system moving forward, but you can fight that as it’s undue hardship. It requires a non-negligible amount of work and would make your product less competitive
They might win in the end if they keep pushing, and even might be able to order you to “keep up the canary paper” (meaning keep claiming not even you have access to the running system), but more likely they’d get a warrant for your customer financial records and try to find an easier path to find what they want elsewhere
You really dont need to do all that if you just dont log to begin with
True, it’s probably overkill. But even if you don’t log, they could theoretically start live monitoring the VPN with a court order… With a setup like this, there’s no front door or backdoor, just an ephemeral image you have to restart to modify. You’d have to write in access methods and rebuild to get in… The government can’t just walk in and demand you stop what you’re doing and build something for them
It does add security, even if you might not need that level of security