New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
About NordVPN
So I have been happily using NordVPN for over a year and usually recommend it if someone is looking for a vpn to unblock flix.
Up until recently I was also saying it was relatively (let's not fool ourselves: most vpn providers are a black sheep at some point) "secure". However I have stumbled upon this blog entry which has been posted on reddit which made me discontinue using their custom client (although internet kill Switch, cybersec and some other nice Features) on my systems and only use the OpenVPN Client now.
You might wanna read about this too, if you wanna use NordVPN or are using it already:
https://goo.gl/Xoy4TG
Comments
This is why you use PIA.
How can you be sure they don't have something similar going on behind the scenes? To be honest when it comes to trusting a VPN provider with your data you can only determine it by their Reputation (which both Nord and PIA have a generally good one), their time in the industry (both well established), their performance (free trials), their country of jurisdiction & privacy policy and their set of features of what you need. NordVPN has been solid for my needs so far and it comes out on top of most reviews (even tough I am aware there are enough shilled vpn reviews from all providers out there). Even the probably most renowned vpn comparison site ThatOnePrivacySite shows it to be quite good
https://thatoneprivacysite.net/vpn-section/ .
That being said I don't think a VPN alone makes me anonymous or untraceable. I use it 99% to unblock netflix and crunchyroll and for that it works just fine. For my convenience I will be using OpenVPN Client from now on when not at home. At home I am using a SmartDNS on my router, no vpn.
PIA has had independant reviews done in terms of logging that verify they don't do it and it has also been confirmed in a US court case were PIA was subpoenaed and could only provide transaction logs. I VPN my entire router so I am unaware of their private app but just how the PIA staff talk on their forums, I trust them.
Sure they appear to be authentic but so does any vpn provider with a good PR rep. I can't link you the source right off the bat but I can assure you I have watched their awesome security professionals YouTube video "we do not log" and a couple clicks and comments on reddit/youtube (cant remember) found an interesting post about how it wasn't proven in US coirt that PIA does not log but only said by them in US court. I think the respective courtdocument is available somewhere at torrentfreak and even if you google "private internet access fake court document" there is plenty of posts showing up that will forward towards that document. As I said I dont have the links anymore as I dont use PIA and didnt really care back then but I remember coming to the conclusion that under the data/information I had discovered by then PIAs statement regarding their courtorder is not really what they want it to sound like.
That article does seem worrying. A long time ago before I bought PIA subscriptions I considered NordVPN but there was a reason I didn't pick them, don't recall why, but it was either price or something I found with security. I've used PIA for a long time now on and off and I'm always able to max out my connection on their servers, no connection issues or blocked sites. Apps work fine. #PIAShill
Not saying PIA is bad at all. It surely is among the top vpn providers but so apparently is Nord. Hell I dont even know if I trust Perfect Privacy with their 13€/month (?!) that much more than Nord or any other fairly reputable vpn provider .
Just some links:
https://airvpn.org/topic/23959-private-internet-access-caught-lying-about-their-no-logging-statements/
https://www.privateinternetaccess.com/forum/discussion/26284/pia-looks-like-you-were-not-turthful-in-the-announcement-request-for-info
Taken from the links:
Anyway: I am not aiming to trashtalk PIA. If you are happy with them by all means stick to them. They are one of the reasonably good providers out there for sure. This thread was dedicated to let NordVPN users or potential subscribers know about this beforehand.
It's threads like this that make me realize that most LES boxes I have ordered over the last couple of months serve me well as VPN.
Still, this is really bad. I wonder if their TUN/TAP driver is slightly modified as well...
Indeed. The TUN/TAP driver was acctually compared in the blog (original openvpn one vs. Nord one):
LES boxes don't give you the ability to disappear in the crowd though. Surely you are not gonna be completely anonymous with a VPN Service either but for some use cases (journalists, media streaming..) it can be of use to just not be that easily tracked down to the individual.
Update: I just tested OpenVPN GUI instead of Nord app and I have reached waaay better results:
App never got me past 30 mbits.
I think the wording of 'proven in court' is what the main issue is here in these paragraphs, I haven't read the URL's yet but based on what you've quoted, whoever it is, isn't accepting the fact they couldn't provide any logs as proof that they DON'T log at all. To be honest nobody will ever truly know but I just have a gut feeling about PIA as I mentioned about their forums. I read a staff reply a few weeks ago where a staff member literally threatened to leave if he ever found out PIA was logging, obviously he could've been talking out of his ass but idk.
I don't even do anything illegal, I just don't like my home country logging my details for up to 2 years and being able to access it without a warrant as well. (I also don't drop speed at ALL so I thought it was worth it.)
Fair point. With Nord I was also only following my gut feeling. Tbh I will continue using it but with openvpn on windows only, not their client. Their android client seems to not request any additional permissions so I'm keeping it as it is a good adblock if I dont use Brave Browser.
And the recent speedtest result yielding waaay better results than I was used to with nord, I will happily use it.
I'm using it through Pfsense (my router) for my entire connection and use dblblock on Pfsense aswell, I mainly just like it because I get full speed verse any other VPN I've tried lmao.
Ah I quickly skimmed through the article and missed the TUN/TAP driver part, sorry. Would be interesting to decompile I guess, if I can spare some time.
As for the LES boxes, you're right, though probably most of them are being used for VPN's, and they do share 1 IPv4 address. The main benefit is that less people abuse them, so less cloudflare / Google issues (solving captcha's, etc). I usually only use them on public WiFi connections (e.g. airports), to lift country restrictions (when abroad), and torrenting (I have a box with cociu for that, not doing this on LES boxes obviously).
People forgot about a very interesting thing, they really miss it.
Why do antiviruses not react at all?) No, I'm serious. Why do any of antivirus software not warning users and writing loud messages about KERNEL HIJACKING? WTF? Is it a joke or what? Or is it quality of antivirus? Or if the app has a signature - that means everything is ok? Or what?
I wish to say in my message next: that antivirus KNOW and CAN SEE such activities, but they do not alarm about it at all.
Because of what? What is the main purpose of antiviruses? And where is a difference between NordVPN illegal activities and custom hand-made spyware/trojan/virus?
Of course, they will after the leak and when will begin a hype around NordVPN.
But this is just a few cents of information what you MUST think about.
It really depends on the antivirus software. Most of them do not use that advanced algorithms to detect viruses, but use a virus definition database instead. So instead of detecting a virus, they look for activities that look like a virus and has been discovered before. That's totally different. They look for the known, instead of detecting the unknown.
On top of that, there are very legitimate reasons to hook into the kernel. I have Logitech Gaming software that hooks into the kernel, because I want my mouse to turn down the volume if I press a certain button and I want this to work system-wide.
You can easily write a keylogger by simply using SetWindowsHookEx for example. That's just the way it is.
In my case I am using ESET INTERNET SECURITY paired with Malwarebytes Premium and they did not detect anything.
I'm a big fan of ESET myself and no, they don't detect anything, and I don't think they should as I explained before, too many legitimate reasons for an application to hook into the kernel.
To know about such things it would have tp do quite a bit of hijacking itself. Antivirus software is somewhat snake oil and last line of defense anyways but i'd argue it's just wrong to expect a safety net against actual running code. The downsides of messing with OS functionality are just not worth it while becoming a race about who hijacks first and in the end it'll just trigger a downwards spiral where malware goes lower and lower in regards to the api it detours so soon you'll have actual kernel drivers racing each other. That wouldn't be pretty at all.
TL;DR: Don't expect AV software to be a magical solution to installing untrusted software.
ESET in a nutshell.
there is no sense to buy it then.
Virus database I can check manually via downloading scripts, or via virustotal.
We buying antiviruses for helping us defend against illegal activities from something, not for their signatures.
That all I wish to say above. And this is very pity, that no one does anything against real problems, but call themselves like a solution against all headache and asking for a money.
Sadly there is little they can offer beyond signatures and even there chances are that if the threat is new enough you are still screwed since malware authors are always one step ahead. Sure sometimes the heuristics are going to manage identifying an unknown threat but it'll never be anywhere near reliable.
Agreed. The AV companies marketing propaganda is very dishonest. They know very well that following a handful of basic security principles offers more protection than any software will ever be capable of but still act like it's essential to use their products. Even worse they act like their software will somehow magically keep people safe giving them a false sense of security and thereby supporting careless behaivour.
Atleast Malwarebytes keeps people safer when browsing, that's for sure.
Did you really just create a tracker link to complain about someone spying on you?
The irony…
Did you really bother to write this?
So... What's the issue here?
How? When some exploit hits you all that matters is if it can detect the payload or not. Sure it's safer but still nowhere near safe. As i said it's a last line of defense. Something to pray for in case everything else fails. I guess if detection rates for anything recent exceed 50% you are seriously lucky. Automatic protection will never be reliable and anyone telling you otherwise has some AV software to sell.
I said safer not safe. Chances are that if you click on malicous popups (e.g. the play button on those streaming sites) mwb will block 9/10.
TeaTimer did a great job of this back in the day.